2e3bc6226b.nxcli.io Open in urlscan Pro
173.249.147.209  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

• https://goodman.egia.org/wp-content/themes/egiadefault2019/img/OPTIMUS_Logo_white.svg HTTP 301
• https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/OPTIMUS_Logo_white.svg

Request Chain 20

• https://goodman.egia.org/wp-content/themes/egiadefault2019/img/calculatorHeader.jpg HTTP 301
• https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/calculatorHeader.jpg

Request Chain 21

• https://goodman.egia.org/wp-content/themes/egiadefault2019/img/3guys.jpg HTTP 301
• https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/3guys.jpg

Request Chain 22

• https://goodman.egia.org/wp-content/themes/egiadefault2019/img/hand.jpg HTTP 301
• https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/hand.jpg

Request Chain 23

• https://goodman.egia.org/wp-content/themes/egiadefault2019/img/promotions.jpg HTTP 301
• https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/promotions.jpg

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 2e3bc6226b.nxcli.io/	31 KB 8 KB	590ms 242ms	Document text/html	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash 997eee7e5177b7d61c81469eb652c03405c54e95272f153087b9835298315756 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-encoding gzip content-length 7787 content-type text/html; charset=UTF-8 date Wed, 20 Nov 2024 02:18:25 GMT link <https://2e3bc6226b.nxcli.io/wp-json/>; rel="https://api.w.org/", <https://2e3bc6226b.nxcli.io/wp-json/wp/v2/pages/6>; rel="alternate"; title="JSON"; type="application/json", <https://2e3bc6226b.nxcli.io/>; rel=shortlink referrer-policy server nginx vary X-Forwarded-Proto,Accept-Encoding x-cache-nxaccel BYPASS
GET H2	200	js Show response www.googletagmanager.com/gtag/	223 KB 80 KB	73ms 28ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-155885727-1 Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3e048c7d2e771637b95a43a53b9ef7cd111589800f689ad87a4460450e72999a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 20 Nov 2024 02:18:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 20 Nov 2024 02:18:26 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 20 Nov 2024 00:50:50 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 81598 x-xss-protection 0 server Google Tag Manager
GET H2	200	grid.css 2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/css/	14 KB 2 KB	187ms 179ms	Stylesheet text/css	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/css/grid.css Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash ea61d39869b5058f6c9183f33ab7386f08a6f05e05da0c7c732fe0d4893326d4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control max-age=31536000 content-encoding gzip x-cache-nxaccel MISS etag "3989-590838cfc1700-gzip" referrer-policy expires Thu, 20 Nov 2025 02:18:26 GMT accept-ranges bytes content-length 2089 date Wed, 20 Nov 2024 02:18:26 GMT content-type text/css vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Tue, 20 Aug 2019 02:52:44 GMT
GET H2	200	styles.css 2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/css/	30 KB 6 KB	203ms 196ms	Stylesheet text/css	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/css/styles.css Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash 69b7868e5b85a0fc5ee375f40a3dd1603c6bbac1a2575538747432da04c6603c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control max-age=31536000 content-encoding gzip x-cache-nxaccel MISS etag "781e-61b173edafa40-gzip" referrer-policy expires Thu, 20 Nov 2025 02:18:26 GMT accept-ranges bytes content-length 6434 date Wed, 20 Nov 2024 02:18:26 GMT content-type text/css vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Mon, 17 Jun 2024 15:01:53 GMT
GET H2	200	css fonts.googleapis.com/	12 KB 1 KB	226ms 15ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 41b8e4e3780edc3faba1e862c17c1163e92787a7326a60984278c32be0670f9b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 20 Nov 2024 02:18:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 20 Nov 2024 02:18:26 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 20 Nov 2024 02:18:26 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	all.css use.fontawesome.com/releases/v5.5.0/css/	50 KB 12 KB	384ms 173ms	Stylesheet text/css	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.5.0/css/all.css Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://2e3bc6226b.nxcli.io Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control max-age=31556926 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"1cc6c92172d124fbd305ba3d8e263333" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=medf5g5y74S%2Fv0L6TKmM8VOyLLneVXF71QCPUHNxSpKie7%2FWy1Cd%2B8KEqsZrFYdX%2Bk8sEhncQC%2FBHPKR4tKw1kjqm1GG%2BWrpm5ySw78ALPJBjzVCQNJTaAX7wXgBhqYHEGr5X9aCxn%2BlCFYO7n6MmpRb"}],"group":"cf-nel","max_age":604800} cf-ray 8e54f309a8fa65d2-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=6072&sent=7&recv=13&lost=0&retrans=0&sent_bytes=4032&recv_bytes=2266&delivery_rate=699438&cwnd=255&unsent_bytes=0&cid=551742bafc40a870&ts=355&x=0" date Wed, 20 Nov 2024 02:18:26 GMT content-type text/css last-modified Fri, 22 Sep 2023 01:45:37 GMT vary Origin, Accept-Encoding server cloudflare
GET H2	200	icon fonts.googleapis.com/	569 B 417 B	225ms 16ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 20 Nov 2024 02:18:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 20 Nov 2024 02:18:26 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 20 Nov 2024 02:18:26 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	jquery.js Show response 2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/js/	86 KB 30 KB	216ms 210ms	Script application/x-javascript	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/js/jquery.js Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control max-age=31536000 content-encoding gzip x-cache-nxaccel MISS etag "15850-5a2a18e37a8c0-gzip" referrer-policy expires Thu, 20 Nov 2025 02:18:26 GMT accept-ranges bytes content-length 30675 date Wed, 20 Nov 2024 02:18:26 GMT content-type application/x-javascript vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Mon, 06 Apr 2020 16:14:03 GMT
GET H2	200	scripts.js Show response 2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/js/	380 B 410 B	186ms 180ms	Script application/x-javascript	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/js/scripts.js Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash a121a25ec2013397adecf109544916de755fd82fa76ab884e499002ea088417d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control max-age=31536000 content-encoding gzip x-cache-nxaccel MISS etag "17c-590e5962d1240-gzip" referrer-policy expires Thu, 20 Nov 2025 02:18:26 GMT accept-ranges bytes content-length 244 date Wed, 20 Nov 2024 02:18:26 GMT content-type application/x-javascript vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Sat, 24 Aug 2019 23:50:25 GMT
GET H2	200	style.min.css 2e3bc6226b.nxcli.io/wp-includes/css/dist/block-library/	112 KB 15 KB	401ms 396ms	Stylesheet text/css	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/wp-includes/css/dist/block-library/style.min.css?ver=6.7 Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash 3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers x-nocache 1 cache-control max-age=31536000 content-encoding gzip etag "1c012-6274a6710f780-gzip" referrer-policy expires Thu, 20 Nov 2025 02:18:26 GMT accept-ranges bytes content-length 15177 date Wed, 20 Nov 2024 02:18:26 GMT content-type text/css vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Tue, 19 Nov 2024 21:06:10 GMT
GET H2	200	style.css 2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/	354 B 328 B	241ms 234ms	Stylesheet text/css	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/style.css?ver=6.7 Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash 7664c0896fd8743215c2527fd286078bdc4117bb10e939e26a4556830ecfc23d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control max-age=31536000 content-encoding gzip x-cache-nxaccel MISS etag "162-590838d762900-gzip" referrer-policy expires Thu, 20 Nov 2025 02:18:26 GMT accept-ranges bytes content-length 249 date Wed, 20 Nov 2024 02:18:26 GMT content-type text/css vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Tue, 20 Aug 2019 02:52:52 GMT
GET H2	200	styles.css 2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/css/	30 KB 6 KB	248ms 243ms	Stylesheet text/css	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/css/styles.css?ver=1.0 Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash 69b7868e5b85a0fc5ee375f40a3dd1603c6bbac1a2575538747432da04c6603c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control max-age=31536000 content-encoding gzip x-cache-nxaccel MISS etag "781e-61b173edafa40-gzip" referrer-policy expires Thu, 20 Nov 2025 02:18:26 GMT accept-ranges bytes content-length 6434 date Wed, 20 Nov 2024 02:18:26 GMT content-type text/css vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Mon, 17 Jun 2024 15:01:53 GMT
GET H2	200	goodmanLogo.png media.egia.org/images_website/partner/goodman/	13 KB 13 KB	1469ms 517ms	Image image/png	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.egia.org/images_website/partner/goodman/goodmanLogo.png Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f164dc7ff7c28cb685ecac8a5e7539ef2d1b35ce79ec1af02820d37ae2a68aa7 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cf-cache-status DYNAMIC etag "5e9dfc1f-3267" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BPPqo4SsFIz0%2FMSe3bJkj85796TcBhHCre9VypbaQTk7bU6N2uwn4rZK70ZYOFrreL38aeMd34wY8Qp%2B81i6EQMpY6Yk%2Fqv2W7JUscUzhWBz4%2FvRWyc1Knc2i4o63O3"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT alt-svc h3=":443"; ma=86400 date Wed, 20 Nov 2024 02:18:27 GMT content-type image/png last-modified Mon, 20 Apr 2020 19:46:39 GMT ki-cf-cache-status BYPASS ki-origin g1p vary Accept-Encoding cache-control max-age=315360000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8e54f30f9a284db3-FRA accept-ranges bytes access-control-allow-origin * content-length 12903 ki-cache-type None ki-edge v=20.2.8;mv=3.1.6 server cloudflare
GET		OPTIMUS_Logo_white.svg optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/ Redirect Chain https://goodman.egia.org/wp-content/themes/egiadefault2019/img/OPTIMUS_Logo_white.svg https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/OPTIMUS_Logo_white.svg	0 0
GET H2	200	puzzle.jpg 2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/img/	21 KB 21 KB	416ms 412ms	Image image/jpeg	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Show image Full URL https://2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/img/puzzle.jpg Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash 3380bcc70cce65a316889ed2e4c212ddfea2556e5b3519372a903293b228c3de Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control max-age=31536000 x-cache-nxaccel MISS etag "5579-592c14ecdb200" referrer-policy expires Thu, 20 Nov 2025 02:18:26 GMT accept-ranges bytes content-length 21881 date Wed, 20 Nov 2024 02:18:26 GMT content-type image/jpeg vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Tue, 17 Sep 2019 15:23:52 GMT
GET H2	200	navigation.js Show response 2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/js/	3 KB 1 KB	417ms 413ms	Script application/x-javascript	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/js/navigation.js?ver=20151215 Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control max-age=31536000 content-encoding gzip x-cache-nxaccel MISS etag "b97-590838d29ddc0-gzip" referrer-policy expires Thu, 20 Nov 2025 02:18:26 GMT accept-ranges bytes content-length 1094 date Wed, 20 Nov 2024 02:18:26 GMT content-type application/x-javascript vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Tue, 20 Aug 2019 02:52:47 GMT
GET H2	200	skip-link-focus-fix.js Show response 2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/js/	685 B 496 B	417ms 413ms	Script application/x-javascript	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/js/skip-link-focus-fix.js?ver=20151215 Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control max-age=31536000 content-encoding gzip x-cache-nxaccel MISS etag "2ad-590838d29ddc0-gzip" referrer-policy expires Thu, 20 Nov 2025 02:18:26 GMT accept-ranges bytes content-length 417 date Wed, 20 Nov 2024 02:18:26 GMT content-type application/x-javascript vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Tue, 20 Aug 2019 02:52:47 GMT
GET H2	200	scripts.js Show response 2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/js/	380 B 276 B	416ms 413ms	Script application/x-javascript	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/wp-content/themes/egiadefault2019/js/scripts.js?ver=1.0 Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash a121a25ec2013397adecf109544916de755fd82fa76ab884e499002ea088417d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control max-age=31536000 content-encoding gzip x-cache-nxaccel MISS etag "17c-590e5962d1240-gzip" referrer-policy expires Thu, 20 Nov 2025 02:18:26 GMT accept-ranges bytes content-length 244 date Wed, 20 Nov 2024 02:18:26 GMT content-type application/x-javascript vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Sat, 24 Aug 2019 23:50:25 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	267 KB 94 KB	416ms 413ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-D37PK8ZR8C&l=dataLayer&cx=c&gtm=457e4bj0za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-155885727-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f2a549935daa2b07e187a9ad11cc3f03df54341e566eaecbf96d76abb9618d03 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 20 Nov 2024 02:18:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 20 Nov 2024 02:18:26 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 96406 x-xss-protection 0 server Google Tag Manager
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	504ms 6ms	Script text/javascript	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-155885727-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers content-encoding gzip age 5823 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Wed, 20 Nov 2024 02:41:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 20 Nov 2024 00:41:24 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
GET		18fc79b8-6e69-4fd1-97ea-4217fc081af5 https://2e3bc6226b.nxcli.io/	0 0
GET		calculatorHeader.jpg optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/ Redirect Chain https://goodman.egia.org/wp-content/themes/egiadefault2019/img/calculatorHeader.jpg https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/calculatorHeader.jpg	0 0
GET		3guys.jpg optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/ Redirect Chain https://goodman.egia.org/wp-content/themes/egiadefault2019/img/3guys.jpg https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/3guys.jpg	0 0
GET		hand.jpg optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/ Redirect Chain https://goodman.egia.org/wp-content/themes/egiadefault2019/img/hand.jpg https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/hand.jpg	0 0
GET		promotions.jpg optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/ Redirect Chain https://goodman.egia.org/wp-content/themes/egiadefault2019/img/promotions.jpg https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/promotions.jpg	0 0
GET H3	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	129ms 8ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://2e3bc6226b.nxcli.io Referer https://fonts.googleapis.com/ Response headers age 557939 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 13 Nov 2025 15:19:28 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 15:19:28 GMT last-modified Thu, 01 Aug 2024 20:41:19 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18492 x-xss-protection 0 server sffe
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	129ms 9ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://2e3bc6226b.nxcli.io Referer https://fonts.googleapis.com/ Response headers age 46785 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 19 Nov 2025 13:18:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 19 Nov 2024 13:18:42 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18536 x-xss-protection 0 server sffe
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	129ms 14ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://2e3bc6226b.nxcli.io Referer https://fonts.googleapis.com/ Response headers age 88542 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 19 Nov 2025 01:42:45 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 19 Nov 2024 01:42:45 GMT last-modified Thu, 01 Aug 2024 20:41:21 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18596 x-xss-protection 0 server sffe
POST H2	204	collect region1.google-analytics.com/g/	0 0	68ms 14ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-D37PK8ZR8C&gtm=45je4bj0v9107440629za200&_p=1732069106174&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=858274721.1732069107&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1732069107&sct=1&seg=0&dl=https%3A%2F%2F2e3bc6226b.nxcli.io%2F&dt=Goodman&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1755 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-D37PK8ZR8C&l=dataLayer&cx=c&gtm=457e4bj0za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://2e3bc6226b.nxcli.io cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 20 Nov 2024 02:18:27 GMT content-type text/plain server Golfe2
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 421 B	16ms 15ms	XHR text/plain	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1524963197&t=pageview&_s=1&dl=https%3A%2F%2F2e3bc6226b.nxcli.io%2F&ul=de-de&de=UTF-8&dt=Goodman&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=325557309&gjid=1446637119&cid=858274721.1732069107&tid=UA-155885727-1&_gid=1561001446.1732069107&_r=1&gtm=457e4bj0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&npa=1&z=867856720 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain Referer https://2e3bc6226b.nxcli.io/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 20 Nov 2024 02:18:27 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0 access-control-allow-origin https://2e3bc6226b.nxcli.io cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 1 server Golfe2
GET H2	200	wp-emoji-release.min.js Show response 2e3bc6226b.nxcli.io/wp-includes/js/	18 KB 5 KB	172ms 172ms	Script application/x-javascript	173.249.147.209 VPSDATACENTER
General Check archive.org Show headers Download Go to Full URL https://2e3bc6226b.nxcli.io/wp-includes/js/wp-emoji-release.min.js?ver=6.7 Requested by Host: 2e3bc6226b.nxcli.io URL: https://2e3bc6226b.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.249.147.209 , United States, ASN40819 (VPSDATACENTER, US), Reverse DNS cloudhost-3774014.us-west-1.nxcli.net Software nginx / Resource Hash 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers x-nocache 1 cache-control max-age=31536000 content-encoding gzip etag "4926-6274a67133d88-gzip" referrer-policy expires Thu, 20 Nov 2025 02:18:27 GMT accept-ranges bytes content-length 5062 date Wed, 20 Nov 2024 02:18:27 GMT content-type application/x-javascript vary X-Forwarded-Proto,Accept-Encoding server nginx last-modified Tue, 19 Nov 2024 21:06:10 GMT
GET H3	200	collect www.google-analytics.com/	35 B 58 B	8ms 8ms	Image image/gif	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1524963197&t=timing&_s=2&dl=https%3A%2F%2F2e3bc6226b.nxcli.io%2F&ul=de-de&de=UTF-8&dt=Goodman&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3664&pdt=89&dns=20&rrt=1&srt=239&tcp=326&dit=1617&clt=1617&_gst=886&_gbt=1760&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=858274721.1732069107&tid=UA-155885727-1&_gid=1561001446.1732069107&gtm=457e4bj0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=1&z=962063842 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers age 71627 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],} x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 19 Nov 2024 06:24:42 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 35 server Golfe2
GET H2	200	goodman_icon.png media.egia.org/images_website/partner/goodman/	763 B 1 KB	373ms 372ms	Other image/png	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.egia.org/images_website/partner/goodman/goodman_icon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ef4314cbec54662bfd089ef08a96e18253d1b310873fe11157498a0d51b634d Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://2e3bc6226b.nxcli.io/ Response headers cf-cache-status DYNAMIC etag "5e9dfc1f-2fb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rOR8MAJDRw%2FwgjX1LrMcaK9lkVw%2B5xElRvIRDX1Wr6k7H1QaClyBfjTgzExiOH8ZSYXryH%2B266PFKQp%2BUZH0OHVC0wISGrMMCjX8GlhAGpKpF92LaV18LZf%2B4V%2BGVivG"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT alt-svc h3=":443"; ma=86400 date Wed, 20 Nov 2024 02:18:29 GMT content-type image/png last-modified Mon, 20 Apr 2020 19:46:39 GMT ki-cf-cache-status BYPASS ki-origin g1p vary Accept-Encoding cache-control max-age=315360000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8e54f31bef704db3-FRA accept-ranges bytes access-control-allow-origin * content-length 763 ki-cache-type None ki-edge v=20.2.8;mv=3.1.6 server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

optimusfinancing.com

URL

https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/OPTIMUS_Logo_white.svg

Domain

2e3bc6226b.nxcli.io

URL

blob:https://2e3bc6226b.nxcli.io/18fc79b8-6e69-4fd1-97ea-4217fc081af5

Domain

optimusfinancing.com

URL

https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/calculatorHeader.jpg

Domain

optimusfinancing.com

URL

https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/3guys.jpg

Domain

optimusfinancing.com

URL

https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/hand.jpg

Domain

optimusfinancing.com

URL

https://optimusfinancing.com/financing/goodman/wp-content/themes/egiadefault2019/img/promotions.jpg

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| acc object| _wpemojiSettings object| gaGlobal object| gaplugins object| gaData object| twemoji object| wp

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nxcli.io/	1970-01-21 10:43:49	Name: _ga_D37PK8ZR8C Value: GS1.1.1732069107.1.0.1732069107.0.0.0
			.nxcli.io/	1970-01-21 10:43:49	Name: _ga Value: GA1.2.858274721.1732069107
			.nxcli.io/	1970-01-21 01:09:15	Name: _gid Value: GA1.2.1561001446.1732069107
			.nxcli.io/	1970-01-21 01:07:49	Name: _gat_gtag_UA_155885727_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2e3bc6226b.nxcli.io
fonts.googleapis.com
fonts.gstatic.com
media.egia.org
optimusfinancing.com
region1.google-analytics.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
2e3bc6226b.nxcli.io
optimusfinancing.com
162.159.135.42
173.249.147.209
2001:4860:4802:34::178
2001:4860:4802:34::36
2606:4700:3037::ac43:8ef5
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2003
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
2ef4314cbec54662bfd089ef08a96e18253d1b310873fe11157498a0d51b634d
3380bcc70cce65a316889ed2e4c212ddfea2556e5b3519372a903293b228c3de
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3e048c7d2e771637b95a43a53b9ef7cd111589800f689ad87a4460450e72999a
41b8e4e3780edc3faba1e862c17c1163e92787a7326a60984278c32be0670f9b
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
69b7868e5b85a0fc5ee375f40a3dd1603c6bbac1a2575538747432da04c6603c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7664c0896fd8743215c2527fd286078bdc4117bb10e939e26a4556830ecfc23d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
997eee7e5177b7d61c81469eb652c03405c54e95272f153087b9835298315756
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a121a25ec2013397adecf109544916de755fd82fa76ab884e499002ea088417d
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ea61d39869b5058f6c9183f33ab7386f08a6f05e05da0c7c732fe0d4893326d4
f164dc7ff7c28cb685ecac8a5e7539ef2d1b35ce79ec1af02820d37ae2a68aa7
f2a549935daa2b07e187a9ad11cc3f03df54341e566eaecbf96d76abb9618d03
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c