www.secured.domains Open in urlscan Pro
144.202.61.198 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://liontreefinancial.com/
Effective URL:
https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Submission: On December 15 via api (December 15th 2024, 11:50:59 am UTC) from BE — Scanned from US

Summary HTTP 90 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 12 domains to perform 90 HTTP transactions. The main IP is 144.202.61.198, located in Elk Grove Village, United States and belongs to AS-VULTR, US. The main domain is www.secured.domains.
TLS certificate: Issued by E6 on October 29th 2024. Valid for: 3 months.

This is the only time www.secured.domains was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	76.223.67.189 76.223.67.189	16509 (AMAZON-02) (AMAZON-02)
1	142.251.179.106 142.251.179.106	15169 (GOOGLE) (GOOGLE)
4	23.212.249.79 23.212.249.79	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	18.233.146.136 18.233.146.136	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2600:1408:c40... 2600:1408:c400:1887::228b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
43	144.202.61.198 144.202.61.198	20473 (AS-VULTR) (AS-VULTR)
2	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
2	142.251.179.147 142.251.179.147	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
15	142.251.167.94 142.251.167.94	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::8b	15169 (GOOGLE) (GOOGLE)
4	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
1	172.253.122.97 172.253.122.97	15169 (GOOGLE) (GOOGLE)
90	15

2 76.223.67.189 (United States)

ASN16509 (AMAZON-02, US)
PTR: a67c48129651a0940.awsglobalaccelerator.com

liontreefinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.179.106 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.212.249.79 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-212-249-79.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.233.146.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-146-136.compute-1.amazonaws.com

api.aws.parking.godaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:1887::228b (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

www.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gui.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 144.202.61.198 (Elk Grove Village, United States)

ASN20473 (AS-VULTR, US)
PTR: 144-202-61-198.constant.com

www.secured.domains	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secured.domains	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.179.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.251.167.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	secured.domains www.secured.domains secured.domains	5 MB
16	gstatic.com fonts.gstatic.com www.gstatic.com	867 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	81 KB
4	wsimg.com img1.wsimg.com — Cisco Umbrella Rank: 10742	177 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	280 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3	53 KB
2	secureserver.net 1 redirects www.secureserver.net — Cisco Umbrella Rank: 635764 gui.secureserver.net — Cisco Umbrella Rank: 347354	4 KB
2	godaddy.com api.aws.parking.godaddy.com — Cisco Umbrella Rank: 61999	1 KB
2	liontreefinancial.com liontreefinancial.com	1 KB
0	facebook.com Failed www.facebook.com Failed
90	12

	Domain	Requested by
39	www.secured.domains	img1.wsimg.com www.secured.domains
15	fonts.gstatic.com	fonts.googleapis.com
4	connect.facebook.net	liontreefinancial.com connect.facebook.net
4	secured.domains	www.secured.domains
4	img1.wsimg.com	liontreefinancial.com img1.wsimg.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	www.secured.domains
3	www.googletagmanager.com	www.secured.domains www.googletagmanager.com www.google-analytics.com
3	www.google.com	liontreefinancial.com www.secured.domains www.gstatic.com
2	api.aws.parking.godaddy.com	img1.wsimg.com
2	liontreefinancial.com	liontreefinancial.com
1	gui.secureserver.net	www.secured.domains
1	www.gstatic.com	www.google.com
1	www.secureserver.net	1 redirects
0	www.facebook.com Failed	www.secured.domains
90	15

This site contains links to these domains. Also see Links.

Domain
sso.secureserver.net
account.secureserver.net
www.liontreegroup.com

Subject Issuer	Validity	Valid
liontreefinancial.com Go Daddy Secure Certificate Authority - G2	`2024-12-13` - `2025-12-13`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2024-09-19` - `2025-10-21`	a year	crt.sh
*.aws.parking.godaddy.com Go Daddy Secure Certificate Authority - G2	`2024-04-15` - `2025-05-17`	a year	crt.sh
secured.domains E6	`2024-10-29` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2024-10-17` - `2025-11-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-23` - `2024-12-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Frame ID: 91DDA924B30CB48900CCBDA6A3684DB7
Requests: 90 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKJEApAAAAAB4rM_8pOV5SPfXmuQ9O7iNFx1pO&co=aHR0cHM6Ly93d3cuc2VjdXJlZC5kb21haW5zOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=dx8tye4vl13a
Frame ID: 04950F65ADDE65BD800F43635D28BBB5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WordPress Website Maintenance, Hosting | Secured Domains Madison WI

Page URL History Show full URLs

https://liontreefinancial.com/ Page URL
https://liontreefinancial.com/lander Page URL
https://www.secureserver.net/?isc=PLPPT02003&ci=81494&prog_id=527117&domain=liontreefinancial.com HTTP 302
https://www.secured.domains/?isc=PLPPT02003&isRedirect=1 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

90
Requests

93 %
HTTPS

36 %
IPv6

12
Domains

15
Subdomains

15
IPs

1
Countries

6980 kB
Transfer

10622 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://sso.secureserver.net/login?plid=527117&prog_id=527117&realm=idp&path=%2Fproducts&app=account
Title: Client Login

Search URL Search Domain Scan URL

URL: https://account.secureserver.net/?plid=527117&marketId=en-US&currencyType=USD
Title: Sign In

Search URL Search Domain Scan URL

URL: https://sso.secureserver.net/logout/?plid=527117&marketId=en-US&currencyType=USD
Title: Log Out

Search URL Search Domain Scan URL

URL: https://www.liontreegroup.com/
Title: Lion Tree Group

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://liontreefinancial.com/ Page URL
https://liontreefinancial.com/lander Page URL
https://www.secureserver.net/?isc=PLPPT02003&ci=81494&prog_id=527117&domain=liontreefinancial.com HTTP 302
https://www.secured.domains/?isc=PLPPT02003&isRedirect=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

90 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
liontreefinancial.com/ 114 B
173 B 315ms
87ms Document
text/html 76.223.67.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://liontreefinancial.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.67.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a67c48129651a0940.awsglobalaccelerator.com
Software: /
Resource Hash: 6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 114
content-type: text/html
date: Sun, 15 Dec 2024 11:50:52 GMT

GET
H2 200 lander Show response
liontreefinancial.com/ 536 B
977 B 89ms
89ms Document
text/html 76.223.67.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://liontreefinancial.com/lander

Requested by

Host: liontreefinancial.com
URL: https://liontreefinancial.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.67.189 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a67c48129651a0940.awsglobalaccelerator.com

Software

openresty /

Resource Hash

10d71cad756348090df851f93bfb8877c72aacef2b723087566420bfb84e82c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://liontreefinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=86400
content-length: 536
content-type: text/html
date: Sun, 15 Dec 2024 11:50:52 GMT
server: openresty
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_KeQKrPeCkvQqfpKHlzvfL7m+ANK+iOTxOpLyQU/yIKm0YM5wtCxHOPvV8TYPzlLCdMekPWpzYx2fvPRhewIuFQ
x-content-type-options: nosniff

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ 143 KB
52 KB 391ms
134ms Script
text/javascript 142.251.179.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true

Requested by

Host: liontreefinancial.com
URL: https://liontreefinancial.com/lander

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f106.1e100.net

Software

sffe /

Resource Hash

56141a6a41864d1769c3eacbaa33834330006010635f0746a74a01627ee7f84c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://liontreefinancial.com/

Response headers

content-encoding: gzip
etag: "14945032603554686107"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 11:50:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 11:50:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
link: <https://syndicatedsearch.goog>; rel="preconnect"
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-xss-protection: 0
server: sffe

GET
H2 200 main.203056e5.js Show response
img1.wsimg.com/parking-lander/static/js/ 678 KB
175 KB 526ms
123ms Script
application/javascript 23.212.249.79
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/parking-lander/static/js/main.203056e5.js
Requested by: Host: liontreefinancial.com
URL: https://liontreefinancial.com/lander
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.79 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-249-79.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1fccb5214073a256d7cc8dd1d35da87cde9c4c8964fc91f1272525425fc00385

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://liontreefinancial.com/

Response headers

content-encoding: gzip
etag: "d4150b0548622b8cfaaeb5e44b3bc500"
x-amz-version-id: k6PBMTfroQ3vvxAD4MqrWJ.JQzMuwLzz
expires: Mon, 15 Dec 2025 11:50:52 GMT
date: Sun, 15 Dec 2024 11:50:52 GMT
last-modified: Wed, 04 Dec 2024 21:18:50 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 0W5Gnm0UDP6Gp8skE6m8CjI4jAVdVQ6aDF42LRZ93H0S28RwhFvP6wf8D1cDrtDbWxTVnWaqAyxJgdyamjlDiw==
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-request-id: RBA04CEH70WAVP0R
accept-ranges: bytes
access-control-allow-origin: *
content-length: 178946
x-amz-server-side-encryption: AES256

GET
H2 200 main.8b4b0fd9.css
img1.wsimg.com/parking-lander/static/css/ 6 KB
2 KB 522ms
119ms Stylesheet
text/css 23.212.249.79
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/parking-lander/static/css/main.8b4b0fd9.css
Requested by: Host: liontreefinancial.com
URL: https://liontreefinancial.com/lander
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.79 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-249-79.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: de8d7fc2b4281251d0841f714464bfac8c6bf261524a5b90dc1cce8a21b80c59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://liontreefinancial.com/

Response headers

content-encoding: gzip
etag: "6b04485d759f91c2a552b5cc0fd8df90"
x-amz-version-id: t2U_dN4PNTVi6jXJsFcE4wUZVgavqpxO
expires: Mon, 15 Dec 2025 11:50:52 GMT
date: Sun, 15 Dec 2024 11:50:52 GMT
last-modified: Wed, 04 Dec 2024 21:18:53 GMT
content-type: text/css
vary: Accept-Encoding
x-amz-id-2: 8AqE+Bx84ivp+3lGhIwj+rH11pLgjfNswgWPVFbupaMTMMiWJ9+AySqjyTbaPRiu3EpoLDk3V2bzuw6xLWnJwg==
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-request-id: RBA2V0PAXGENA7CE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1552
x-amz-server-side-encryption: AES256

GET
H2 200 px.js
img1.wsimg.com/parking-lander/ 0
0 474ms
120ms Fetch
application/javascript 23.212.249.79
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/parking-lander/px.js?ch=1&abp=1&gdabp=true
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.203056e5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.79 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-249-79.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://liontreefinancial.com/

Response headers

content-encoding: gzip
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id: x.HvhmIHfEKrYgOvtwaoVIlm6vJUsOTI
expires: Mon, 15 Dec 2025 11:50:53 GMT
date: Sun, 15 Dec 2024 11:50:53 GMT
last-modified: Wed, 04 Dec 2024 21:18:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: he78oP05MXkHRDJ+nPivxt+VZ/2zVM5snts/+96ZZdArr2KfCnCmi56O//a+NeuuYnPuKMgYTSY=
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-request-id: YYWVS4N86QH3FX3N
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20
x-amz-server-side-encryption: AES256

GET
H2 200 liontreefinancial.com Show response
api.aws.parking.godaddy.com/v1/parking/landers/ 961 B
1 KB 375ms
138ms Fetch
application/json 18.233.146.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aws.parking.godaddy.com/v1/parking/landers/liontreefinancial.com?trafficTarget=reseller&abp=1&gdabp=true
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.203056e5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.146.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-146-136.compute-1.amazonaws.com
Software: /
Resource Hash: 577a1ca1d9fa1942ad93d62cad2f5a0cc72d3317417e8d75455c52502b4c1e0d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Request-Id: f93a9460-f0b8-4b00-a6e0-20c8e6f13c31
Referer: https://liontreefinancial.com/

Response headers

access-control-max-age: 600
x-request-id: f93a9460-f0b8-4b00-a6e0-20c8e6f13c31
cache-control: Private,max-age=86400
access-control-allow-credentials: true
access-control-allow-origin: https://liontreefinancial.com
content-length: 961
date: Sun, 15 Dec 2024 11:50:54 GMT
content-type: application/json

OPTIONS
H2 200 liontreefinancial.com
api.aws.parking.godaddy.com/v1/parking/landers/ Frame 0
0 418ms
121ms Preflight 18.233.146.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aws.parking.godaddy.com/v1/parking/landers/liontreefinancial.com?trafficTarget=reseller&abp=1&gdabp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.146.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-146-136.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://liontreefinancial.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://liontreefinancial.com
access-control-max-age: 600
content-length: 0
date: Sun, 15 Dec 2024 11:50:53 GMT
x-request-id: DTR-oQOl

GET
H2 200 px.js
img1.wsimg.com/parking-lander/ 0
0 122ms
122ms Fetch
application/javascript 23.212.249.79
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/parking-lander/px.js?ch=2&abp=2&gdabp=true
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.203056e5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.79 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-249-79.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://liontreefinancial.com/

Response headers

content-encoding: gzip
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id: x.HvhmIHfEKrYgOvtwaoVIlm6vJUsOTI
expires: Mon, 15 Dec 2025 11:50:54 GMT
date: Sun, 15 Dec 2024 11:50:54 GMT
last-modified: Wed, 04 Dec 2024 21:18:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: QtcgPbnF5xYdK4ja9S3jKkf2mDSS+J8CE0VEClaPF6jAHDfAInPXVTBNhB5PbG6MbCrQswX1cu4=
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-request-id: H5QR7VBMMJF6M32A
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20
x-amz-server-side-encryption: AES256

GET
H2

200

Primary Request / Show response
www.secured.domains/
Redirect Chain

https://www.secureserver.net/?isc=PLPPT02003&ci=81494&prog_id=527117&domain=liontreefinancial.com
https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

127 KB
27 KB

648ms
111ms

Document
text/html

144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.203056e5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: cda3a3d66954bd99f24060db7956db301d46f9ea1e8e95692430c4e834b70222

Request headers

Referer: https://liontreefinancial.com/lander
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-length: 26947
content-type: text/html; charset=UTF-8
date: Sun, 15 Dec 2024 11:50:55 GMT
link: <https://www.secured.domains/wp-json/>; rel="https://api.w.org/" <https://www.secured.domains/wp-json/wp/v2/pages/2>; rel="alternate"; title="JSON"; type="application/json" <https://www.secured.domains/>; rel=shortlink
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 164
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Dec 2024 11:50:55 GMT
Expires: Sun, 15 Dec 2024 11:50:55 GMT
Location: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Pragma: no-cache
Server: envoy
Vary: Accept
X-ARC: 101
x-envoy-upstream-service-time: 204
x-powered-by: Slay

GET
H2 200 webfontloader.min.js Show response
www.secured.domains/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 146ms
145ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "2f42-6720253f-175ac69;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4645
date: Sun, 15 Dec 2024 11:50:55 GMT
last-modified: Mon, 28 Oct 2024 23:58:55 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H2 200 68ede850cc973b19ea890939fda3a0e9.css
www.secured.domains/wp-content/litespeed/css/ 110 KB
13 KB 144ms
144ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/68ede850cc973b19ea890939fda3a0e9.css?ver=043f6
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: c87d5b8432db51d821cbfe3dc9caa4e3626a9ffc84cb0a2f495b9bdb67094530

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "1b625-675ec078-186cca8;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13551
date: Sun, 15 Dec 2024 11:50:55 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 256 KB
90 KB 403ms
155ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WDK2FXF

Requested by

Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bab14cf2c3576aecc666ee575cda2f9130795ebe8beaede982aa83e69b4d5dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 15 Dec 2024 11:50:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 11:50:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 15 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91183
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bb6e5a0f8f7cad1c43f120fc8bf6b4b3.css
www.secured.domains/wp-content/litespeed/css/ 0
49 B 146ms
140ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/bb6e5a0f8f7cad1c43f120fc8bf6b4b3.css?ver=46281
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
etag: "0-675ec078-186cca9;;;"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
date: Sun, 15 Dec 2024 11:50:55 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css

GET
H2 200 c1781e3f205b0b0ff81282700cb82aa7.css
www.secured.domains/wp-content/litespeed/css/ 58 KB
34 KB 147ms
142ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/c1781e3f205b0b0ff81282700cb82aa7.css?ver=f3696
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: cb09b363564f8d8aee9bebbf4cd2f1f6437a8d9394c07a0e01ef07856328e871

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "e6a6-675ec078-186ccaa;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 35104
date: Sun, 15 Dec 2024 11:50:55 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 84bd1b2f2d575713c670ae5de83b347d.css
www.secured.domains/wp-content/litespeed/css/ 4 KB
1 KB 226ms
221ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/84bd1b2f2d575713c670ae5de83b347d.css?ver=51f49
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 580456f01b2098a74096340ca74b3ff4a7475386da46ec423ade90d62166a0fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "f8f-675ec078-186ccab;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1105
date: Sun, 15 Dec 2024 11:50:55 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 6262009f4d54937b75c92f86e2662cf7.css
www.secured.domains/wp-content/litespeed/css/ 153 KB
24 KB 226ms
221ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/6262009f4d54937b75c92f86e2662cf7.css?ver=2a83b
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: ed06f93c070bbaf6e4fe4e339b4b02b99d9319acc721f6692862c958456611fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "262ae-675ec078-186ccac;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 24551
date: Sun, 15 Dec 2024 11:50:55 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 ba99f0e885b62fe473da1a607f7d97aa.css
www.secured.domains/wp-content/litespeed/css/ 3 KB
848 B 278ms
273ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/ba99f0e885b62fe473da1a607f7d97aa.css?ver=640bf
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 7ac5a4f9a8a222d7d30c208202e78143d9a73011d99b896d858c2a3d0661f9f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "de5-675ec078-186ccad;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 783
date: Sun, 15 Dec 2024 11:50:55 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 059c25a9113fe468392437928fc7aff2.css
www.secured.domains/wp-content/litespeed/css/ 1 KB
405 B 279ms
274ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/059c25a9113fe468392437928fc7aff2.css?ver=bd328
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 3675f74a480863e6d65a15bf3be2fe0e1ae748863d6ebf708556dc5cd142899f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "490-675ec078-186ccae;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 340
date: Sun, 15 Dec 2024 11:50:55 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 cd90a749a95dfac923feb3d03a879f10.css
www.secured.domains/wp-content/litespeed/css/ 3 KB
574 B 279ms
275ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/cd90a749a95dfac923feb3d03a879f10.css?ver=8e585
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 85d147b591ba2697b6a44a136993a30d8dde42eb277f603bfca620a13240d05a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "b52-675ec078-186ccaf;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 510
date: Sun, 15 Dec 2024 11:50:55 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 bc02054b01aa5d06fcbe4042d4449e67.css
www.secured.domains/wp-content/litespeed/css/ 451 KB
40 KB 278ms
274ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/bc02054b01aa5d06fcbe4042d4449e67.css?ver=e8857
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 03073d11854cf9e21b8770a96df762ac5517d5b49cb42206e70790bcecc91a49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "70bf9-675ec078-186d281;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 40363
date: Sun, 15 Dec 2024 11:50:55 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 238d7b8b35dee82deb6536014632ec46.css
www.secured.domains/wp-content/litespeed/css/ 15 KB
3 KB 342ms
338ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/238d7b8b35dee82deb6536014632ec46.css?ver=6f1f5
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: a4b555a4508ca05aaee2849ea8f7ef5045554691eed118c41b51b225b35be896

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "3d55-675ec078-186ccb0;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2799
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 73a471b390191b267974b37a2ffc957b.css
www.secured.domains/wp-content/litespeed/css/ 35 KB
5 KB 343ms
340ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/73a471b390191b267974b37a2ffc957b.css?ver=84cf7
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: e4672611b815896ae5805a55a0cbc9524a4dc51c35eb96141a502f08e63fd721

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "8bf1-675ec078-1858c77;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5020
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 1f44de9008388e28ac19a6606c56c5a8.css
www.secured.domains/wp-content/litespeed/css/ 404 KB
52 KB 343ms
340ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/1f44de9008388e28ac19a6606c56c5a8.css?ver=cb1f4
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 642a665c1a0b29d5d3814341cef95e6df74ff5db7b26f832852fd155405453f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "64e6e-675ec078-186ccb1;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 53547
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 ed7ab92e5c64290bd0f70b424a07724c.css
www.secured.domains/wp-content/litespeed/css/ 0
48 B 387ms
384ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/ed7ab92e5c64290bd0f70b424a07724c.css?ver=59e84
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
etag: "0-675ec078-186ccb2;;;"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css

GET
H2 200 ddc0146525b58aae902c2a1dd600e55e.js Show response
www.secured.domains/wp-content/litespeed/js/ 12 KB
5 KB 389ms
386ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/ddc0146525b58aae902c2a1dd600e55e.js?ver=5f1a4
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 3aa0adabf3799d03fffcccf04f2f7d4c8186790b7a12e9effcad21f5808e0ae1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "3081-675ec078-186ccb5;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4687
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
www.secured.domains/wp-includes/js/jquery/ 86 KB
29 KB 388ms
385ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "15601-654ce2cf-12e1d68;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 29597
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Thu, 09 Nov 2023 13:46:55 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H2 200 7c40088f1cd59bc44111deebfe9b7507.js Show response
www.secured.domains/wp-content/litespeed/js/ 13 KB
5 KB 412ms
410ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/7c40088f1cd59bc44111deebfe9b7507.js?ver=0ffea
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: bcd8482491d261c223749a5b352d5f29eea4560d9dd7bfa030dc270327c37eee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "3509-675ec078-186ccb6;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4679
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 db834238b5758d43feab87e8103e197c.js Show response
www.secured.domains/wp-content/litespeed/js/ 161 KB
58 KB 494ms
491ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/db834238b5758d43feab87e8103e197c.js?ver=671b8
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: dd7b868af599d45919504cfa1f90218938f8ea5733848b4a5cf605225b684067

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "285ce-675ec078-186ccb7;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 59255
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 754e6a6d8d02e0da9adb4e3db89d0334.js Show response
www.secured.domains/wp-content/litespeed/js/ 406 KB
98 KB 428ms
426ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/754e6a6d8d02e0da9adb4e3db89d0334.js?ver=7cfa4
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: ce2870b38b72777b93378ebbf025511f6bc2b51381cdc980cb997f012a4f8ddb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "6589c-675ec078-186ccb8;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 100325
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H2 200 secured_domains_logos__domains_ltggold_logo_horizontal.png
www.secured.domains/wp-content/uploads/2019/11/ 6 KB
6 KB 421ms
419ms Image
image/png 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secured.domains/wp-content/uploads/2019/11/secured_domains_logos__domains_ltggold_logo_horizontal.png
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: e137f3e4019f3519eec4f1b44fce87ec8714d5c85ed7f1d28365ce0af412146f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
etag: "1722-5ddfde03-12e27ec;;;"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5922
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Thu, 28 Nov 2019 14:47:31 GMT
content-type: image/png

GET
H2 200 secured_domains_logos__domains_white_grayscale_logo_horizontal.png
www.secured.domains/wp-content/uploads/2019/11/ 6 KB
6 KB 421ms
420ms Image
image/png 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secured.domains/wp-content/uploads/2019/11/secured_domains_logos__domains_white_grayscale_logo_horizontal.png
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 4e77ad707a15e0a082e4e9ed2485e9760462e489c8a2f9ec8dd6da5dd6d94a2d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
etag: "171f-5de27b75-12e27b7;;;"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5919
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sat, 30 Nov 2019 14:23:49 GMT
content-type: image/png

GET
H3 200 dummy.png
www.secured.domains/wp-content/plugins/revslider/sr6/assets/assets/ 68 B
308 B 113ms
112ms Image
image/png 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secured.domains/wp-content/plugins/revslider/sr6/assets/assets/dummy.png
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
etag: "44-66cc4509-12e3711;;;"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 68
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Mon, 26 Aug 2024 09:04:09 GMT
content-type: image/png

GET
H3 200 a822f60cf5cbe15679ddccede13d4978.css
www.secured.domains/wp-content/litespeed/css/ 49 KB
9 KB 113ms
113ms Stylesheet
text/css 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/css/a822f60cf5cbe15679ddccede13d4978.css?ver=4cf34
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 2f6cbafd354c2f79d3087eb82130a4c523890d590888609a722950adc923a68f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "c466-675ec078-186ccb3;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 9076
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 9c9ba543c8784b264aef254cb9d37ede.js Show response
www.secured.domains/wp-content/litespeed/js/ 39 B
91 B 113ms
112ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/9c9ba543c8784b264aef254cb9d37ede.js?ver=8b23c
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 5d340830a7a51a04cde050d7155ab7a96c5f18a796647cbd8cd56217b9fcd29d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
etag: "27-675ec078-186ccb9;;;"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 39
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript

GET
H3 200 749b9504c4b456a45deeb3c45a476688.js Show response
www.secured.domains/wp-content/litespeed/js/ 2 KB
844 B 116ms
111ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/749b9504c4b456a45deeb3c45a476688.js?ver=b2d53
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 6a9ea7444e5e13ddae68ec82752d78390056a69bb7d120324043e7735bbba754

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "6a3-675ec078-186ccba;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 802
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 5589d00b62f566b29ae9102c388d5caf.js Show response
www.secured.domains/wp-content/litespeed/js/ 5 KB
2 KB 116ms
111ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/5589d00b62f566b29ae9102c388d5caf.js?ver=28a7d
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: de947d3695623b1d405bfd3f547b27ffb8952005c51d439e6a8792ee2831deef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "123b-675ec078-186ccbb;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1494
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 71b2d552ba9fad1ff877a4014f6f8ace.js Show response
www.secured.domains/wp-content/litespeed/js/ 157 KB
47 KB 118ms
113ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/71b2d552ba9fad1ff877a4014f6f8ace.js?ver=4ae2e
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: c25ce52f96af20a6408328d51c95b81ba3e2263dbc38ee188182fe2ccc558efa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "272d2-675ec078-186ccbc;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 48536
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 b99fa4f0396de0781996f4c2e20df273.js Show response
www.secured.domains/wp-content/litespeed/js/ 7 KB
3 KB 217ms
212ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/b99fa4f0396de0781996f4c2e20df273.js?ver=96000
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 3adcee7b206a7914a46c51884c309a7288ff5353c313967fc4c62680e8eab642

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "1a4b-675ec078-186ccbd;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2736
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 6fafd8b9bc9b193761d5429c5db537d2.js Show response
www.secured.domains/wp-content/litespeed/js/ 285 KB
69 KB 222ms
217ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/6fafd8b9bc9b193761d5429c5db537d2.js?ver=b278c
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 574d98eafbfb10ee243d318fb00e3dfb1ea2a9c9bd820256300fa7da0e9f793a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "4724f-675ec078-186ccbe;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 70916
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 74054c606c6b3cb0ef5ffeaf347a8e28.js Show response
www.secured.domains/wp-content/litespeed/js/ 4 KB
1 KB 352ms
347ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/74054c606c6b3cb0ef5ffeaf347a8e28.js?ver=9a67e
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 9d80845b274cbd836aabfc018d523d9e4600c102e2873051eb4d577b7fcd33ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "fe1-675ec078-186ccbf;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1037
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 d7449e18886f5c08aa5d8ff05aa75960.js Show response
www.secured.domains/wp-content/litespeed/js/ 2 KB
550 B 351ms
346ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/d7449e18886f5c08aa5d8ff05aa75960.js?ver=eaab0
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 2c7c6c8b6b1803ccc26f0b762479f3c58bad0fb20dd8d44397d2d51cac617193

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "6c7-675ec078-186ccc0;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 507
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
996 B 392ms
143ms Script
text/javascript 142.251.179.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcKJEApAAAAAB4rM_8pOV5SPfXmuQ9O7iNFx1pO&ver=1.6.0

Requested by

Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f147.1e100.net

Software

ESF /

Resource Hash

1344419262e9aa5a005dbf1d3ca8d2f8146735198c9e89670f77c92f2ec82d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 11:50:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sun, 15 Dec 2024 11:50:56 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 7a23a992ff2306bb9ade56f2abfa829e.js Show response
www.secured.domains/wp-content/litespeed/js/ 21 KB
7 KB 351ms
347ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/7a23a992ff2306bb9ade56f2abfa829e.js?ver=54f69
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 0f6ec3213a5460fe81d0883719f4496251ff566c19b7dd67c7134f73800b083c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "53d9-675ec078-186ccc2;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6801
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:44 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 5de5b20a57986ff26655f33a6e6be31e.js Show response
www.secured.domains/wp-content/litespeed/js/ 68 KB
16 KB 355ms
351ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/5de5b20a57986ff26655f33a6e6be31e.js?ver=714df
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 7cad9fc17d62631d88d192cd381417c9e37d65ab7a537817a624364b375aa833

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "11079-675ec079-186ccc3;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 16480
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:45 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 c267926ea6fe63b684dbbead88576b94.js Show response
www.secured.domains/wp-content/litespeed/js/ 38 KB
15 KB 367ms
364ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/c267926ea6fe63b684dbbead88576b94.js?ver=f5733
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 5ba318f57a36f748ee43455877c3347d2c6462695c249969ded209231047f0b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "981e-675ec079-186ccc4;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 15731
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:45 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 eaa701dc39d720e560f75f18f00684dc.js Show response
www.secured.domains/wp-content/litespeed/js/ 46 KB
11 KB 383ms
379ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/eaa701dc39d720e560f75f18f00684dc.js?ver=f7bc5
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 9861390a0c79b476443a2fb2398c3483202d6ea4d48c04e6a1b800a11afaf9ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "b700-675ec079-186ccc5;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 11448
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:45 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 fd69b3625a29478f4710cf1a7c9a6fc6.js Show response
www.secured.domains/wp-content/litespeed/js/ 17 KB
5 KB 392ms
389ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/fd69b3625a29478f4710cf1a7c9a6fc6.js?ver=dbad2
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: ab40ea87f154832e862698df1be632c748140c6c227e646df7b3959ddfb930d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "4447-675ec079-186d282;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4866
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:45 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H3 200 fb5f5b0229518fcd6016821f8a807dd8.js Show response
www.secured.domains/wp-content/litespeed/js/ 11 KB
4 KB 488ms
486ms Script
text/javascript 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/litespeed/js/fb5f5b0229518fcd6016821f8a807dd8.js?ver=3b917
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 9646fa7947dad5567af2c3a7c3450578f037d5b8839a6606afb53255936956d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1

Response headers

cache-control: public, max-age=86400
content-encoding: br
etag: "2ca1-675ec079-186d283;br"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4325
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sun, 15 Dec 2024 11:41:45 GMT
content-type: text/javascript
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 399ms
154ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700%7CRoboto:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900

Requested by

Host: www.secured.domains
URL: https://www.secured.domains/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9640a181d883267880a1ddf61e50e83a2a2a064b061952b4b541928242ae9b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 11:50:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 11:50:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 15 Dec 2024 11:50:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 189ms
136ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: www.secured.domains
URL: https://www.secured.domains/wp-content/litespeed/css/238d7b8b35dee82deb6536014632ec46.css?ver=6f1f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c445d2ae619f3e88627f553bd2f0e8ed5c4470d0b94624aab47c529a16cc010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 11:50:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 11:50:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 15 Dec 2024 10:01:48 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 31 KB
1 KB 137ms
136ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900

Requested by

Host: www.secured.domains
URL: https://www.secured.domains/wp-content/litespeed/js/ddc0146525b58aae902c2a1dd600e55e.js?ver=5f1a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc3e9eea2554530340f12ba6ab93173bf99757107400d49e3d246fc280dad2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 11:50:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 11:50:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 15 Dec 2024 11:50:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Xw5aXo.woff2
fonts.gstatic.com/s/montserrat/v29/ 17 KB
17 KB 297ms
170ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Xw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

3e0db7ddad3c6c74efe862066c28e92bda919f66f6709c413d75b57c5094d8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 240234
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 17:07:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 17:07:02 GMT
last-modified: Wed, 06 Nov 2024 17:30:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17632
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2eb940418a1012fa598198c3a8bc3b3e950951a6b8ca562fce6dd1564f265810

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf7413b443952e94e020a79784a037b529ab4c241c568bde7f85cf9c32b93993

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 240ms
124ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700%7CRoboto:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 234914
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 18:35:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 18:35:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 377ms
261ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 168654
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 13:00:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 13:00:02 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
fonts.gstatic.com/s/roboto/v32/ 19 KB
19 KB 332ms
216ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

23fa730ff9e71e652b7416d11b9b5a171ed46f91f584cd5d8be273f0be710fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 168502
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 13:02:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 13:02:34 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19720
x-xss-protection: 0
server: sffe

GET
H3 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 569ms
453ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

d6d436fde6c23ffcdf1adc1626ace4d8f58086e98228f2451e5a65b248309260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 240330
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 17:05:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 17:05:26 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20216
x-xss-protection: 0
server: sffe

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 521ms
421ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 223093
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 21:52:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 21:52:43 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20144
x-xss-protection: 0
server: sffe

GET
H3 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 578ms
478ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

a82cf4c922189b14c3f7ebe5a2d8b6cea17ed594a92457095eb679a43ec1c738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 221283
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 22:22:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 22:22:53 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20160
x-xss-protection: 0
server: sffe

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 19 KB
19 KB 408ms
308ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 234914
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 18:35:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 18:35:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19780
x-xss-protection: 0
server: sffe

GET
H3 200 KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 490ms
390ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

831095a78c8e25c05ab5964c5638bb7c4c05d9f7989a1e784d45315cabb5379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 236342
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 18:11:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 18:11:54 GMT
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20356
x-xss-protection: 0
server: sffe

GET
H3 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 474ms
374ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

96643bfad5a17eada947d707441559202c83a2cc9acb28aa860b7d64e3e55747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 170027
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 12:37:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 12:37:09 GMT
last-modified: Thu, 01 Aug 2024 20:41:18 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18540
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 445ms
345ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 169880
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 12:39:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 12:39:36 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 504ms
404ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 232073
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 19:23:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 19:23:03 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 620ms
520ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 242840
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 16:23:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 16:23:36 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18436
x-xss-protection: 0
server: sffe

GET
H3 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v29/ 39 KB
39 KB 533ms
509ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

96a874a36a161a53381e9c5b16dcc188a04da68d463130aaf505c0f08de38782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 242848
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 16:23:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 16:23:28 GMT
last-modified: Wed, 06 Nov 2024 17:30:50 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39608
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 507ms
495ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://fonts.googleapis.com/

Response headers

age: 170198
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 12:34:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 12:34:18 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 547 KB
548 KB 401ms
123ms Script
text/javascript 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcKJEApAAAAAB4rM_8pOV5SPfXmuQ9O7iNFx1pO&ver=1.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://www.secured.domains/

Response headers

age: 138194
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 21:27:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 21:27:43 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 560083
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK / Show response
gui.secureserver.net/pcjson/standardheaderfooter/ 399 B
1 KB 853ms
376ms Script
text/javascript 2600:1408:c400:1887::228b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://gui.secureserver.net/pcjson/standardheaderfooter/?plid=527117&marketId=en-US&currencyType=USD&callback=jQuery371022449577129256482_1734263456404&plid=527117&_=1734263456405
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1408:c400:1887::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: envoy / ASP.NET, ARR/3.0
Resource Hash: 59bbb9ab0e08ca9425b1f7bdedc67f8b469e2c5b88703c3841a687ee0d918bf1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE
p3p: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Sun, 15 Dec 2024 11:50:57 GMT
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Headers: x-requested-with, content-type, accept, origin, authorization, x-csrftoken
Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Timing-Allow-Origin: *
Pragma: no-cache
x-envoy-upstream-service-time: 237
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 399
x-powered-by: ASP.NET, ARR/3.0
Server: envoy

GET
H3 200 revicons.woff
www.secured.domains/wp-content/plugins/revslider/sr6/assets/fonts/revicons/ 7 KB
7 KB 111ms
111ms Font
application/font-woff 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secured.domains/wp-content/plugins/revslider/sr6/assets/fonts/revicons/revicons.woff?5510888
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/wp-content/litespeed/css/a822f60cf5cbe15679ddccede13d4978.css?ver=4cf34
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secured.domains
Referer: https://www.secured.domains/wp-content/litespeed/css/a822f60cf5cbe15679ddccede13d4978.css?ver=4cf34

Response headers

cache-control: public, max-age=86400
etag: "1d70-66cc4509-12e36ef;;;"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7536
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Mon, 26 Aug 2024 09:04:09 GMT
content-type: application/font-woff

GET
H2 200 Dancing-Bulbs.jpg
secured.domains/wp-content/uploads/revslider/ 69 KB
70 KB 112ms
111ms Image
image/jpeg 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secured.domains/wp-content/uploads/revslider/Dancing-Bulbs.jpg
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: d8e99bf42b39b70dad19b6a49d91cb0690b1eebc5ea070a39a498b9e1cb9d6df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

cache-control: public, max-age=86400
etag: "115e7-5de2743a-12e2697;;;"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 71143
date: Sun, 15 Dec 2024 11:50:56 GMT
last-modified: Sat, 30 Nov 2019 13:52:58 GMT
content-type: image/jpeg

GET
H2 206 Dancing-Bulbs.mp4
secured.domains/wp-content/uploads/revslider/ 4 MB
4 MB 123ms
123ms Media
video/mp4 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.domains/wp-content/uploads/revslider/Dancing-Bulbs.mp4
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: ba35d214ab75c50ada64b3b1428ae2c88449f9f1509c2aa1c733360a3cde1048

Request headers

Referer: https://www.secured.domains/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Content-Length: 4593674
etag: "46180a-5de2743b-12e2698;;;"
date: Sun, 15 Dec 2024 11:50:57 GMT
last-modified: Sat, 30 Nov 2019 13:52:59 GMT
content-type: video/mp4
Content-Range: bytes 0-4593673/4593674

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
94 KB 153ms
152ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LTGKCMMM6Z&l=dataLayer&cx=c&gtm=45He4cc1v813446593za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDK2FXF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ea249f326a2517b6c020876435c63b8e47fa1455a36ff83dff5484f49273997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 15 Dec 2024 11:50:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 11:50:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96124
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 376ms
123ms Script
text/javascript 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDK2FXF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

content-encoding: gzip
age: 3136
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 12:58:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:58:41 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 245ms
121ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: liontreefinancial.com
URL: https://liontreefinancial.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-2VqFUTID' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 15 Dec 2024 11:50:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-2VqFUTID' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=24, mss=1232, tbw=8248, tp=13, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: Wfa/k49kFXi7bqB83EDW22EIiH3sev+Q2ziE7jg0PDrpszjMVCMHMwIlzwMQ+hdC34IYuOz7I/JftO2+FE2XfQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62283
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 farmbg.jpg
secured.domains/wp-content/uploads/revslider/ 109 KB
109 KB 111ms
111ms Image
image/jpeg 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secured.domains/wp-content/uploads/revslider/farmbg.jpg
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 19b54ab8313eee918d863971c3860cae7b977488b4bea814ca849324be636545

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

cache-control: public, max-age=86400
etag: "1b3f2-5de2743b-12e2256;;;"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 111602
date: Sun, 15 Dec 2024 11:50:57 GMT
last-modified: Sat, 30 Nov 2019 13:52:59 GMT
content-type: image/jpeg

GET
H3 200 citybg.jpg
secured.domains/wp-content/uploads/revslider/ 215 KB
215 KB 246ms
245ms Image
image/jpeg 144.202.61.198
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secured.domains/wp-content/uploads/revslider/citybg.jpg
Requested by: Host: www.secured.domains
URL: https://www.secured.domains/?isc=PLPPT02003&isRedirect=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.202.61.198 Elk Grove Village, United States, ASN20473 (AS-VULTR, US),
Reverse DNS: 144-202-61-198.constant.com
Software: /
Resource Hash: 6e4fad9cab4d8898f401da51b53f018ee0a8d94b6f4163bc27eb36cb479b67dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

cache-control: public, max-age=86400
etag: "35b80-5de2743b-12e2258;;;"
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 220032
date: Sun, 15 Dec 2024 11:50:57 GMT
last-modified: Sat, 30 Nov 2019 13:52:59 GMT
content-type: image/jpeg

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 219ms
217ms Fetch
text/plain 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LTGKCMMM6Z&gtm=45je4cc1v9117942854z8813446593za200zb813446593&_p=1734263455853&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1455104990.1734263457&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734263457&sct=1&seg=0&dl=https%3A%2F%2Fwww.secured.domains%2F%3Fisc%3DPLPPT02003%26isRedirect%3D1&dr=https%3A%2F%2Fliontreefinancial.com%2F&dt=WordPress%20Website%20Maintenance%2C%20Hosting%20%7C%20Secured%20Domains%20Madison%20WI&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3102
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LTGKCMMM6Z&l=dataLayer&cx=c&gtm=45He4cc1v813446593za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.secured.domains
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 11:50:57 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 434458093948436 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 230ms
229ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/434458093948436?v=2.9.179&r=stable&domain=www.secured.domains&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

2bf17805542067b11b8f543761a94c9d02e400db5c545a6370fa212747c64fc1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-iKGMusRt' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 15 Dec 2024 11:50:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-iKGMusRt' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=80, mss=1232, tbw=74380, tp=71, tpl=0, uplat=109, ullat=0
pragma: public
x-fb-debug: 8Wu/zXfUnN0lTfJpMtXdMc5euU09J8r7pAv1apefN+g9KZg6ELlTZnvmF2Y/Xzwg068b0RrpVzaBr4xEfm1tKw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
319 B 131ms
131ms XHR
text/plain 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1655345456&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secured.domains%2F%3Fisc%3DPLPPT02003%26isRedirect%3D1&dr=https%3A%2F%2Fliontreefinancial.com%2F&ul=en-us&de=UTF-8&dt=WordPress%20Website%20Maintenance%2C%20Hosting%20%7C%20Secured%20Domains%20Madison%20WI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=15677198&gjid=1090341445&cid=1455104990.1734263457&tid=UA-61550701-10&_gid=1701561296.1734263458&_r=1&_slc=1&gtm=45He4cc1n81WDK2FXFv813446593za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1928595419

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

cb969649168f09b24256368452e802ad79365153d1f46be8921ee30df2c51c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.secured.domains/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 11:50:57 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.secured.domains
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
96 KB 155ms
154ms Script
application/javascript 172.253.122.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LTGKCMMM6Z&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

0b3ab516587f2ce448a8904bad32b923a9688512bae5cc61f6997589749f4f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 15 Dec 2024 11:50:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 11:50:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97959
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 1645696629014025 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 207ms
206ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1645696629014025?v=2.9.179&r=stable&domain=www.secured.domains&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

96b20dea9cbd777c46118f5885403bf44846973cd926fd56a315c250790fead6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-jiqb1tHv' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 15 Dec 2024 11:50:58 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-jiqb1tHv' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=92, mss=1232, tbw=89628, tp=86, tpl=0, uplat=85, ullat=0
pragma: public
x-fb-debug: qvGy4JK73V3Qq2UItqsZKKOYF6bGKb93G1JAyOtyEpsPqarNJU1jKP6WMQLE/NSte90w9fCwrAzydJI8KeTMlg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 0495 0
0 402ms
158ms Document
text/html 142.251.179.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKJEApAAAAAB4rM_8pOV5SPfXmuQ9O7iNFx1pO&co=aHR0cHM6Ly93d3cuc2VjdXJlZC5kb21haW5zOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=dx8tye4vl13a

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f147.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zR1iltbR-DGG-LKEmc5uaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secured.domains/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zR1iltbR-DGG-LKEmc5uaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 15 Dec 2024 11:50:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1012711205450463 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 171ms
171ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1012711205450463?v=2.9.179&r=stable&domain=www.secured.domains&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

2d61f2f8806d72252e4f0aedff30b29e9a8664199a518f715208446ac615038b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-OHXDiRSb' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secured.domains/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 15 Dec 2024 11:50:58 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-OHXDiRSb' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=95, mss=1232, tbw=93596, tp=92, tpl=0, uplat=49, ullat=0
pragma: public
x-fb-debug: /zwJUySzfTEu8QuAHgi5eUz6gDsG6GKt4CY1M8OT1aZY238ePWetwdYLJODu+FJD+8G3nuPXfOBuM3YbwrTglw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET /
www.facebook.com/tr/ 0
0

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET /
www.facebook.com/tr/ 0
0

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET /
www.facebook.com/tr/ 0
0

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=434458093948436&ev=PageView&dl=https%3A%2F%2Fwww.secured.domains%2F%3Fisc%3DPLPPT02003%26isRedirect%3D1&rl=https%3A%2F%2Fliontreefinancial.com%2F&if=false&ts=1734263458411&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734263458409.273663089208223049&ler=other&cdl=API_unavailable&it=1734263457572&coo=false&rqm=GET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=434458093948436&ev=PageView&dl=https%3A%2F%2Fwww.secured.domains%2F%3Fisc%3DPLPPT02003%26isRedirect%3D1&rl=https%3A%2F%2Fliontreefinancial.com%2F&if=false&ts=1734263458411&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734263458409.273663089208223049&ler=other&cdl=API_unavailable&it=1734263457572&coo=false&rqm=FGET

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=1645696629014025&ev=PageView&dl=https%3A%2F%2Fwww.secured.domains%2F%3Fisc%3DPLPPT02003%26isRedirect%3D1&rl=https%3A%2F%2Fliontreefinancial.com%2F&if=false&ts=1734263458413&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734263458409.273663089208223049&ler=other&cdl=API_unavailable&it=1734263457572&coo=false&rqm=GET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1645696629014025&ev=PageView&dl=https%3A%2F%2Fwww.secured.domains%2F%3Fisc%3DPLPPT02003%26isRedirect%3D1&rl=https%3A%2F%2Fliontreefinancial.com%2F&if=false&ts=1734263458413&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734263458409.273663089208223049&ler=other&cdl=API_unavailable&it=1734263457572&coo=false&rqm=FGET

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=1012711205450463&ev=PageView&dl=https%3A%2F%2Fwww.secured.domains%2F%3Fisc%3DPLPPT02003%26isRedirect%3D1&rl=https%3A%2F%2Fliontreefinancial.com%2F&if=false&ts=1734263458414&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734263458409.273663089208223049&ler=other&cdl=API_unavailable&it=1734263457572&coo=false&rqm=GET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1012711205450463&ev=PageView&dl=https%3A%2F%2Fwww.secured.domains%2F%3Fisc%3DPLPPT02003%26isRedirect%3D1&rl=https%3A%2F%2Fliontreefinancial.com%2F&if=false&ts=1734263458414&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734263458409.273663089208223049&ler=other&cdl=API_unavailable&it=1734263457572&coo=false&rqm=FGET

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
liontreefinancial.com/	1970-01-21 01:45:49	Name: traffic_target Value: reseller
liontreefinancial.com/	1970-01-21 01:45:49	Name: caf_ipaddr Value: 162.245.206.246
liontreefinancial.com/	1970-01-21 01:45:49	Name: country Value: US
liontreefinancial.com/	1970-01-21 01:45:49	Name: city Value: El%20Segundo
liontreefinancial.com/	1970-01-21 01:45:49	Name: lander_type Value: parkweb-reseller
api.aws.parking.godaddy.com/	1970-01-21 01:54:28	Name: AWSALBCORS Value: B5IsVG0fgKQvVbTmebyP75o1j1VsmHMiLwUZFwW5sJ1NbaXWvvkhDpjPb6KzdGVicsQBL8K9/xSHJNaUE6EltoaICroICXW3bxEhvoP2M1ROm8V/3IBAxPJ+J9nr
www.secureserver.net/	1969-12-31 23:59:59	Name: 9bcd9698ffec9a5b4659eec167633246 Value: 3f79999577410f12846e675f8d11d4a4
.secureserver.net/	1970-01-21 01:44:24	Name: fb_sessiontraffic Value: S_TOUCH=&pathway=318f026c-6b36-4d17-968f-68fa1efee6e0&V_DATE=&pc=0
.secureserver.net/	1970-01-21 01:44:24	Name: pathway Value: 318f026c-6b36-4d17-968f-68fa1efee6e0
.secureserver.net/	1970-01-21 10:28:33	Name: visitor Value: vid=318f026c-6b36-4d17-968f-68fa1efee6e0
.secureserver.net/	1970-01-21 10:29:59	Name: _policy Value: {"restricted_market":false,"tracking_market":"implicit_notice"}
.secureserver.net/	1970-01-21 10:29:59	Name: _abck Value: 5C57EC1DA24BC018FA7C42143356E3AC~-1~YAAQx5s+F0e6bbiTAQAAOD0oyg1joPdsuNMMuD4FPsG+XvD9h9LRuGCtRTCBkS1vFYvT26V/oisBXjJLQIC6CKSSrmgEYgHxlJjv5jsmxEtkyMJzjF7YJWIcxPdcGHS27OTJQYWT/X/iRc65kClKjrx+CQiIijrRmY7j/2w1Ny/R7es+7WTpTgkZjo48+vUBC+p8bk7aYecCIMPzarKT0LArqxtmt/Gr9jCk4zjuKr3TrEfSDdY4dLhLiZz3+s2k67XezdcrgXcu2oujD4L5w1ROfSO6rjfLcYvRUTWZW8JDcp6RZBX5Vyug/rFCjUm+CilBq3dfrNZFVurYnNdOmHRyy0YHstWmzSC7JwMTJaQYLeL8CBYIkq2JQYB43ucufGssgHe4FstrTHGkx3JDKSgiCjQEnlpjeJ7MMoehjLpAVg==~-1~-1~-1
.secureserver.net/	1970-01-21 01:44:30	Name: ak_bmsc Value: E5088C3BF81F92AF33C4D6D4F418709E~000000000000000000000000000000~YAAQx5s+F0i6bbiTAQAAOD0oyhoGSIeVzl9noYsV+Wq+466t4eAFpLGOdUhdt9JFbim0Uy9LLGjUhtBXXcYR4OadVUR6HXHMIn5w+sj3un3pwX2oOBdj+9NzYClRGIT6lKrgR2JA4jur2Vmaftc/dDLmM57X+Zjdz2+RsbaiNoSELNgM4MlSZlrD78NdyQrzxLcN4ed7REnje7BM5RQ6WX9+2umGSEiuej8PxP6ApW9FikZWVplLgohmo/iyQ5YKZemN4UsMWbWc+r3mB5VMUBmb63eMSphtTKDeiW/tgAgxzqu83ixGQFDwqD9povy6eyTL9lxoETIHQZwtzyJqriI+rp+/mNiQ7MqOWmqOcOLaanzu4t7Gz+06hx5jh4KXr5E3uWfIUFSd63I=
.secureserver.net/	1970-01-21 01:44:37	Name: bm_sz Value: 75F713B18FFAD802E0F1862BFF9132A5~YAAQx5s+F0m6bbiTAQAAOD0oyhrVladZSecqvN1zD8D6i2UiQ5dYGKGa3NFlQi6S/8U59Nt6mDaxkz+PAi4YehQzMQh3X+Xbigf3bKJsZxipP9wLS/m48VsOeO8yT4wDWPf4OIl2PJcVXAfwdi20p0UqL1Iok66+wZzUYwuj5VHH9+0Dn1BtQulRFYROXN0ZFWJSiNf9yWgxf3drwlXUwRTrfsXf/DINGGB/O7br2g+UUqXNqxhGFGdbpi/2n1WFL997090JJImTzjqzzT7s1TisF9W3qSpEHOoRLt9KBLtYmy96vqr3mWso4TgdYlSBOjftFQUeTAUEEf3Sw50buXeyYPXZi23tpN3WhcjHu/UMrGqYxyUsSvWWrd4oUSCIQyc4++w+80G8bf+NvuJcRw==~3159606~3422515
.secured.domains/	1970-01-21 11:20:23	Name: _ga_LTGKCMMM6Z Value: GS1.1.1734263457.1.0.1734263457.0.0.0
.secured.domains/	1970-01-21 11:20:23	Name: _ga Value: GA1.2.1455104990.1734263457
.secured.domains/	1970-01-21 01:45:49	Name: _gid Value: GA1.2.1701561296.1734263458
.secured.domains/	1970-01-21 01:44:23	Name: _gat_UA-61550701-10 Value: 1
.secured.domains/	1970-01-21 03:53:59	Name: _fbp Value: fb.1.1734263458409.273663089208223049

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.aws.parking.godaddy.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gui.secureserver.net
img1.wsimg.com
liontreefinancial.com
secured.domains
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.secured.domains
www.secureserver.net
www.facebook.com
142.251.167.94
142.251.179.106
142.251.179.147
144.202.61.198
172.253.122.97
18.233.146.136
23.212.249.79
2600:1408:c400:1887::228b
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c19::5e
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1b::8b
31.13.66.19
76.223.67.189
03073d11854cf9e21b8770a96df762ac5517d5b49cb42206e70790bcecc91a49
0b3ab516587f2ce448a8904bad32b923a9688512bae5cc61f6997589749f4f6f
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440
0f6ec3213a5460fe81d0883719f4496251ff566c19b7dd67c7134f73800b083c
10d71cad756348090df851f93bfb8877c72aacef2b723087566420bfb84e82c9
1344419262e9aa5a005dbf1d3ca8d2f8146735198c9e89670f77c92f2ec82d53
19b54ab8313eee918d863971c3860cae7b977488b4bea814ca849324be636545
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
1c445d2ae619f3e88627f553bd2f0e8ed5c4470d0b94624aab47c529a16cc010
1fccb5214073a256d7cc8dd1d35da87cde9c4c8964fc91f1272525425fc00385
23fa730ff9e71e652b7416d11b9b5a171ed46f91f584cd5d8be273f0be710fe2
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
2bf17805542067b11b8f543761a94c9d02e400db5c545a6370fa212747c64fc1
2c7c6c8b6b1803ccc26f0b762479f3c58bad0fb20dd8d44397d2d51cac617193
2d61f2f8806d72252e4f0aedff30b29e9a8664199a518f715208446ac615038b
2ea249f326a2517b6c020876435c63b8e47fa1455a36ff83dff5484f49273997
2eb940418a1012fa598198c3a8bc3b3e950951a6b8ca562fce6dd1564f265810
2f6cbafd354c2f79d3087eb82130a4c523890d590888609a722950adc923a68f
3675f74a480863e6d65a15bf3be2fe0e1ae748863d6ebf708556dc5cd142899f
3aa0adabf3799d03fffcccf04f2f7d4c8186790b7a12e9effcad21f5808e0ae1
3adcee7b206a7914a46c51884c309a7288ff5353c313967fc4c62680e8eab642
3e0db7ddad3c6c74efe862066c28e92bda919f66f6709c413d75b57c5094d8fb
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4e77ad707a15e0a082e4e9ed2485e9760462e489c8a2f9ec8dd6da5dd6d94a2d
56141a6a41864d1769c3eacbaa33834330006010635f0746a74a01627ee7f84c
574d98eafbfb10ee243d318fb00e3dfb1ea2a9c9bd820256300fa7da0e9f793a
577a1ca1d9fa1942ad93d62cad2f5a0cc72d3317417e8d75455c52502b4c1e0d
580456f01b2098a74096340ca74b3ff4a7475386da46ec423ade90d62166a0fc
59bbb9ab0e08ca9425b1f7bdedc67f8b469e2c5b88703c3841a687ee0d918bf1
5ba318f57a36f748ee43455877c3347d2c6462695c249969ded209231047f0b8
5d340830a7a51a04cde050d7155ab7a96c5f18a796647cbd8cd56217b9fcd29d
642a665c1a0b29d5d3814341cef95e6df74ff5db7b26f832852fd155405453f5
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a9ea7444e5e13ddae68ec82752d78390056a69bb7d120324043e7735bbba754
6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023
6e4fad9cab4d8898f401da51b53f018ee0a8d94b6f4163bc27eb36cb479b67dc
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
7ac5a4f9a8a222d7d30c208202e78143d9a73011d99b896d858c2a3d0661f9f5
7cad9fc17d62631d88d192cd381417c9e37d65ab7a537817a624364b375aa833
831095a78c8e25c05ab5964c5638bb7c4c05d9f7989a1e784d45315cabb5379b
85d147b591ba2697b6a44a136993a30d8dde42eb277f603bfca620a13240d05a
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9640a181d883267880a1ddf61e50e83a2a2a064b061952b4b541928242ae9b82
9646fa7947dad5567af2c3a7c3450578f037d5b8839a6606afb53255936956d7
96643bfad5a17eada947d707441559202c83a2cc9acb28aa860b7d64e3e55747
96a874a36a161a53381e9c5b16dcc188a04da68d463130aaf505c0f08de38782
96b20dea9cbd777c46118f5885403bf44846973cd926fd56a315c250790fead6
9861390a0c79b476443a2fb2398c3483202d6ea4d48c04e6a1b800a11afaf9ae
9d80845b274cbd836aabfc018d523d9e4600c102e2873051eb4d577b7fcd33ff
a4b555a4508ca05aaee2849ea8f7ef5045554691eed118c41b51b225b35be896
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
a82cf4c922189b14c3f7ebe5a2d8b6cea17ed594a92457095eb679a43ec1c738
ab40ea87f154832e862698df1be632c748140c6c227e646df7b3959ddfb930d2
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
ba35d214ab75c50ada64b3b1428ae2c88449f9f1509c2aa1c733360a3cde1048
bab14cf2c3576aecc666ee575cda2f9130795ebe8beaede982aa83e69b4d5dff
bc3e9eea2554530340f12ba6ab93173bf99757107400d49e3d246fc280dad2f1
bcd8482491d261c223749a5b352d5f29eea4560d9dd7bfa030dc270327c37eee
c25ce52f96af20a6408328d51c95b81ba3e2263dbc38ee188182fe2ccc558efa
c87d5b8432db51d821cbfe3dc9caa4e3626a9ffc84cb0a2f495b9bdb67094530
cb09b363564f8d8aee9bebbf4cd2f1f6437a8d9394c07a0e01ef07856328e871
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb969649168f09b24256368452e802ad79365153d1f46be8921ee30df2c51c87
cda3a3d66954bd99f24060db7956db301d46f9ea1e8e95692430c4e834b70222
ce2870b38b72777b93378ebbf025511f6bc2b51381cdc980cb997f012a4f8ddb
cf7413b443952e94e020a79784a037b529ab4c241c568bde7f85cf9c32b93993
d6d436fde6c23ffcdf1adc1626ace4d8f58086e98228f2451e5a65b248309260
d8e99bf42b39b70dad19b6a49d91cb0690b1eebc5ea070a39a498b9e1cb9d6df
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dd7b868af599d45919504cfa1f90218938f8ea5733848b4a5cf605225b684067
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8d7fc2b4281251d0841f714464bfac8c6bf261524a5b90dc1cce8a21b80c59
de947d3695623b1d405bfd3f547b27ffb8952005c51d439e6a8792ee2831deef
e137f3e4019f3519eec4f1b44fce87ec8714d5c85ed7f1d28365ce0af412146f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4672611b815896ae5805a55a0cbc9524a4dc51c35eb96141a502f08e63fd721
ed06f93c070bbaf6e4fe4e339b4b02b99d9319acc721f6692862c958456611fe
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

www.secured.domains Open in urlscan Pro 144.202.61.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

93 %HTTPS

36 %IPv6

12 Domains

15 Subdomains

15 IPs

1 Countries

6980 kBTransfer

10622 kBSize

19 Cookies

4 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.secured.domains Open in urlscan Pro
144.202.61.198 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

93 %
HTTPS

36 %
IPv6

12
Domains

15
Subdomains

15
IPs

1
Countries

6980 kB
Transfer

10622 kB
Size

19
Cookies

90 HTTP transactions
2 data transactions