security.tumolofinancialpresents.com Open in urlscan Pro
35.202.21.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://security.tumolofinancialpresents.com/
Submission: On January 09 via api (January 9th 2024, 5:23:29 pm UTC) from US — Scanned from DE

Summary HTTP 102 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 22 domains to perform 102 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is security.tumolofinancialpresents.com.
TLS certificate: Issued by R3 on January 8th 2024. Valid for: 3 months.

This is the only time security.tumolofinancialpresents.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	108.138.34.174 108.138.34.174	16509 (AMAZON-02) (AMAZON-02)
2	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	18.173.187.3 18.173.187.3	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
8	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.26.89 108.138.26.89	16509 (AMAZON-02) (AMAZON-02)
4	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
2	151.101.0.217 151.101.0.217	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.36.19 108.138.36.19	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	18.173.187.76 18.173.187.76	16509 (AMAZON-02) (AMAZON-02)
1 4	2600:9000:20c... 2600:9000:20c3:1800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:c127:3ec0:be55:3e79	16509 (AMAZON-02) (AMAZON-02)
102	30

4 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

security.tumolofinancialpresents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
advisorsdigitaledgeondemand.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.34.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-34-174.muc50.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.173.187.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-3.muc50.r.cloudfront.net

widget.surveymonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod.smassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.surveymonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.smassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-89.fra56.r.cloudfront.net

www.surveymonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-19.muc50.r.cloudfront.net

cdn.signalfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.187.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-76.muc50.r.cloudfront.net

prod.smassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.smassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20c3:1800:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:c127:3ec0:be55:3e79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	smassets.net prod.smassets.net — Cisco Umbrella Rank: 53876 cdn.smassets.net — Cisco Umbrella Rank: 62499	2 MB
14	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115 ajax.googleapis.com — Cisco Umbrella Rank: 708 maps.googleapis.com — Cisco Umbrella Rank: 659	320 KB
13	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 129	225 KB
8	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 63497	4 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com maps.gstatic.com	206 KB
7	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 6162 i.vimeocdn.com — Cisco Umbrella Rank: 5761 fresnel.vimeocdn.com — Cisco Umbrella Rank: 5966	305 KB
6	center.io js.center.io — Cisco Umbrella Rank: 70704	26 KB
5	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 4806 d.adroll.com — Cisco Umbrella Rank: 2450	27 KB
5	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1761	98 KB
4	surveymonkey.com widget.surveymonkey.com — Cisco Umbrella Rank: 106782 www.surveymonkey.com — Cisco Umbrella Rank: 45680 secure.surveymonkey.com — Cisco Umbrella Rank: 62174	27 KB
3	lpages.co advisorsdigitaledgeondemand.lpages.co	113 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	google.com 1 redirects maps.google.com — Cisco Umbrella Rank: 3821 www.google.com — Cisco Umbrella Rank: 6	2 KB
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 3217 vimeo.com — Cisco Umbrella Rank: 3004	11 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	89 KB
1	signalfx.com cdn.signalfx.com — Cisco Umbrella Rank: 37881 rum-ingest.us1.signalfx.com Failed	41 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 18647	762 B
1	cloudfront.net d10lpsik1i8c69.cloudfront.net	3 KB
1	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 68577	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	65 KB
1	tumolofinancialpresents.com security.tumolofinancialpresents.com	23 KB
102	22

	Domain	Requested by
13	prod.smassets.net	security.tumolofinancialpresents.com www.surveymonkey.com prod.smassets.net
13	lh3.googleusercontent.com	security.tumolofinancialpresents.com advisorsdigitaledgeondemand.lpages.co
9	maps.googleapis.com	www.google.com maps.googleapis.com security.tumolofinancialpresents.com
8	api.leadpages.io	js.center.io static.leadpages.net
6	js.center.io	security.tumolofinancialpresents.com js.center.io advisorsdigitaledgeondemand.lpages.co
5	maxcdn.bootstrapcdn.com	security.tumolofinancialpresents.com maxcdn.bootstrapcdn.com advisorsdigitaledgeondemand.lpages.co
4	s.adroll.com	1 redirects security.tumolofinancialpresents.com s.adroll.com
4	f.vimeocdn.com	player.vimeo.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	security.tumolofinancialpresents.com advisorsdigitaledgeondemand.lpages.co
3	www.gstatic.com	f.vimeocdn.com www.gstatic.com
3	advisorsdigitaledgeondemand.lpages.co	static.leadpages.net
2	cdn.smassets.net	www.surveymonkey.com cdn.smassets.net
2	i.vimeocdn.com	player.vimeo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	widget.surveymonkey.com	security.tumolofinancialpresents.com widget.surveymonkey.com
2	connect.facebook.net	security.tumolofinancialpresents.com connect.facebook.net
1	d.adroll.com	s.adroll.com
1	maps.gstatic.com	www.google.com
1	cdn.signalfx.com	www.surveymonkey.com
1	secure.surveymonkey.com	www.surveymonkey.com
1	vimeo.com	f.vimeocdn.com
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	www.surveymonkey.com	ajax.googleapis.com
1	www.facebook.com	security.tumolofinancialpresents.com
1	ajax.googleapis.com	widget.surveymonkey.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	www.google.com	security.tumolofinancialpresents.com
1	maps.google.com	1 redirects
1	player.vimeo.com	security.tumolofinancialpresents.com
1	d10lpsik1i8c69.cloudfront.net	security.tumolofinancialpresents.com
1	static.leadpages.net	security.tumolofinancialpresents.com
1	www.googletagmanager.com	security.tumolofinancialpresents.com
1	security.tumolofinancialpresents.com
0	rum-ingest.us1.signalfx.com Failed	cdn.signalfx.com
102	35

This site contains links to these domains. Also see Links.

Domain
www.surveymonkey.com
www.tumolofinancial.com

Subject Issuer	Validity	Valid
security.tumolofinancialpresents.com R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2023-12-14` - `2024-03-13`	3 months	crt.sh
js.center.io GTS CA 1D4	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-19` - `2024-01-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
surveymonkey.com Amazon RSA 2048 M03	`2023-11-16` - `2024-12-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.lpages.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.leadpages.io R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-12-30` - `2024-03-29`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
*.signalfx.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-16` - `2024-11-15`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://security.tumolofinancialpresents.com/
Frame ID: F7ABC692862828D4C95658F92A7965B9
Requests: 39 HTTP requests in this frame

Frame: https://player.vimeo.com/video/362843894
Frame ID: A42C07A7EC4861CC0BF31BD1E2A7E26C
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s339+Flanders+Rd.++East+Lyme,+CT+06333!6i15
Frame ID: 34D77BCE2165BE5215AE79CDBE5AC5FA
Requests: 12 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
Frame ID: AD853F6F39352BC3157DE36C623C290E
Requests: 2 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 102A7E60BEBDB9A2A9562F23543AB506
Requests: 1 HTTP requests in this frame

Frame: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/KZGkEXQpREacnvcfsTapa9/
Frame ID: 89182B9DCFB8F13C7A185B89A96D3E25
Requests: 6 HTTP requests in this frame

Frame: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/EbzSbJNedvFsMVG9P9AMRX/
Frame ID: 2E0D9F281546A505DCEDD6A846F630A7
Requests: 6 HTTP requests in this frame

Frame: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/b8UMoaDHDEU8bMauT8iegH/
Frame ID: 9ECE0723A35FED8E75AB96A3B83B56AE
Requests: 6 HTTP requests in this frame

Frame: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1
Frame ID: E8B46046ECA40D9ABC4500DBF9046135
Requests: 18 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 1071D5F680610C6F833F5DBAB73DD6F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Social Security OnDemand Seminar

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

102
Requests

98 %
HTTPS

57 %
IPv6

22
Domains

35
Subdomains

30
IPs

4
Countries

3232 kB
Transfer

12846 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.surveymonkey.com/?ut_source=powered_by&ut_source2=new_website_collector
Title: powered by

Search URL Search Domain Scan URL

URL: http://www.tumolofinancial.com/
Title: www.tumolofinancial.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://maps.google.com/maps?q=339%20Flanders%20Rd.%20%20East%20Lyme%2C%20CT%2006333&t=&z=15&ie=UTF8&iwloc=&output=embed HTTP 301
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s339+Flanders+Rd.++East+Lyme,+CT+06333!6i15

Request Chain 93

https://s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

102 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
security.tumolofinancialpresents.com/ 116 KB
23 KB 545ms
223ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

edbe109fbe75383e0e266a4544ecacf49e4515ae27938140a7d03a0e28c9d9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 09 Jan 2024 17:23:22 GMT
etag: W/"ba35ee70a0de3cc21557866e12d7ade4"
last-modified: Fri, 30 Jul 2021 17:31:53 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, MISS

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 63ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 3664088
cdn-cachedat: 2021-06-08 21:31:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5bb5196854d77b3b0bd1d55200ac7249
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 842e5e24ffd739d4-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 174ms
64ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Playfair%20Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

757b52cddbf665cd40625461e49d89b01fbce69169bcf95389fe72e1217db4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 17:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 17:23:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 17:23:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 192ms
82ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134632641-38

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0033d7cc9bfa8c9cc6c80c3dd4f0a4dea8130e914e3dcebae600c04782189e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65680
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 17:23:23 GMT

GET
H2 200 ZfQcUx7UJUP3fcChaY4ki81czKBe0HRr4POrDCl5Q6Tu1yIMCQD4lweBBv3LbHZXHIeK-IHcaCroWrmGlDr8wQE=s0
lh3.googleusercontent.com/ 37 KB
38 KB 282ms
172ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ZfQcUx7UJUP3fcChaY4ki81czKBe0HRr4POrDCl5Q6Tu1yIMCQD4lweBBv3LbHZXHIeK-IHcaCroWrmGlDr8wQE=s0

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5558fe20d3a09475ee6c28d846beede6ba2b7bc4c9e456acfcc4414d0847d9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38235
x-xss-protection: 0
expires: Wed, 10 Jan 2024 17:23:23 GMT

GET
H2 200 embed.js Show response
static.leadpages.net/leadboxes/current/ 42 KB
15 KB 170ms
119ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/leadboxes/current/embed.js
Requested by: Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:19:09 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 254
etag: "MP3rjQ"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 28f2fe8758673de85c44206243f9cc87
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Tue, 09 Jan 2024 17:24:09 GMT

GET
H2 200 z65ODKPTAq9arDfTXKDuUmRFDDaQO3oO-9XoFVxRDv2iabviDNwdIfjuKKZQwJZdE5hx-Rg4DYXwqGHlEZZCoN0=w16
lh3.googleusercontent.com/ 4 KB
4 KB 344ms
234ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/z65ODKPTAq9arDfTXKDuUmRFDDaQO3oO-9XoFVxRDv2iabviDNwdIfjuKKZQwJZdE5hx-Rg4DYXwqGHlEZZCoN0=w16

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5a07869b4a988f69779c6a8138265ed72626dec1db42c7864e821e6fec1c8fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3732
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Jan 2024 17:23:23 GMT

GET
H2 200 SL1-r6vCXmRvMnOzznc2lIvMvD0WPB0XaCi2T_STJ0lfgPvJqrL8_paNPcDqLozMQpyi9-gZyemcXtO_lxnhCA=w16
lh3.googleusercontent.com/ 675 B
738 B 333ms
332ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/SL1-r6vCXmRvMnOzznc2lIvMvD0WPB0XaCi2T_STJ0lfgPvJqrL8_paNPcDqLozMQpyi9-gZyemcXtO_lxnhCA=w16

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

916d8c34d4eb25b28a6418328131ee9473400214a5660cb1f385674851f12c64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 675
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Jan 2024 17:23:23 GMT

GET
H2 200 kgjQ5O-t8XhTyGxopBTSRVKzs4aX6QpRTPuAjUTN0Mh6UDpeWXoKh3iH8BNycB46hAUYkhrajpw6tr2YUNSXHg=w16
lh3.googleusercontent.com/ 414 B
508 B 186ms
185ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/kgjQ5O-t8XhTyGxopBTSRVKzs4aX6QpRTPuAjUTN0Mh6UDpeWXoKh3iH8BNycB46hAUYkhrajpw6tr2YUNSXHg=w16

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7bad46290d447513e770a1ef73b7eef8d918e203b12de0dcaf962ec9ea630fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 414
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Jan 2024 17:23:23 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 124ms
40ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:20:12 GMT
content-encoding: gzip
server: Google Frontend
age: 191
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: d4bd187cde81fcc59e3b789e66e3fa8e
cache-control: public, max-age=300
content-length: 5417
expires: Tue, 09 Jan 2024 17:25:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Jan 2024 17:23:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54366
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: pzQZnJlKdAtIud6O7h5/S5A5S9xbDozclMakj8Czfpox1fT8KVswFbvk/sY7Z2u56yRqm66cBp33urK45+3bTw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 70ms
14ms Script
application/javascript 108.138.34.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.34.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-34-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 16:36:06 GMT
content-encoding: gzip
via: 1.1 3fbcd51d3039c17ef404823aaeb1f66c.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 2838
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: D_etKXjdwmlk-ODLKTIRsVTcVgMHY-7eIFHnZHaY08m0kl9KiknEgQ==

GET
H/1.1 200
OK 362843894 Show response
player.vimeo.com/video/ Frame A42C 20 KB
10 KB 494ms
458ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/362843894

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

070884a1fa40f4d6639c51caba3ab4e6d0184965aecfdfb0d6bd4ef8595b6155

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security.tumolofinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 842e5e262a6537fb-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Jan 2024 17:23:23 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230028-FRA
X-Timer: S1704821003.246488,VS0,VE420
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-54df66444b-wtmzp
x-content-type-options: nosniff
x-host: player-backend-54df66444b-wtmzp
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H2 200 tRaiETqnLgj758hTBazgd9CtyzhFcbPoDustZqz0RO8253YxBHQZZE9SLvinXFW3.js Show response
widget.surveymonkey.com/collect/website/js/ 58 KB
14 KB 120ms
37ms Script
application/javascript 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd9CtyzhFcbPoDustZqz0RO8253YxBHQZZE9SLvinXFW3.js

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

e1bfa7a12ba064c0d672c7fcb64b1af219675546830ab05e7f26f6d4f757001f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com https://.crazyegg.com wss://.hotjar.com wss://.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://ajax.googleapis.com https://bat.bing.com https://.crazyegg.com https://static.hotjar.com https://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' https://secure.surveymonkey.com 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 10:55:42 GMT
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com https://*.crazyegg.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://ajax.googleapis.com https://bat.bing.com https://*.crazyegg.com https://static.hotjar.com https://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' https://secure.surveymonkey.com 'self';
x-content-type-options: nosniff
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 23261
x-cache: Hit from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
sm-request-id: EU23wm-RyPWdCW80FsMOYKAdqooTkh4OFN6G53BC1qI6saCabltp5w==
x-xss-protection: 1;mode=block
server: nginx
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Server-Timing
x-amz-cf-id: _hye2n9sPw_1R6Qx6VWyBzeBZ2rxB5yan-LAyBuR6Lrr4RtnTukMWQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

embed Show response
www.google.com/maps/ Frame 34D7
Redirect Chain

https://maps.google.com/maps?q=339%20Flanders%20Rd.%20%20East%20Lyme%2C%20CT%2006333&t=&z=15&ie=UTF8&iwloc=&output=embed
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s339+Flanders+Rd.++East+Lyme,+CT+06333!6i15

2 KB
1 KB

625ms
515ms

Document
text/html

2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s339+Flanders+Rd.++East+Lyme,+CT+06333!6i15

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

6b6f431f89279b9fff2feba2c2273c063d40ffdd530da86716ae638dfb44f4f6

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-NavrIZH4T4QFcshj9xicZg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security.tumolofinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 945
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-NavrIZH4T4QFcshj9xicZg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Tue, 09 Jan 2024 17:23:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 09 Jan 2024 17:23:23 GMT
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s339+Flanders+Rd.++East+Lyme,+CT+06333!6i15
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w16
lh3.googleusercontent.com/ 1 KB
1 KB 342ms
342ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w16

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cad509336f8eb04dfaf47fc91cc88c8d1a1646f2f4f9c2c0ca79ee1dd05d45e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1144
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Jan 2024 17:23:23 GMT

GET
H2 200 2sHRaUCIRMMdnR4ODsGma1t81PW8gHDQB_ohEZNEuyLVmFDf2skXgtTlL9WzKYeKO1-fPgA5NvjedId7BXblwQ=w16
lh3.googleusercontent.com/ 380 B
443 B 360ms
360ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/2sHRaUCIRMMdnR4ODsGma1t81PW8gHDQB_ohEZNEuyLVmFDf2skXgtTlL9WzKYeKO1-fPgA5NvjedId7BXblwQ=w16

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

decdf198c825c817443bd2299df3947f0e64a5faf578c11819208c204b73ac71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 380
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Jan 2024 17:23:23 GMT

GET
H2 200 oY4pObgXizsVJFYW6otJPzxqi5lG3cnDFr53elk_LPzXpkw1Y2Actkd0wS0zdkbW7wwyyNZyHWuIx9NIIHYS=w16
lh3.googleusercontent.com/ 335 B
397 B 336ms
336ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/oY4pObgXizsVJFYW6otJPzxqi5lG3cnDFr53elk_LPzXpkw1Y2Actkd0wS0zdkbW7wwyyNZyHWuIx9NIIHYS=w16

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e532a65de40f24689fd0bb8ca1bd8ddd401bdfb0c6987bcbf1ef2fae1e9dcd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
expires: Wed, 10 Jan 2024 17:23:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 173ms
64ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Playfair%20Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://security.tumolofinancialpresents.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 348242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 161ms
52ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Playfair%20Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://security.tumolofinancialpresents.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:47:28 GMT
x-content-type-options: nosniff
age: 30955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:47:28 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 219ms
110ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Playfair%20Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://security.tumolofinancialpresents.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:49:47 GMT
x-content-type-options: nosniff
age: 30816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:49:47 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
71 KB 38ms
23ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin: https://security.tumolofinancialpresents.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1076
cdn-cachedat: 10/31/2023 18:59:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 55b1df4e5c85b5429cbda8fd632b1868
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 842e5e261b46360c-FRA
cdn-requestpullsuccess: True

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 37 KB
37 KB 265ms
161ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Playfair%20Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://security.tumolofinancialpresents.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 02:38:10 GMT
x-content-type-options: nosniff
age: 53113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37964
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:43:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 02:38:10 GMT

GET
H2 200 rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w1600
lh3.googleusercontent.com/ 55 KB
55 KB 456ms
456ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w1600

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0a57ed751b6fed5edb4970e00fd96d001170bca7761f4b3e6cb9db4b5088c4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56395
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Jan 2024 17:23:23 GMT

GET
H2 200 1100035103528503 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 172ms
171ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1100035103528503?v=2.9.139&r=stable&domain=security.tumolofinancialpresents.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

235c464f4682249272c0911bef42465c771b516890fee9135742717a8a3bf594

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Jan 2024 17:23:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: k5H3FNYXnmxkCqompKnMALTOcIu8WXq32WNmSqta2tUIeNDR5sdVl0cSn4cMVmY7gvJ2ZPWhAcQwPapP+nSdJA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 128 B
762 B 448ms
421ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fsecurity.tumolofinancialpresents.com%2F&s=142977

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c610485b34da42edfe3dd95de3cd150158393e71403e357d8d6454b3e30b435

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://security.tumolofinancialpresents.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1E57ZlYXiXH0kR%2FCAPf8ni%2BtqKUlyIGcVNdzGXXch4ZoC4ax%2FCf8CkLZKBwpRiMgJKr3gCOf5ppMkpjj5ZCMoWudhtlWuSwnL9DR7iC%2F4HLAHbSEDPAse%2FFxutaLjGvEc%2F9PtqpYw1jEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 842e5e268b63bbd3-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 jquery.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame AD85 276 KB
83 KB 162ms
52ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js

Requested by

Host: widget.surveymonkey.com
URL: https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd9CtyzhFcbPoDustZqz0RO8253YxBHQZZE9SLvinXFW3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84371
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:36:24 GMT

GET
H2 200 cookie.js Show response
widget.surveymonkey.com/collect/website/js/ Frame AD85 23 B
892 B 35ms
35ms Script
application/javascript 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.surveymonkey.com/collect/website/js/cookie.js?_=1704821003309

Requested by

Host: widget.surveymonkey.com
URL: https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd9CtyzhFcbPoDustZqz0RO8253YxBHQZZE9SLvinXFW3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

69f31566d58ee19706a2f8e1ba4f1df5152d2112b2e3da32bea647b846d4409d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://secure.surveymonkey.com 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 01:41:24 GMT
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://secure.surveymonkey.com 'self';
x-content-type-options: nosniff
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 574919
x-cache: Hit from cloudfront
sm-request-id: DUgzR2osCt13Tzr6s8VWiITpXhi9pzD9ijRTN7aq0PWw0HAhVL7sNA==
content-length: 23
x-xss-protection: 1;mode=block
server: nginx
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Server-Timing
x-amz-cf-id: no4tY9yYEi_fcLV9v-lEfHRm_8AutFPAuJjSJ5pv9kVWVYawvYjMhQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 102A 4 KB
2 KB 174ms
174ms Document
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://security.tumolofinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Tue, 09 Jan 2024 17:23:23 GMT
etag: "OMWYXg"
expires: Tue, 09 Jan 2024 17:28:23 GMT
server: Google Frontend
x-cloud-trace-context: 7679326e9de84013fc14d65d0e5b72c4

GET
H2 200 / Show response
advisorsdigitaledgeondemand.lpages.co/serve-leadbox/KZGkEXQpREacnvcfsTapa9/ Frame 8918 171 KB
41 KB 588ms
334ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/KZGkEXQpREacnvcfsTapa9/

Requested by

Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

2425e35be17ed400d5350d172fd40f2ff1c430e5a2a5ac09df4311e22438ed6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://security.tumolofinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 09 Jan 2024 17:23:23 GMT
etag: W/"db376f56cac7081f0fee70516f751839"
last-modified: Fri, 30 Jul 2021 17:31:49 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, MISS

GET
H2 200 / Show response
advisorsdigitaledgeondemand.lpages.co/serve-leadbox/EbzSbJNedvFsMVG9P9AMRX/ Frame 2E0D 171 KB
41 KB 519ms
266ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/EbzSbJNedvFsMVG9P9AMRX/

Requested by

Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

0771e205a4f4c65c3f7f25f13fdb6590213125085f342121fc4a105a1c05b571

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://security.tumolofinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 09 Jan 2024 17:23:23 GMT
etag: W/"f8a30905ae70d1546712a4e91fa01fee"
last-modified: Fri, 30 Jul 2021 17:31:49 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, MISS

GET
H2 200 / Show response
advisorsdigitaledgeondemand.lpages.co/serve-leadbox/b8UMoaDHDEU8bMauT8iegH/ Frame 9ECE 139 KB
31 KB 587ms
334ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/b8UMoaDHDEU8bMauT8iegH/

Requested by

Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

6fa6eb18297b44f6bcb59f1225c5f381ab69df19b2567431533d3582cbb833e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://security.tumolofinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 09 Jan 2024 17:23:23 GMT
etag: W/"7988e025987aa32ed48e5aa4a5e7f817"
last-modified: Fri, 30 Jul 2021 17:31:51 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, MISS

GET
H2 200 z65ODKPTAq9arDfTXKDuUmRFDDaQO3oO-9XoFVxRDv2iabviDNwdIfjuKKZQwJZdE5hx-Rg4DYXwqGHlEZZCoN0=w504
lh3.googleusercontent.com/ 62 KB
62 KB 65ms
64ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/z65ODKPTAq9arDfTXKDuUmRFDDaQO3oO-9XoFVxRDv2iabviDNwdIfjuKKZQwJZdE5hx-Rg4DYXwqGHlEZZCoN0=w504

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6149b70cba7097f94cc8ae7410bdfc27cb8cb2013dc2d45b2e0fc3d9cb72ee7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63876
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Jan 2024 17:23:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1100035103528503&ev=PageView&dl=https%3A%2F%2Fsecurity.tumolofinancialpresents.com%2F&rl=&if=false&ts=1704821003418&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704821003417.1319155558&ler=empty&it=1704821003233&coo=false&rqm=GET

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 Jan 2024 17:23:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 160ms
51ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134632641-38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 15:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5706
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jan 2024 17:48:17 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
699 B 375ms
125ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=tZFpFoGEj8LZUbUr8n7GXA&v=&e=&st=&lc=en-US&pid=XconNq4pRssvjbVJsMkWfU-default-prop&uid=pbGmZa24ohDBddRK7ChrrA&sid=hy3u5QfyXf9XhdgEvYeLyk&cid=lp-tZFpFoGEj8LZUbUr8n7GXA&uri=https%3A%2F%2Fsecurity.tumolofinancialpresents.com%2F&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 17:23:23 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: https://security.tumolofinancialpresents.com
X-Forwarded-For: 185.213.155.161
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00kdie71sjaqgccs97v0

GET
H/1.1 200
OK QYD9FJJ Show response
www.surveymonkey.com/r/ Frame E8B4 19 KB
7 KB 550ms
495ms Document
text/html 108.138.26.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.26.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-26-89.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9e4f67adf7496aaf1366578a2acd6e127bb567cc81c165209eb5f689e9ddf8f4

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com https://.crazyegg.com wss://.hotjar.com wss://.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://ajax.googleapis.com https://bat.bing.com https://.crazyegg.com https://static.hotjar.com https://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' https://resources.surveymonkey.com 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://security.tumolofinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Expose-Headers: Server-Timing
Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com https://*.crazyegg.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://ajax.googleapis.com https://bat.bing.com https://*.crazyegg.com https://static.hotjar.com https://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' https://resources.surveymonkey.com 'self';
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Jan 2024 17:23:24 GMT
Referrer-Policy: strict-origin-when-cross-origin
RexR-Request: current:dc0a808e23d32f3a5da7be3e4ffc3944:1704821004.068:308
SL_notranslate: 1
SM-Request-ID: ib5JwK8vMZHI6epGRSq35xW-1ByAwzMOTz3els658RPsNL0VNw01VQ==
Server: nginx
Server-Timing: traceparent;desc="00-0658dce769da497e949ccd3f3719f0dd-3b2e77f0fd6e89c1-01"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ib5JwK8vMZHI6epGRSq35xW-1ByAwzMOTz3els658RPsNL0VNw01VQ==
X-Amz-Cf-Pop: FRA56-P7
X-Cache: Miss from cloudfront
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache

GET
H2 200 sm-logo-white-145x30.png
prod.smassets.net/assets/responseweb/responseweb/1.0.0/assets/images/website/ 3 KB
4 KB 57ms
47ms Image
image/png 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.smassets.net/assets/responseweb/responseweb/1.0.0/assets/images/website/sm-logo-white-145x30.png

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1c58037ead33b7767b627378c7061beabe6450ed0a08fd1cd2b0369e007b97de

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:15:56 GMT
x-amz-version-id: 3LiSJL0OvfSra5xGqMof9ilPkKfQjiOV
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: P0033PA6E276XMK3
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 29248
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 2854
x-amz-id-2: E4rwwHJULiqi6eTWA7JqOfZmvcc1u7RPWh2mLkPVU24hRsOitlckizHz1kw7kSJYjDbhCuvliMk=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 Jan 2024 20:44:27 GMT
server: AmazonS3
etag: "9d57e9461ad2ac8de31e5323afcca9f8"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7884000, public
accept-ranges: bytes
x-amz-cf-id: GY_WCjZMLq_8TmBdvZWJpg1ZwOgS49oENJgH24BJ95WVvuyP_fZMAA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
220 B 58ms
58ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1894376199&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity.tumolofinancialpresents.com%2F&ul=en-us&de=UTF-8&dt=Social%20Security%20OnDemand%20Seminar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=520449372&gjid=1896029501&cid=901307130.1704821004&tid=UA-134632641-38&_gid=1095969404.1704821004&_r=1&gtm=457e4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=480828766

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security.tumolofinancialpresents.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://security.tumolofinancialpresents.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.26.18/js/ Frame A42C 547 KB
132 KB 36ms
14ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.26.18/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/362843894
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 430aa7fd68c515728c0a2010f5fddeb454bbc846e0e4ce81a33a161e04d17206

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100048-IAD, cache-fra-eddf8230100-FRA
date: Tue, 09 Jan 2024 17:23:23 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 75913
x-timer: S1704821004.706247,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 135142
x-cache-hits: 8, 146

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.26.18/js/ Frame A42C 410 KB
99 KB 28ms
7ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.26.18/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/362843894
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f477d2e30c1494c5cb6e57291171f9094efb5c770ff54d3f69c9b173eab69d46

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100138-IAD, cache-fra-eddf8230100-FRA
date: Tue, 09 Jan 2024 17:23:23 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 75913
x-timer: S1704821004.706129,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101214
x-cache-hits: 8, 29465

GET
H2 200 player.css
f.vimeocdn.com/p/4.26.18/css/ Frame A42C 208 KB
22 KB 27ms
6ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.26.18/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/362843894
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319e1809d25f5dee3aca275dfa32f58e9d71105aec58e1c8cc182240c2a0d4da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100090-IAD, cache-fra-eddf8230128-FRA
date: Tue, 09 Jan 2024 17:23:23 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 75913
x-timer: S1704821004.705398,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 22005
x-cache-hits: 7, 29568

GET
H2 200 818552760-41ed8e5951dc0ae3cbfe7893c284a46993436fa2665459301ff051110109c142-d
i.vimeocdn.com/video/ Frame A42C 1 KB
2 KB 235ms
193ms Image
image/avif 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/818552760-41ed8e5951dc0ae3cbfe7893c284a46993436fa2665459301ff051110109c142-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/362843894
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e79f03d2bce49cbdeab9b9f3602ec898b27b1dcc45f38b8f8116e731ee2405a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 75247
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 1345
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210059-DFW, cache-fra-eddf8230090-FRA
x-timer: S1704821004.731144,VS0,VE186
etag: "368f026cceb5faf4c883d9380848a120"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 6, 0

GET
H3 200 rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w1600
lh3.googleusercontent.com/ 55 KB
55 KB 52ms
51ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w1600

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0a57ed751b6fed5edb4970e00fd96d001170bca7761f4b3e6cb9db4b5088c4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56395
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Jan 2024 17:23:23 GMT

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame A42C 2 KB
1 KB 10ms
10ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/362843894
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230128-FRA
date: Tue, 09 Jan 2024 17:23:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1600617
x-timer: S1704821004.794440,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 4, 141390

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A42C 4 KB
2 KB 168ms
59ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.18/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 17:23:23 GMT

GET
H2 200 818552760-41ed8e5951dc0ae3cbfe7893c284a46993436fa2665459301ff051110109c142-d
i.vimeocdn.com/video/ Frame A42C 49 KB
49 KB 150ms
150ms Image
image/avif 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/818552760-41ed8e5951dc0ae3cbfe7893c284a46993436fa2665459301ff051110109c142-d?mw=1100&mh=619
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/362843894
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f0cfda542221293deb87eb81cfd2599f78f86672e4c28b36a8066a7e9826f88b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 75247
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 50178
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210069-DFW, cache-fra-eddf8230090-FRA
x-timer: S1704821004.811676,VS0,VE133
etag: "f9d0151efb598e592c7d8a8ab2a0c3f4"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 3, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame A42C 0
142 B 158ms
111ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=fe7e75f8ac98713b0d89ec26d3a20935e8c4c8731704821003
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.18/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 09 Jan 2024 17:23:23 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame A42C 0
926 B 193ms
148ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=fe7e75f8ac98713b0d89ec26d3a20935e8c4c8731704821003

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 09 Jan 2024 05:23:23 GMT
Date: Tue, 09 Jan 2024 17:23:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kiad7000037-IAD, cache-fra-eddf8230051-FRA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1704821004.877684,VS0,VE115
x-backend-proxy: webproxy17
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-67dd657b44-hc9sk
Accept-Ranges: bytes
CF-RAY: 842e5e2a2fe43635-FRA
X-Cache-Hits: 0, 0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
461 B 338ms
114ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=85qBFxZNe4H6FTYEK2WgDQ&kind=text,text,text,text,timer,counter,text&label=lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=KZGkEXQpREacnvcfsTapa9,KZGkEXQpREacnvcfsTapa9,EbzSbJNedvFsMVG9P9AMRX,KZGkEXQpREacnvcfsTapa9,349.80000019073486,1,b8UMoaDHDEU8bMauT8iegH
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 17:23:24 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://security.tumolofinancialpresents.com
X-Forwarded-For: 185.213.155.161
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00kdie9mpmqf59n812ig

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ Frame 2E0D 28 KB
7 KB 26ms
25ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/EbzSbJNedvFsMVG9P9AMRX/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 3664088
cdn-cachedat: 2021-06-08 21:31:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5bb5196854d77b3b0bd1d55200ac7249
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 842e5e2aae1539d4-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ Frame 2E0D 13 KB
942 B 61ms
61ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair%20Display:300,400,500,700|Roboto:300,400,500,700|Roboto:300,400,500,700

Requested by

Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/EbzSbJNedvFsMVG9P9AMRX/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71fc1cb5000d7c977317152f834714cc11702a3d0b8eed8ec6eb70a722fe1a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 17:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 17:23:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 17:23:23 GMT

GET
H3 200 kgjQ5O-t8XhTyGxopBTSRVKzs4aX6QpRTPuAjUTN0Mh6UDpeWXoKh3iH8BNycB46hAUYkhrajpw6tr2YUNSXHg=w16
lh3.googleusercontent.com/ Frame 2E0D 414 B
439 B 51ms
51ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/kgjQ5O-t8XhTyGxopBTSRVKzs4aX6QpRTPuAjUTN0Mh6UDpeWXoKh3iH8BNycB46hAUYkhrajpw6tr2YUNSXHg=w16

Requested by

Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/EbzSbJNedvFsMVG9P9AMRX/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7bad46290d447513e770a1ef73b7eef8d918e203b12de0dcaf962ec9ea630fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 414
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Jan 2024 17:23:23 GMT

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame A42C 35 KB
12 KB 80ms
78ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Tue, 09 Jan 2024 17:23:24 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame A42C 50 KB
15 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 15:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 10 Jan 2024 15:03:34 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame 2E0D 12 KB
5 KB 37ms
37ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/EbzSbJNedvFsMVG9P9AMRX/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:20:59 GMT
content-encoding: gzip
server: Google Frontend
age: 145
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 667f449720a988789c79ec91cc5ba8c8
cache-control: public, max-age=300
content-length: 5417
expires: Tue, 09 Jan 2024 17:25:59 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ Frame 8918 28 KB
7 KB 17ms
16ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/KZGkEXQpREacnvcfsTapa9/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1047
age: 3669667
cdn-cachedat: 11/11/2022 02:14:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4083f5d376eb849a458cc790b53ba080"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 601a9a422917d5011204b75b2a4627c5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 842e5e2b2c1691f9-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ Frame 8918 13 KB
988 B 61ms
60ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair%20Display:300,400,500,700|Roboto:300,400,500,700|Roboto:300,400,500,700

Requested by

Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/KZGkEXQpREacnvcfsTapa9/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71fc1cb5000d7c977317152f834714cc11702a3d0b8eed8ec6eb70a722fe1a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 17:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 17:23:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 17:23:24 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 34D7 180 KB
62 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s339+Flanders+Rd.++East+Lyme,+CT+06333!6i15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

495d3261edbfdc222412c9b56eac684de220c2fe2dc17c7d8382d58638057f26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63333
x-xss-protection: 0

GET
H2 200 identify.html Show response
js.center.io/ Frame 1071 4 KB
2 KB 38ms
38ms Document
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://advisorsdigitaledgeondemand.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 161
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Tue, 09 Jan 2024 17:20:43 GMT
etag: "OMWYXg"
expires: Tue, 09 Jan 2024 17:25:43 GMT
server: Google Frontend
x-cloud-trace-context: c7ef22fd58d228bed2d4427bd1bbf4bf

GET
H3 200 pbe-TVR-AlWSbxphx891yeBi5Cq5-gX_41V1TJCtUba7l8xQv5LT_LnFATxta5z8TN5ngLLFypd1Vrn-lIkKTw=w16
lh3.googleusercontent.com/ Frame 8918 4 KB
4 KB 173ms
173ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pbe-TVR-AlWSbxphx891yeBi5Cq5-gX_41V1TJCtUba7l8xQv5LT_LnFATxta5z8TN5ngLLFypd1Vrn-lIkKTw=w16

Requested by

Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/KZGkEXQpREacnvcfsTapa9/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

05ac4a68b1573d18f1a648e0d50cda6627b2d5ca1ecd44a8e359aa718cdac47c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:24 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3708
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Jan 2024 17:23:24 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame 8918 12 KB
5 KB 177ms
177ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/KZGkEXQpREacnvcfsTapa9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:24 GMT
content-encoding: gzip
server: Google Frontend
age: 0
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: a23228dbb7c0878e786a1a91cdf9652f
cache-control: public, max-age=300
content-length: 5417
expires: Tue, 09 Jan 2024 17:28:24 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ Frame 9ECE 28 KB
7 KB 14ms
14ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/b8UMoaDHDEU8bMauT8iegH/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1047
age: 3669667
cdn-cachedat: 11/11/2022 02:14:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4083f5d376eb849a458cc790b53ba080"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 601a9a422917d5011204b75b2a4627c5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 842e5e2bdc9591f9-FRA
cdn-requestpullsuccess: True

GET
H3 200 css
fonts.googleapis.com/ Frame 9ECE 8 KB
750 B 60ms
60ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/b8UMoaDHDEU8bMauT8iegH/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 17:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 16:49:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 17:23:24 GMT

GET
H3 200 pbe-TVR-AlWSbxphx891yeBi5Cq5-gX_41V1TJCtUba7l8xQv5LT_LnFATxta5z8TN5ngLLFypd1Vrn-lIkKTw=w16
lh3.googleusercontent.com/ Frame 9ECE 4 KB
4 KB 121ms
121ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pbe-TVR-AlWSbxphx891yeBi5Cq5-gX_41V1TJCtUba7l8xQv5LT_LnFATxta5z8TN5ngLLFypd1Vrn-lIkKTw=w16

Requested by

Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/b8UMoaDHDEU8bMauT8iegH/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

05ac4a68b1573d18f1a648e0d50cda6627b2d5ca1ecd44a8e359aa718cdac47c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:24 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3708
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Jan 2024 17:23:24 GMT

GET
H2 200 responseweb-base-bundle-min.27b93cc2.css
prod.smassets.net/assets/responseweb/ Frame E8B4 62 KB
8 KB 59ms
58ms Stylesheet
text/css 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.27b93cc2.css

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

704dc7c75b580953710c22720a7d6196ca037e1993e0d554562fe604ab1fcf0d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: Ipkk1Sy6P6uas4aSwsHRUUiRUFVQOZeO
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 03:52:20 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: 98T4GAMA1HTQ0TXE
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 48752
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: nBYxoyreHIPruKcyqwyh/AvLftMQiLPPnN9MnhSRQmnMyl7JUwaSFbZdttPKdNhCmbVdaFXfIY52vZ4QeFULjw==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Dec 2023 17:15:59 GMT
server: AmazonS3
etag: W/"27b93cc22cc051196700ea011c39e36d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: 3n9d_2YSHcxfW7ZPEke-kyQ6lhTb5w10SilDQ9zJ2UDah5DRRXGC-g==

GET
H2 200 smlib.surveytemplates-survey_page-bundle-min.93645c97.css
prod.smassets.net/assets/responseweb/ Frame E8B4 89 KB
13 KB 39ms
37ms Stylesheet
text/css 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-survey_page-bundle-min.93645c97.css

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

33c134e8157068dee2f585a20d927bea4a3342eaddc9dc3ed9edf3050fcc9e9c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 3XPwAH7Hgz8pX197ZptOPX0mxC0Rl97L
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 03:06:37 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: 169K6C4CQ5VZRGH7
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 51679
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: u2IPN/z6N0VpJ8MdwmWyAq0wtl8Q1bLS9b51famFlS4lSOwtZgbHT2EQ4ATq74LiiLQudmgM+zrzPXaBJumgeQ==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Dec 2023 17:16:01 GMT
server: AmazonS3
etag: W/"93645c97968ad820c248e2e13993f1c9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: hOhsPE_OR1zjiB1N2tcn6PkCdcPeFzQMeVFfycnMsqgMMPU3jnNFGw==

GET
H2 200 4.7.0_6403437_palette-6_15887933-7CFD-4DE1-A619-C83F48E3F860.css
secure.surveymonkey.com/r/themes/ Frame E8B4 26 KB
5 KB 262ms
229ms Stylesheet
text/css 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.surveymonkey.com/r/themes/4.7.0_6403437_palette-6_15887933-7CFD-4DE1-A619-C83F48E3F860.css
Requested by: Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-3.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 878d75dabfa3ff567a15f1de118afb653b4c56113f506ce5c1303f58b5fab4ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:24 GMT
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P4
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css; charset=UTF-8
access-control-expose-headers: Server-Timing
cache-control: max-age=3600
sm-request-id: JB3kYqFLOywwnIipRbWV_FQNaUoPtO6vMihe3OF0-BP0G640kdn5dQ==
server-timing: traceparent;desc="00-ef7b5799c5c47747ecc26fab5badc31f-50c6a95f6060997c-01"
x-amz-cf-id: JB3kYqFLOywwnIipRbWV_FQNaUoPtO6vMihe3OF0-BP0G640kdn5dQ==

GET
H2 200 wds-react.min.css
cdn.smassets.net/assets/wds/4_20_2/wds-react/ Frame E8B4 127 KB
15 KB 82ms
72ms Stylesheet
text/css 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.smassets.net/assets/wds/4_20_2/wds-react/wds-react.min.css

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e515bb968d71ad7c7d3d7d0207798342e1ccc3a81c0c86dd9a46cf770e1e793a

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: uuS3rJ8lpzOfMrSciOuzwH9Tk1993xne
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 05:18:19 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: EWC9H07ZSNHMGYK1
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 44303
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: pakRazSLxzFcA19QRW6NFCTz/D1bARyQiOOR7MrgtNrpUH7qYmCeG9U4Ylu2eArPV72Tp/MKqK1BYzVuldyK3g==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 17 Nov 2020 13:22:33 GMT
server: AmazonS3
etag: W/"319c4184e0e815aaae848111368f49e6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: QMZnkHAk2xp2wPhG5V3XJ63hAPkgyf-6YCLutXff15no6UBPpYNi_Q==

GET
H2 200 responseweb-responsewebPkgs-bundle-min.614c8463.css
prod.smassets.net/assets/responseweb/ Frame E8B4 5 KB
2 KB 63ms
62ms Stylesheet
text/css 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-responsewebPkgs-bundle-min.614c8463.css

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6e24336b2c46212f552712f9388860eb4d01f99c94614919d30c03df806b5899

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: sBUVUyF9PdSI6sMpj7YhEkcvTCFi6bih
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 04:47:52 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: CYH91R3R18BGRPZ0
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 47677
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: sk6XnZ7NvkD9NhiaNtHCOlLVk1JJ2KKb2ZJCm3yQydmViILYLb+caRyojHN7n23YdmQrae2LVWM=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Dec 2023 17:16:00 GMT
server: AmazonS3
etag: W/"614c8463ea474a81e0f9592f3c4fe62b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: eMx-qYK68MTeFwX7f0jgcSUafgfG2wqRRPeLNzMtQyYonW8Esw-rQw==

GET
H2 200 responseweb-version-bundle-min.5a1733bc.css
prod.smassets.net/assets/responseweb/ Frame E8B4 11 KB
3 KB 61ms
60ms Stylesheet
text/css 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-version-bundle-min.5a1733bc.css

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

63f142c7ed7eb20faf91e3887f8abb696900f6f386b767c2cf09146bb53cb9ab

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: BqCo2NvO.GB.LfkTLafRxJ8gEqdLVF5S
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 05:44:19 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: G9AKTCF80HENE5XS
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 42476
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: q0PvYKtaTiNwznNa5IUR8HCip13824bB97qjMDBmi5JbaFouabESU18gG6HDKJMNpW9wTSK4tuM=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Dec 2023 17:16:32 GMT
server: AmazonS3
etag: W/"5a1733bcb6e5b00dee4304cd2ae82501"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: WklfoLGrXqFdCgZpuaQk3DIMNgWvm3k8mWfHL8i57ZZeYmDh8rPWIQ==

GET
H2 200 responseweb-jquery-bundle-min.a17eeae3.js Show response
prod.smassets.net/assets/responseweb/ Frame E8B4 103 KB
34 KB 63ms
63ms Script
application/javascript 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-jquery-bundle-min.a17eeae3.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6345ede1de8ae9ec09a174bedb7158651b5045415c20c38d8a135f8c382557f8

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 3xZzT.aqTxU7tM2ZK5_p0vFEQjMurQm1
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 03:34:30 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: FDR3TA6JE14NDCE6
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 49941
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: HxLFT2shNN4dmWWcjJHLi0CXmaaF1NA+iN210tNhZtHXPUcL/q16uVRtaJdv1niK38D3R1l2tr0=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Dec 2023 17:16:41 GMT
server: AmazonS3
etag: W/"a17eeae3257239c918edea1e7466d0d2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: 7MxfHLByWyGjqBT4--pin9gQ4fJBqqKE__KoEwbEmk0FvQYh9_85fQ==

GET
H2 200 responseweb-response-bundle-min.c3e9f76b.js Show response
prod.smassets.net/assets/responseweb/ Frame E8B4 123 KB
30 KB 52ms
51ms Script
application/javascript 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-response-bundle-min.c3e9f76b.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b7fe5841015b15f241e0796d7735714d0826b410db79b9d2a5579f0af1c6aeb5

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:22:43 GMT
x-amz-version-id: TKIh1BZR91e0uAQ9tqC2TDjkRf00qniW
content-encoding: br
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: AZFJCAECXVKWWNK5
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 43242
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: osTMhJzhuaRlDK/60NZ4+P43awnipG+5jzFZcLRRCCeiSpC3xvTAmRw3V4sABfMCXeXMdV+w1rfJJw/Y7E22JQ==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 Jan 2024 20:44:08 GMT
server: AmazonS3
etag: W/"c3e9f76b29140bb2b01db75f263f0bc4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: DeC-7do8PaDmFzcxA79YJfkMjg8KoNmz-rQWijqVS0R9TfOv0qbn5Q==

GET
H2 200 smlib.surveytemplates-sm-react-bundle-min.a68d6acc.js Show response
prod.smassets.net/assets/responseweb/ Frame E8B4 127 KB
39 KB 33ms
33ms Script
application/javascript 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-sm-react-bundle-min.a68d6acc.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

77e870dd37a97aff3ff09ba46e00f023cda7fce3e4791e3103d4e5b401009333

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: eqxIvw4lLEsAhneDi6qI9RbDT5.aMx0z
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 01:45:45 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: 171SGQ71D8NTJDEW
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 57401
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: DlkZWUWCXlFKIwU5HJrJXYF12LAgx9CFLplRYSxzvXnjcZreGv9vJgl2srkzGVWM3SXrVn39UuvVD+VX8OLf7Q==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Dec 2023 17:15:54 GMT
server: AmazonS3
etag: W/"a68d6acc0c7f3de0989f242559189c1d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: 25QJaFa0VJ2SQQ9TfFSjhF0QyWL-mqoHx8pRdpzrHnWMncvIlK_2Rg==

GET
H2 200 smlib.surveytemplates-sm-polyfill-bundle-min.ef0f0b28.js Show response
prod.smassets.net/assets/responseweb/ Frame E8B4 94 KB
32 KB 77ms
77ms Script
application/javascript 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-sm-polyfill-bundle-min.ef0f0b28.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5aefcc68ff56d078478fc4e14f24140c2eba2bfa03f79ac7c8897a1a4b67e1c4

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: HsIPkSDme_JKJndhB35B_JL8UgWuj51I
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 05:05:39 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: 543YW0V9Z4CGQ704
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 44303
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: nahzObvKeCbSWTJrkNwMuwQSP3DeE9Q0TnI/CABz6ktxBG46fYVPUryQ3VRGaIbeMZR0ZqqALAE=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Dec 2023 17:16:20 GMT
server: AmazonS3
etag: W/"ef0f0b28d8e5bad7258b80dfb3cc6019"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: c4rUV1oN3vV1DyaYs-BEBzYyaFih5dea-beD9zhf-alGsrGKCrKNYA==

GET
H2 200 responseweb-responsewebPkgs_hybrid-bundle-min.f4686e00.js Show response
prod.smassets.net/assets/responseweb/ Frame E8B4 7 MB
1 MB 45ms
45ms Script
application/javascript 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-responsewebPkgs_hybrid-bundle-min.f4686e00.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9914b1bbfad1ee275a03009aa484a034cb10427be6c0536bccfdcb94098e044f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 5pb70KVtPOa5ocg1OpwIR.bxZkdEYEVU
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 01:34:54 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: 9TYX1HVWD6FSZPJK
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 57292
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: NbsuCBR07QjewVQQy5dze4W/IA5mUWTKiG+o/NpoZHfM5+IeegLiR+wIoiqh8VjiIbFSNgc6oHxKKmCkVNguMg==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Jan 2024 18:07:24 GMT
server: AmazonS3
etag: W/"f4686e00bd0fdf5d6de8b63ac7294b0d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: TLX60OY3RlccGkJGcZ56u5-3Mg_21gvLlqb7qSubLEicT2GeqDF0Aw==

GET
H2 200 responseweb-ui_bundle-bundle-min.a165823c.js Show response
prod.smassets.net/assets/responseweb/ Frame E8B4 25 KB
9 KB 61ms
61ms Script
application/javascript 18.173.187.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-ui_bundle-bundle-min.a165823c.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-3.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

46363740103d99445256b74206aa302ba5f543ade69ac31901e2e7647878ec33

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: vuHcLjM.OM90L4uGHBA50B71QGNIkyCM
content-encoding: br
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 23:51:59 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: Y4HB4YYZ90T28J81
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 63876
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: D9yPdfAtuGiqY2CDJ8gfm+Y6MZ81CUGy6r98U4DOGltIw9Bl3O+WAsHseuATtpbeSlJOi+aDiJk=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Dec 2023 17:16:31 GMT
server: AmazonS3
etag: W/"a165823ce19e210d098673cd3a500be3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: OVZwCObOvWZ9hNR2d7uV_o7PcPwibDGpW1iWb10fiqzdI684YS_b3Q==

GET
H2 200 splunk-otel-web.js Show response
cdn.signalfx.com/o11y-gdi-rum/latest/ Frame E8B4 166 KB
41 KB 56ms
16ms Script
application/javascript 108.138.36.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Requested by: Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-19.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17b2a47720dd8abed7db78358e56d8b6fd5063cc18d9badafb8fd1cd49c14311

Request headers

Referer: https://www.surveymonkey.com/
Origin: https://www.surveymonkey.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:16:42 GMT
content-encoding: gzip
via: 1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 17 Oct 2023 13:52:35 GMT
server: AmazonS3
etag: W/"60d22480807c67256f4d1487eaf26779"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: iecShZouEqHzf29USckBlkbE4nq5g29XaBW7RAtzt0JKNs2pr-Rw9g==

GET
H2 200 center.js Show response
js.center.io/ Frame 9ECE 12 KB
5 KB 38ms
37ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: advisorsdigitaledgeondemand.lpages.co
URL: https://advisorsdigitaledgeondemand.lpages.co/serve-leadbox/b8UMoaDHDEU8bMauT8iegH/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:22:03 GMT
content-encoding: gzip
server: Google Frontend
age: 81
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 0300e5f038b316c0cb9f027a000fa4f4
cache-control: public, max-age=300
content-length: 5417
expires: Tue, 09 Jan 2024 17:27:03 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 34D7 3 B
46 B 180ms
75ms XHR
application/json 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/55/4/intl/de_ALL/ Frame 34D7 227 KB
60 KB 162ms
52ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/55/4/intl/de_ALL/init_embed.js

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s339+Flanders+Rd.++East+Lyme,+CT+06333!6i15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e44b1e10d5b08a731a655ceaa4c7a48b1b5656bc0188e5ca66bec93f6719b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61185
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:56:09 GMT

GET
H2 200 National2Web-Light.woff2
prod.smassets.net/assets/responseweb/smlib.ui/5.4.0/assets/fonts/ Frame E8B4 35 KB
36 KB 78ms
50ms Font
application/font-woff2 18.173.187.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/smlib.ui/5.4.0/assets/fonts/National2Web-Light.woff2

Requested by

Host: prod.smassets.net
URL: https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.27b93cc2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-76.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8924a5e7cde8b8cfd7fb9b9540e794993ba9dcbbc371ce9ca7c91924ef2d73b1

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.27b93cc2.css
Origin: https://www.surveymonkey.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: Ilozep5gB24JAvwOKqk_tOjxoaYy3vcu
date: Tue, 09 Jan 2024 02:20:39 GMT
via: 1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: CHWSM06HC3XWZCNB
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 54166
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 35935
x-amz-id-2: K45EOEcoEkP5ms3UEsFWvJgYCDHJlpGan72GEZPMQrJgefgotePHX4GUtT7tS+XvFz1MIs9Lnr4=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Dec 2023 17:16:06 GMT
server: AmazonS3
etag: "e55198d6fcd57630f0617639e2f6da90"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=7884000, public
accept-ranges: bytes
x-amz-cf-id: 4_l98tYiHwzNjLw7KS36vgCQ10OZWEodwNeiTZ5e9J2uhLDYoNpNQw==

GET
H2 200 National2Web-Regular.woff2
prod.smassets.net/assets/responseweb/smlib.ui/5.4.0/assets/fonts/ Frame E8B4 34 KB
35 KB 65ms
38ms Font
application/font-woff2 18.173.187.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/smlib.ui/5.4.0/assets/fonts/National2Web-Regular.woff2

Requested by

Host: prod.smassets.net
URL: https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.27b93cc2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-76.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c7e022d03458278aabb7ce6892ddeef5736041de037d0d64adedc2eb1d82850b

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.27b93cc2.css
Origin: https://www.surveymonkey.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: UbrsWvw5BPlAwTPzrf3NZ.45fvIAmek5
date: Tue, 09 Jan 2024 17:01:31 GMT
via: 1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 5GRM66Q2MQX0594S
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 3942
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 34775
x-amz-id-2: q8Iw+oI/krNsI9MIK9sCKsdI27jvGOIQiiZf40Sg98v/LEtOFgMcykhuHuzeUTgO1Hdr86Feb3haBhbiuqICYQ==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Dec 2023 17:16:05 GMT
server: AmazonS3
etag: "13244bd99451605c61b32c9617162c1f"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=7884000, public
accept-ranges: bytes
x-amz-cf-id: QtU8mfuTkLX6_D6fD8j9zjuQnCC2i0H9Pd4xMpUyHEtuC7YATyN7cw==

GET
H2 200 Mateo.4.woff2
cdn.smassets.net/assets/wds/4_20_1/wds-core/icons/ Frame E8B4 23 KB
24 KB 63ms
35ms Font
application/font-woff2 18.173.187.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.smassets.net/assets/wds/4_20_1/wds-core/icons/Mateo.4.woff2

Requested by

Host: cdn.smassets.net
URL: https://cdn.smassets.net/assets/wds/4_20_2/wds-react/wds-react.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-76.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9a1c20619f7207113a221fa91bf8c4c7c676facf10cbfce20f614a9b6cf6411e

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.smassets.net/assets/wds/4_20_2/wds-react/wds-react.min.css
Origin: https://www.surveymonkey.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 5vKIe7wZf5LV4.sfKzaBSRGPfwMFPNpW
date: Tue, 09 Jan 2024 02:00:40 GMT
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 5GRY8A9RRN9WKHXA
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
age: 55365
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 23544
x-amz-id-2: DTsmRb0xg6BrJEGi/9/dy+h3sTeXG/hHUeaNQLKe4ULEfkzl/2B8D3uy10FbACflP9iEsNXNY5V3YAE/xkgHTQ==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 17 Nov 2020 13:22:47 GMT
server: AmazonS3
etag: "ce580ef65226ee5f53cef201183bc464"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=7884000, public
accept-ranges: bytes
x-amz-cf-id: Ltpy1bi5aMBfVpqa3a_X5uHYPLFUdnwfqvyILfTViQDFT22UFS5X-g==

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/ Frame 34D7 256 KB
56 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3daaf758d40f1432a0dcfa5c8e2a97266c130a9b2c0788a8b1e28b3add4597a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:53:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57681
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:53:44 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/ Frame 34D7 174 KB
54 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

045637e2a04f41a74b2a44ee4556803352cb2f5a620bfeae853cf2ce0259646d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 06:55:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55191
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 06:55:38 GMT

GET
H3 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/ Frame 34D7 71 KB
23 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d82b7cfddfe0fe2719d8084c3f8c5372a34d5cb1013205cb9e4162ae10dd13e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:57:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23959
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:57:36 GMT

GET
H3 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/ Frame 34D7 3 KB
1 KB 112ms
112ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1519b8403301122e84803656e3e66ba9cc3590df61b39923d5ca6cd58c43835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:14:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1271
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 09:14:36 GMT

GET
DATA 200
OK truncated
/ Frame 34D7 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 34D7 26 KB
26 KB 173ms
173ms Image
image/png 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i2511501&2i3133614&2e1&3u15&4m2&1u454&2u350&5m5&1e0&5sde-DE&6sus&10b1&12b1&client=google-maps-embed&token=73483

Requested by

Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0c1d2f183e435436deb64d6f70e2a6b876bf8fdbd9e9c9b70692af20a23d2137

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:24 GMT
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26585
x-xss-protection: 0
expires: Wed, 10 Jan 2024 17:23:24 GMT

GET
H3 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/ Frame 34D7 26 KB
9 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45114cc33da9f31c26f6021ec1479c3a55a942a4e0c8cb69f3499d64103acdc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8898
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 23:37:35 GMT

GET
H3 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/ Frame 34D7 3 KB
1 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5295c8c57fc3c8ca0a70799e282dc2fa5f618a127430fb6fc7baa82418dff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1253
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 04:19:14 GMT

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
357 B 114ms
114ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,282,223,546,106,551,758,759,2139,2139
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 17:23:24 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 185.213.155.161
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00kdiedjqlme4s4u3smg

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 78 KB
24 KB 100ms
14ms Script
text/javascript 2600:9000:20c3:1800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: security.tumolofinancialpresents.com
URL: https://security.tumolofinancialpresents.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5757919a4e6623b4c33cfbbc112ee0856c0deaa9dc2cd8117b790029379d22e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

X-Amz-Version-Id: GHW0HtBOUQ7Lsy.Fo2fnDwEffdyaEoEX
Content-Encoding: gzip
Via: 1.1 7e5808188f3301eda7b952b4c6dfa208.cloudfront.net (CloudFront)
Date: Tue, 09 Jan 2024 16:50:01 GMT
Age: 2021
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 08 Jan 2024 17:24:54 GMT
Server: AmazonS3
Etag: W/"3d54f81ae35f9b5b77abb27910ab6cbb"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: kQCjr-X23onWyBOdfX6YTke9FzgTrUvlbls-sRXobc8xakVwu3ztLA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

16ms
15ms

Script
application/javascript

2600:9000:20c3:1800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:20c3:1800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Mon, 08 Jan 2024 19:28:24 GMT
Via: 1.1 6f5ba49c3df973a476d63dbb743d9b22.cloudfront.net (CloudFront)
Age: 79241
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: iTL4mCs6UbW8lB0jXcTA51wShZVnouCZW9wHxKXVCVh-mVFXIi2NfQ==

Redirect headers

Date: Tue, 09 Jan 2024 10:54:47 GMT
Via: 1.1 7e5808188f3301eda7b952b4c6dfa208.cloudfront.net (CloudFront)
Age: 23317
X-Amz-Cf-Pop: MUC50-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: vUsBnCKanMzGfJUkFiF288NfBqe4MD5nO4vad-HqNfnbPuKF5z-uCA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/ 0
805 B 645ms
622ms Script
text/javascript 2600:9000:20c3:1800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

X-Amz-Version-Id: yVOlT3sNHwiJ8FulkJrbosCOy7dVd9dx
Date: Tue, 09 Jan 2024 17:23:26 GMT
Via: 1.1 7e5808188f3301eda7b952b4c6dfa208.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Mon, 08 Jan 2024 12:13:16 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: G3UzfdTl7crs4pTIbJRB6ZIPw08prXN4babPJM0vwu6BA2DcrFoCYw==

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
461 B 198ms
198ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=85qBFxZNe4H6FTYEK2WgDQ&kind=timer,timer,timer&label=lb_embed_leadbox_load,lb_embed_leadbox_load,lb_embed_leadbox_load&value=773.5,890.9000000953674,905.1999998092651
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 17:23:24 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://security.tumolofinancialpresents.com
X-Forwarded-For: 185.213.155.161
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00kdieev81t5q018b3dg

GET
H2 200 I7EKOA5TM5B6XKPNWFBKWV Show response
d.adroll.com/consent/check/ 492 B
585 B 119ms
32ms Script
application/javascript 2a05:d018:cc3:fe05:c127:3ec0:be55:3e79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/I7EKOA5TM5B6XKPNWFBKWV?pv=93803935180.36526&arrfrr=https%3A%2F%2Fsecurity.tumolofinancialpresents.com%2F&_s=168c126ae4aca241abcbbdf5d4f5eb87&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:c127:3ec0:be55:3e79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 016c7607984f3de37579137f756ca4b1627a971aea7603a6a01fe799467cb9a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:23:24 GMT
server: nginx/1.22.1
content-length: 492
content-type: application/javascript

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
461 B 114ms
114ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=5GGM9gCvRbT3Q88XFfmhvb&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=129.19999980926514,183.30000019073486,1,376.40000009536743
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://security.tumolofinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 17:23:27 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://security.tumolofinancialpresents.com
X-Forwarded-For: 185.213.155.161
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00kdif79ui1hqa220270

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame 2E0D 35 B
462 B 114ms
114ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=2VJubuULCfmT82uRQiuPdy&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=42.700000286102295,84.09999990463257,1
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 17:23:28 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://advisorsdigitaledgeondemand.lpages.co
X-Forwarded-For: 185.213.155.161
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00kdif9aatat88187svg

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame 9ECE 35 B
462 B 123ms
114ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=f7FEQsnwaUPeHaccCuRheF&origin=center-js&kind=counter,timer&label=ident-cache,load-center&value=1,42
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 17:23:28 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://advisorsdigitaledgeondemand.lpages.co
X-Forwarded-For: 185.213.155.161
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00kdifa6rh494f5k31kg

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame 8918 35 B
462 B 214ms
113ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=eRBiMHz4RdN6mPHna4Pahw&origin=center-js&kind=counter,timer&label=ident-cache,load-center&value=1,182
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advisorsdigitaledgeondemand.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 17:23:28 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://advisorsdigitaledgeondemand.lpages.co
X-Forwarded-For: 185.213.155.161
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00kdifb3s884mlr661i0

POST rum
rum-ingest.us1.signalfx.com/v1/ Frame E8B4 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rum-ingest.us1.signalfx.com
URL: https://rum-ingest.us1.signalfx.com/v1/rum?auth=mraJVpj9b-cLoWVsAhGzew

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 17:35:07	Name: view.XconNq4pRssvjbVJsMkWfU-default-prop.tZFpFoGEj8LZUbUr8n7GXA Value: 1704821004000
.tumolofinancialpresents.com/	1970-01-20 19:43:17	Name: _fbp Value: fb.1.1704821003417.1319155558
js.center.io/	1970-01-21 03:09:41	Name: centerVisitorId Value: pbGmZa24ohDBddRK7ChrrA
security.tumolofinancialpresents.com/	1969-12-31 23:59:59	Name: smcx_247236058_last_shown_at Value: 1704821003605
.tumolofinancialpresents.com/	1970-01-21 03:09:41	Name: _ga Value: GA1.2.901307130.1704821004
.tumolofinancialpresents.com/	1970-01-20 17:35:07	Name: _gid Value: GA1.2.1095969404.1704821004
.tumolofinancialpresents.com/	1970-01-20 17:33:41	Name: _gat_gtag_UA_134632641_38 Value: 1
.vimeo.com/	1970-01-20 17:33:42	Name: __cf_bm Value: jdZ1AaVHXDrdYqUelCNcEIjI8ijHgJnxOPCDIfAzwYQ-1704821003-1-AQy0N6Om8kjWktd8HYqap/Mn/oKRDR6WMU1gh6hDjklLCtVjkSNTWFax0/HfM8A5VP3HTdPRX2pRqyzz04GZZSk=
.vimeo.com/	1970-01-21 03:09:41	Name: vuid Value: pl1602952366.887684604
.surveymonkey.com/	1970-01-21 02:19:17	Name: CX_247236058 Value: 1704821003995647:270004034:247236058:created
.surveymonkey.com/	1969-12-31 23:59:59	Name: apex__sm Value: BETMwqBbuFd93xvSgSAom8gkfs4T8JHRHDCLRLuHROMQTt95_2F07lBLpSHmkmopWl1aB0HIcxMCtr1ox8AE_2Bos9ziNMnP4ezS13AjtlolU2c_3D
.surveymonkey.com/	1969-12-31 23:59:59	Name: auth Value: _2FGIbuSsCFRAqyYMWPQy8XJf9_2FKu5y1hersTfPgqAmwHuBlDReLEKWv6MeCzSgQqf2mjPrf_2FklN1h_2B2WXoFWodFIuvVs4MRTOrt4G_2FGLXgDLuRAL88JydmuDC2RI6s0mbvOoPxPZv7145E_2BTxH0831g_3D_3D
.surveymonkey.com/	1970-01-20 17:33:42	Name: ep201 Value: "aP2I+/o21RXrSbrxocZlROdmCP8="
.surveymonkey.com/	1970-01-20 19:43:17	Name: ep203 Value: "mH5iXNRwdGx48SboduBijOGbCts="
.surveymonkey.com/	1969-12-31 23:59:59	Name: sm_rec Value: UserID=1&Username=&PackageID=1&LanguageID=1
www.surveymonkey.com/	1970-01-20 17:33:41	Name: _splunk_rum_sid Value: %7B%22id%22%3A%22163ea328e11178e5b73e12c1d474d461%22%2C%22startTime%22%3A1704821004500%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://security.tumolofinancialpresents.com/(Line 133) Message: Allow attribute will take precedence over 'allowfullscreen'.
other	warning	URL: https://connect.facebook.net/signals/config/1100035103528503?v=2.9.139&r=stable&domain=security.tumolofinancialpresents.com(Line 127) Message: Unrecognized feature: 'attribution-reporting'.
security	warning	URL: https://www.surveymonkey.com/r/QYD9FJJ?embedded=1(Line 109) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

advisorsdigitaledgeondemand.lpages.co
ajax.googleapis.com
api.leadpages.io
cdn.signalfx.com
cdn.smassets.net
connect.facebook.net
d.adroll.com
d10lpsik1i8c69.cloudfront.net
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
js.center.io
lh3.googleusercontent.com
maps.google.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
player.vimeo.com
prod.smassets.net
rum-ingest.us1.signalfx.com
s.adroll.com
secure.surveymonkey.com
security.tumolofinancialpresents.com
settings.luckyorange.net
static.leadpages.net
vimeo.com
widget.surveymonkey.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.surveymonkey.com
rum-ingest.us1.signalfx.com
108.138.26.89
108.138.34.174
108.138.36.19
146.75.118.109
151.101.0.217
162.159.138.60
172.67.75.100
18.173.187.3
18.173.187.76
2001:4860:4802:38::15
2600:9000:20c3:1800:6:9280:1080:93a1
2606:4700::6812:bcf
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:cc3:fe05:c127:3ec0:be55:3e79
34.107.203.240
34.120.202.204
35.192.151.63
35.202.21.90
0033d7cc9bfa8c9cc6c80c3dd4f0a4dea8130e914e3dcebae600c04782189e2c
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
016c7607984f3de37579137f756ca4b1627a971aea7603a6a01fe799467cb9a6
045637e2a04f41a74b2a44ee4556803352cb2f5a620bfeae853cf2ce0259646d
05ac4a68b1573d18f1a648e0d50cda6627b2d5ca1ecd44a8e359aa718cdac47c
070884a1fa40f4d6639c51caba3ab4e6d0184965aecfdfb0d6bd4ef8595b6155
0771e205a4f4c65c3f7f25f13fdb6590213125085f342121fc4a105a1c05b571
0a57ed751b6fed5edb4970e00fd96d001170bca7761f4b3e6cb9db4b5088c4d9
0c1d2f183e435436deb64d6f70e2a6b876bf8fdbd9e9c9b70692af20a23d2137
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
17b2a47720dd8abed7db78358e56d8b6fd5063cc18d9badafb8fd1cd49c14311
1c58037ead33b7767b627378c7061beabe6450ed0a08fd1cd2b0369e007b97de
1c610485b34da42edfe3dd95de3cd150158393e71403e357d8d6454b3e30b435
235c464f4682249272c0911bef42465c771b516890fee9135742717a8a3bf594
2425e35be17ed400d5350d172fd40f2ff1c430e5a2a5ac09df4311e22438ed6f
2e44b1e10d5b08a731a655ceaa4c7a48b1b5656bc0188e5ca66bec93f6719b9d
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
319e1809d25f5dee3aca275dfa32f58e9d71105aec58e1c8cc182240c2a0d4da
33c134e8157068dee2f585a20d927bea4a3342eaddc9dc3ed9edf3050fcc9e9c
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
430aa7fd68c515728c0a2010f5fddeb454bbc846e0e4ce81a33a161e04d17206
45114cc33da9f31c26f6021ec1479c3a55a942a4e0c8cb69f3499d64103acdc0
46363740103d99445256b74206aa302ba5f543ade69ac31901e2e7647878ec33
495d3261edbfdc222412c9b56eac684de220c2fe2dc17c7d8382d58638057f26
5558fe20d3a09475ee6c28d846beede6ba2b7bc4c9e456acfcc4414d0847d9c1
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
5757919a4e6623b4c33cfbbc112ee0856c0deaa9dc2cd8117b790029379d22e4
5a07869b4a988f69779c6a8138265ed72626dec1db42c7864e821e6fec1c8fae
5aefcc68ff56d078478fc4e14f24140c2eba2bfa03f79ac7c8897a1a4b67e1c4
6149b70cba7097f94cc8ae7410bdfc27cb8cb2013dc2d45b2e0fc3d9cb72ee7b
6345ede1de8ae9ec09a174bedb7158651b5045415c20c38d8a135f8c382557f8
63f142c7ed7eb20faf91e3887f8abb696900f6f386b767c2cf09146bb53cb9ab
69f31566d58ee19706a2f8e1ba4f1df5152d2112b2e3da32bea647b846d4409d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6f431f89279b9fff2feba2c2273c063d40ffdd530da86716ae638dfb44f4f6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e24336b2c46212f552712f9388860eb4d01f99c94614919d30c03df806b5899
6fa6eb18297b44f6bcb59f1225c5f381ab69df19b2567431533d3582cbb833e0
704dc7c75b580953710c22720a7d6196ca037e1993e0d554562fe604ab1fcf0d
71fc1cb5000d7c977317152f834714cc11702a3d0b8eed8ec6eb70a722fe1a22
757b52cddbf665cd40625461e49d89b01fbce69169bcf95389fe72e1217db4a1
77e870dd37a97aff3ff09ba46e00f023cda7fce3e4791e3103d4e5b401009333
7bad46290d447513e770a1ef73b7eef8d918e203b12de0dcaf962ec9ea630fa2
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
878d75dabfa3ff567a15f1de118afb653b4c56113f506ce5c1303f58b5fab4ef
8924a5e7cde8b8cfd7fb9b9540e794993ba9dcbbc371ce9ca7c91924ef2d73b1
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8e532a65de40f24689fd0bb8ca1bd8ddd401bdfb0c6987bcbf1ef2fae1e9dcd2
916d8c34d4eb25b28a6418328131ee9473400214a5660cb1f385674851f12c64
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9914b1bbfad1ee275a03009aa484a034cb10427be6c0536bccfdcb94098e044f
9a1c20619f7207113a221fa91bf8c4c7c676facf10cbfce20f614a9b6cf6411e
9e4f67adf7496aaf1366578a2acd6e127bb567cc81c165209eb5f689e9ddf8f4
a1519b8403301122e84803656e3e66ba9cc3590df61b39923d5ca6cd58c43835
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
b3daaf758d40f1432a0dcfa5c8e2a97266c130a9b2c0788a8b1e28b3add4597a
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
b7fe5841015b15f241e0796d7735714d0826b410db79b9d2a5579f0af1c6aeb5
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c7e022d03458278aabb7ce6892ddeef5736041de037d0d64adedc2eb1d82850b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cad509336f8eb04dfaf47fc91cc88c8d1a1646f2f4f9c2c0ca79ee1dd05d45e7
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
d82b7cfddfe0fe2719d8084c3f8c5372a34d5cb1013205cb9e4162ae10dd13e2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decdf198c825c817443bd2299df3947f0e64a5faf578c11819208c204b73ac71
e1bfa7a12ba064c0d672c7fcb64b1af219675546830ab05e7f26f6d4f757001f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e515bb968d71ad7c7d3d7d0207798342e1ccc3a81c0c86dd9a46cf770e1e793a
e79f03d2bce49cbdeab9b9f3602ec898b27b1dcc45f38b8f8116e731ee2405a4
edbe109fbe75383e0e266a4544ecacf49e4515ae27938140a7d03a0e28c9d9e3
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f0cfda542221293deb87eb81cfd2599f78f86672e4c28b36a8066a7e9826f88b
f477d2e30c1494c5cb6e57291171f9094efb5c770ff54d3f69c9b173eab69d46
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd5295c8c57fc3c8ca0a70799e282dc2fa5f618a127430fb6fc7baa82418dff1

security.tumolofinancialpresents.com Open in urlscan Pro 35.202.21.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

98 %HTTPS

57 %IPv6

22 Domains

35 Subdomains

30 IPs

4 Countries

3232 kBTransfer

12846 kBSize

16 Cookies

2 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

security.tumolofinancialpresents.com Open in urlscan Pro
35.202.21.90 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

98 %
HTTPS

57 %
IPv6

22
Domains

35
Subdomains

30
IPs

4
Countries

3232 kB
Transfer

12846 kB
Size

16
Cookies

102 HTTP transactions
1 data transactions