urlscan.io logo urlscan.io
SecurityTrails logo

thecromwellfunds.com Open in urlscan Pro
72.167.49.220  Public Scan

Go To Rescan Add Verdict Report
URL: https://thecromwellfunds.com/conference-call-replay-form
Submission: On June 01 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 38 HTTP transactions. The main IP is 72.167.49.220, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is thecromwellfunds.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 12th 2022. Valid for: 3 months.
This is the only time thecromwellfunds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 72.167.49.220 26496 (AS-26496-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 9 18.66.248.122 16509 (AMAZON-02)
1 18.66.248.68 16509 (AMAZON-02)
1 148.72.79.126 26496 (AS-26496-...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.137 54113 (FASTLY)
1 162.247.243.147 13335 (CLOUDFLAR...)
38 12
5    72.167.49.220 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-72-167-49-220.ip.secureserver.net
thecromwellfunds.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    18.66.248.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-122.dus51.r.cloudfront.net
secure.wufoo.com
static.wufoo.com
harbosidesalesgroup.wufoo.com
1    18.66.248.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-68.dus51.r.cloudfront.net
cdn.signalfx.com
1    148.72.79.126 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-148-72-79-126.ip.secureserver.net
elertfinancial.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
427 KB
9 wufoo.com
secure.wufoo.com — Cisco Umbrella Rank: 65805
static.wufoo.com — Cisco Umbrella Rank: 28636
harbosidesalesgroup.wufoo.com
458 KB
5 thecromwellfunds.com
thecromwellfunds.com
2 MB
3 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 2009
23 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
2 KB
1 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 346
964 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 347
14 KB
1 elertfinancial.com
elertfinancial.com
989 B
1 signalfx.com
cdn.signalfx.com — Cisco Umbrella Rank: 21511
34 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
43 KB
38 11
Domain Requested by
9 fonts.gstatic.com fonts.googleapis.com
www.recaptcha.net
5 thecromwellfunds.com thecromwellfunds.com
4 www.gstatic.com www.recaptcha.net
www.gstatic.com
4 harbosidesalesgroup.wufoo.com 1 redirects secure.wufoo.com
harbosidesalesgroup.wufoo.com
4 static.wufoo.com thecromwellfunds.com
harbosidesalesgroup.wufoo.com
3 www.recaptcha.net harbosidesalesgroup.wufoo.com
www.gstatic.com
www.recaptcha.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com thecromwellfunds.com
elertfinancial.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com harbosidesalesgroup.wufoo.com
1 elertfinancial.com harbosidesalesgroup.wufoo.com
1 cdn.signalfx.com harbosidesalesgroup.wufoo.com
1 secure.wufoo.com 1 redirects
1 www.googletagmanager.com thecromwellfunds.com
38 14

This site contains no links.

Subject Issuer Validity Valid
thecromwellfunds.com
cPanel, Inc. Certification Authority		 2022-05-12 -
2022-08-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
wufoo.co.uk
Amazon		 2021-07-12 -
2022-08-10		 a year crt.sh
*.signalfx.com
Go Daddy Secure Certificate Authority - G2		 2021-11-11 -
2022-12-13		 a year crt.sh
elertfinancial.com
Go Daddy Secure Certificate Authority - G2		 2021-10-20 -
2022-11-21		 a year crt.sh
misc.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 3 frames:

Primary Page: https://thecromwellfunds.com/conference-call-replay-form
Frame ID: 721156EDA1EB3BB75F4BC4407B46E87B
Requests: 16 HTTP requests in this frame

Frame: https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
Frame ID: A122211E867DF88DEED0EAA4572E97C7
Requests: 15 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeASGocAAAAADj3Vpi-QsmxJutvYUg4DQcU-MNB&co=aHR0cHM6Ly9oYXJib3NpZGVzYWxlc2dyb3VwLnd1Zm9vLmNvbTo0NDM.&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=n1brtzcfwk1p
Frame ID: 76DBEE747B7B8D8EA23C93881D1F392D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Long/Short Opportunities to Counter a Volatile Market | The Cromwell Funds

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

38
Requests

97 %
HTTPS

50 %
IPv6

11
Domains

14
Subdomains

12
IPs

2
Countries

3196 kB
Transfer

3923 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://secure.wufoo.com/scripts/embed/form.js HTTP 301
  • https://static.wufoo.com/scripts/embed/form.js
Request Chain 14
  • https://harbosidesalesgroup.wufoo.com/embed/k19cl8bt0xcos10/def/embedKey=k19cl8bt0xcos10403408&entsource=&referrer= HTTP 301
  • https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request conference-call-replay-form
thecromwellfunds.com/ 		36 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thecromwellfunds.com/conference-call-replay-form
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
72.167.49.220 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-72-167-49-220.ip.secureserver.net
Software
Apache /
Resource Hash
f81e2f22cf861368dd6e13c8eddc6dd7e6ce7bae4b731eaf63fddb1d7141fc8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Jun 2022 14:37:08 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Big+Shoulders+Text:wght@400;700;900&family=Poppins:ital,wght@0,200;0,400;0,500;0,600;0,700;1,200;1,400;1,700&display=swap
Requested by
Host: thecromwellfunds.com
URL: https://thecromwellfunds.com/conference-call-replay-form
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0490b288d00b379b48a59f078dee3442e5be061f8287101074e0c97dc98afc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thecromwellfunds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 14:37:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Jun 2022 14:37:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Jun 2022 14:37:08 GMT
app.css
thecromwellfunds.com/css/ 		219 KB
219 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thecromwellfunds.com/css/app.css?v=2.1
Requested by
Host: thecromwellfunds.com
URL: https://thecromwellfunds.com/conference-call-replay-form
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
72.167.49.220 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-72-167-49-220.ip.secureserver.net
Software
Apache /
Resource Hash
f8e388feaf239f53eb63c829838a9c377fa943cec3a1edb21d5cc573ab055858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thecromwellfunds.com/conference-call-replay-form
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:37:08 GMT
Last-Modified
Thu, 07 Apr 2022 16:42:46 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
224166
scripts.min.js
thecromwellfunds.com/js/dist/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://thecromwellfunds.com/js/dist/scripts.min.js
Requested by
Host: thecromwellfunds.com
URL: https://thecromwellfunds.com/conference-call-replay-form
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
72.167.49.220 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-72-167-49-220.ip.secureserver.net
Software
Apache /
Resource Hash
49e7157571f9d077696a5f6c57891355f480cd7095675856b2b32da245bad742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thecromwellfunds.com/conference-call-replay-form
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:37:08 GMT
Last-Modified
Thu, 07 Apr 2022 16:17:42 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1808187
gtm.js
www.googletagmanager.com/ 		114 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M4CJN7H
Requested by
Host: thecromwellfunds.com
URL: https://thecromwellfunds.com/conference-call-replay-form
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a36142cc89663cf8e5bf8b8a526ba03e1ed20c5efd2d7a08af19ccc010c97c8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thecromwellfunds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:37:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43875
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Jun 2022 14:37:08 GMT
print.css
thecromwellfunds.com/css/ 		0
239 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thecromwellfunds.com/css/print.css
Requested by
Host: thecromwellfunds.com
URL: https://thecromwellfunds.com/conference-call-replay-form
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
72.167.49.220 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-72-167-49-220.ip.secureserver.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thecromwellfunds.com/conference-call-replay-form
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:37:09 GMT
Last-Modified
Fri, 07 Jan 2022 23:39:49 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4CJN7H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thecromwellfunds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1080
date
Wed, 01 Jun 2022 14:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 01 Jun 2022 16:19:08 GMT
Marketfield.jpg
thecromwellfunds.com/images/header/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thecromwellfunds.com/images/header/Marketfield.jpg
Requested by
Host: thecromwellfunds.com
URL: https://thecromwellfunds.com/conference-call-replay-form
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
72.167.49.220 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-72-167-49-220.ip.secureserver.net
Software
Apache /
Resource Hash
df8c54ae680fd879c8eb1ba236f99be1a4f3fbc905c3958c907594f6ff509b73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thecromwellfunds.com/conference-call-replay-form
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:37:08 GMT
Last-Modified
Mon, 23 May 2022 14:42:09 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
156148
collect
www.google-analytics.com/j/ 		1 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=2056003169&t=pageview&_s=1&dl=https%3A%2F%2Fthecromwellfunds.com%2Fconference-call-replay-form&ul=en-us&de=UTF-8&dt=Long%2FShort%20Opportunities%20to%20Counter%20a%20Volatile%20Market%20%7C%20The%20Cromwell%20Funds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1201512459&gjid=1242211054&cid=2086484985.1654094229&tid=UA-222055252-1&_gid=909757165.1654094229&_r=1&gtm=2wg5p1M4CJN7H&z=303445561
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thecromwellfunds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 14:37:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thecromwellfunds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Big+Shoulders+Text:wght@400;700;900&family=Poppins:ital,wght@0,200;0,400;0,500;0,600;0,700;1,200;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thecromwellfunds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:25:00 GMT
x-content-type-options
nosniff
age
587529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 19:25:00 GMT
55xxezRtP9G3CGPIf49hxc8P0eytUxBcm4Z6.woff2
fonts.gstatic.com/s/bigshoulderstext/v15/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bigshoulderstext/v15/55xxezRtP9G3CGPIf49hxc8P0eytUxBcm4Z6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Big+Shoulders+Text:wght@400;700;900&family=Poppins:ital,wght@0,200;0,400;0,500;0,600;0,700;1,200;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c6774ec4c85208008b481297d62d602e6438e04f4a0fff23ade91c44db5237d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thecromwellfunds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:36:02 GMT
x-content-type-options
nosniff
age
586867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34512
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:10:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 19:36:02 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Big+Shoulders+Text:wght@400;700;900&family=Poppins:ital,wght@0,200;0,400;0,500;0,600;0,700;1,200;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thecromwellfunds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:25:01 GMT
x-content-type-options
nosniff
age
587528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 19:25:01 GMT
form.js
static.wufoo.com/scripts/embed/
Redirect Chain
  • https://secure.wufoo.com/scripts/embed/form.js
  • https://static.wufoo.com/scripts/embed/form.js
6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/scripts/embed/form.js
Requested by
Host: thecromwellfunds.com
URL: https://thecromwellfunds.com/conference-call-replay-form
Protocol
H2
Server
18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-122.dus51.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
95f7eb413ba818c687458b8a6726bac17b4dd7c2f0cd122e48f14e0feddec296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thecromwellfunds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:37:09 GMT
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P1
etag
45139ea7a1cf65566abba247ddf38298
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600; must-revalidate
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, x-requested-with, content-type, authorization
x-amz-cf-id
ttyhv0jgJhmfQXXNtjJ_F8QGiMljXg1SoRVlw8RhQHgUH3LscXDmIg==

Redirect headers

date
Wed, 01 Jun 2022 14:37:09 GMT
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P1
location
https://static.wufoo.com/scripts/embed/form.js
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
text/html
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-headers
origin, x-requested-with, content-type, authorization
content-length
169
x-amz-cf-id
YElkEX3635mGXUlkqteWuwMpUaEkPm9BnzTyHLi3lMI0WML9-V-INA==
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Big+Shoulders+Text:wght@400;700;900&family=Poppins:ital,wght@0,200;0,400;0,500;0,600;0,700;1,200;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thecromwellfunds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:25:01 GMT
x-content-type-options
nosniff
age
587528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8668
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 19:25:01 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Big+Shoulders+Text:wght@400;700;900&family=Poppins:ital,wght@0,200;0,400;0,500;0,600;0,700;1,200;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thecromwellfunds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:24:52 GMT
x-content-type-options
nosniff
age
587537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 19:24:52 GMT
/
harbosidesalesgroup.wufoo.com/forms/ Frame A122
Redirect Chain
  • https://harbosidesalesgroup.wufoo.com/embed/k19cl8bt0xcos10/def/embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
  • https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
40 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
Requested by
Host: secure.wufoo.com
URL: https://secure.wufoo.com/scripts/embed/form.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-122.dus51.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
06cd464464a0201eeafd6424deecde72ca5b1bae657056cc35ea84ba53446e5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thecromwellfunds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, authorization
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin
*
content-type
text/html;charset=UTF-8
date
Wed, 01 Jun 2022 14:37:11 GMT
server
nginx/1.20.1
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
x-amz-cf-id
DHLDax4glv9sqCGye3WoqG4x1velKK0Qmp7Fyo0VrbqTla-Q9_Hbew==
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront

Redirect headers

access-control-allow-headers
origin, x-requested-with, content-type, authorization
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin
*
content-length
169
content-type
text/html
date
Wed, 01 Jun 2022 14:37:10 GMT
location
https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
server
nginx/1.20.1
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
x-amz-cf-id
_0XEN0_shLG7R3_j84TpZ3PXUSTD73x0tYpSQ5fCP9FE_xdz7uKVpA==
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
splunk-otel-web.js
cdn.signalfx.com/o11y-gdi-rum/latest/ Frame A122 		142 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Requested by
Host: harbosidesalesgroup.wufoo.com
URL: https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f06092f0948ca651f2b11e594cdc56293c21d6ab8543d7095ecde7e4b4811da

Request headers

Referer
https://harbosidesalesgroup.wufoo.com/
Origin
https://harbosidesalesgroup.wufoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:37:10 GMT
content-encoding
br
age
2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 01 Jun 2022 13:04:19 GMT
server
AmazonS3
etag
W/"65e5410cf40ac38d21d724979b70bf95"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
tX766Z-lek2ctJg4f7hVIPcb63Ysy7sF3jS4fdoLFSk0Auhq05qR1g==
index.0651.css
static.wufoo.com/stylesheets/public/forms/css/ Frame A122 		46 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/stylesheets/public/forms/css/index.0651.css
Requested by
Host: harbosidesalesgroup.wufoo.com
URL: https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-122.dus51.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
ef6aa36ce177f8859b17540bb64de85942846da3e028cc684f1d962105c81c96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harbosidesalesgroup.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:37:11 GMT
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P1
etag
53faf647761b4cc6849cbd9e6432fa24
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600; must-revalidate
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, x-requested-with, content-type, authorization
x-amz-cf-id
g6soor6QbadKpqOE8EX_k9qV7QWEXTitJFh26F5XB1P7inYJbZj8aA==
theme.css
harbosidesalesgroup.wufoo.com/css/custom/32/ Frame A122 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harbosidesalesgroup.wufoo.com/css/custom/32/theme.css
Requested by
Host: harbosidesalesgroup.wufoo.com
URL: https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-122.dus51.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
8b6a97f6fe7be259b852c6f51f205236571100362abe536a8dfba18924f1c896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:37:12 GMT
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P1
etag
7998a3930672f5d1adaa69c57f3b8e0b
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600; must-revalidate
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, x-requested-with, content-type, authorization
x-amz-cf-id
RM5SlBy7y916YwBL8p2TaGtiSXD3JYa3EKDUJNE_bBW3vkFfCUCV1A==
custom-form.css
elertfinancial.com/cromwell/css/ Frame A122 		3 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://elertfinancial.com/cromwell/css/custom-form.css
Requested by
Host: harbosidesalesgroup.wufoo.com
URL: https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.72.79.126 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-148-72-79-126.ip.secureserver.net
Software
Apache /
Resource Hash
61a5eca293013272f7da4298fd7f52739e5fac57f12b8e07eb3c9b09914a1285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harbosidesalesgroup.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:37:11 GMT
content-encoding
br
last-modified
Wed, 18 May 2022 16:33:13 GMT
server
Apache
etag
"223556-c4e-5df4bd04354ed-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
850
enterprise.js
www.recaptcha.net/recaptcha/ Frame A122 		977 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=6LeASGocAAAAADj3Vpi-QsmxJutvYUg4DQcU-MNB
Requested by
Host: harbosidesalesgroup.wufoo.com
URL: https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
64af24dc3013b42335d4962ba28270fe836f9dc572497ffc2fe52470fc34d0f8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harbosidesalesgroup.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:37:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
616
x-xss-protection
1; mode=block
expires
Wed, 01 Jun 2022 14:37:11 GMT
dynamic.0651.js
static.wufoo.com/scripts/public/ Frame A122 		171 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/scripts/public/dynamic.0651.js?language=english
Requested by
Host: harbosidesalesgroup.wufoo.com
URL: https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-122.dus51.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
f8feea41477cf6c615d64e34192ca16596d8d1d4a19016c292aec5c894af2bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harbosidesalesgroup.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:37:11 GMT
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified
Thu, 26 May 2022 16:58:55GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P1
etag
c32d89a4de274240cb442fb6904c6ae0
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600; must-revalidate
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, x-requested-with, content-type, authorization
x-amz-cf-id
w9U7JeMR4ZuLeAjtA8ekAI_F7WqKkZjCcmxdqCt7Loq77XWaBaYCyQ==
redesigned-theme-2018.js
static.wufoo.com/assets/js/themes/ Frame A122 		176 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/assets/js/themes/redesigned-theme-2018.js
Requested by
Host: harbosidesalesgroup.wufoo.com
URL: https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-122.dus51.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
068d386ec5d7d0aa76fa6052c7fcba1a0f3e81b44c5c9884499ac4c0158091ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harbosidesalesgroup.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:37:11 GMT
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P1
etag
a62674a17a66eb39dcf676010d0deafb
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600; must-revalidate
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, x-requested-with, content-type, authorization
x-amz-cf-id
m_PpMfH7rIylpgHp2CPCjAb3M3rgDYG_NZV1EhDeS_Wq50BvHjdqeg==
css2
fonts.googleapis.com/ Frame A122 		3 KB
508 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Requested by
Host: elertfinancial.com
URL: https://elertfinancial.com/cromwell/css/custom-form.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce358141326f8a2cc7d363f6cc66ea5e81a6cd31aad8214885843c1c91faba54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elertfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 14:03:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Jun 2022 14:37:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Jun 2022 14:37:11 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame A122 		365 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LeASGocAAAAADj3Vpi-QsmxJutvYUg4DQcU-MNB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://harbosidesalesgroup.wufoo.com/
Origin
https://harbosidesalesgroup.wufoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 14:20:26 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame A122 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harbosidesalesgroup.wufoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:25:00 GMT
x-content-type-options
nosniff
age
587532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 19:25:00 GMT
fieldbg.gif
harbosidesalesgroup.wufoo.com/images/ Frame A122 		46 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harbosidesalesgroup.wufoo.com/images/fieldbg.gif
Requested by
Host: harbosidesalesgroup.wufoo.com
URL: https://harbosidesalesgroup.wufoo.com/css/custom/32/theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-122.dus51.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
1a108f888be23c9c00ba58170fba7d3e06dfa9149d9032d4b8e50287c9893790
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harbosidesalesgroup.wufoo.com/css/custom/32/theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:37:12 GMT
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified
Wed, 30 Sep 2020 14:15:40 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P1
etag
"5f74930c-2e"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type, authorization
content-length
46
x-amz-cf-id
1hzgBJb9-l1DpS26W0vlghtxn9_VLrXROt9OIldlWY5y119h5ycfSQ==
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame A122 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harbosidesalesgroup.wufoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:24:52 GMT
x-content-type-options
nosniff
age
587540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 19:24:52 GMT
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame 76DB 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeASGocAAAAADj3Vpi-QsmxJutvYUg4DQcU-MNB&co=aHR0cHM6Ly9oYXJib3NpZGVzYWxlc2dyb3VwLnd1Zm9vLmNvbTo0NDM.&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=n1brtzcfwk1p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
74f296bb109580b95553371f9ecaaea1ea5a3d771c178697dff26798601199b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VfzGFyU4NFVIeAtEmNT1sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://harbosidesalesgroup.wufoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21929
content-security-policy
script-src 'report-sample' 'nonce-VfzGFyU4NFVIeAtEmNT1sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 14:37:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 76DB 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeASGocAAAAADj3Vpi-QsmxJutvYUg4DQcU-MNB&co=aHR0cHM6Ly9oYXJib3NpZGVzYWxlc2dyb3VwLnd1Zm9vLmNvbTo0NDM.&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=n1brtzcfwk1p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 14:13:32 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 76DB 		365 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeASGocAAAAADj3Vpi-QsmxJutvYUg4DQcU-MNB&co=aHR0cHM6Ly9oYXJib3NpZGVzYWxlc2dyb3VwLnd1Zm9vLmNvbTo0NDM.&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=n1brtzcfwk1p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 14:20:26 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 76DB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 19:40:09 GMT
x-content-type-options
nosniff
age
500223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 02 Jun 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 76DB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeASGocAAAAADj3Vpi-QsmxJutvYUg4DQcU-MNB&co=aHR0cHM6Ly9oYXJib3NpZGVzYWxlc2dyb3VwLnd1Zm9vLmNvbTo0NDM.&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=n1brtzcfwk1p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 11:18:05 GMT
x-content-type-options
nosniff
age
98347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 31 May 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 76DB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeASGocAAAAADj3Vpi-QsmxJutvYUg4DQcU-MNB&co=aHR0cHM6Ly9oYXJib3NpZGVzYWxlc2dyb3VwLnd1Zm9vLmNvbTo0NDM.&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=n1brtzcfwk1p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 18:59:48 GMT
x-content-type-options
nosniff
age
70644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 31 May 2023 18:59:48 GMT
webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame 76DB 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeASGocAAAAADj3Vpi-QsmxJutvYUg4DQcU-MNB&co=aHR0cHM6Ly9oYXJib3NpZGVzYWxlc2dyb3VwLnd1Zm9vLmNvbTo0NDM.&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=n1brtzcfwk1p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeASGocAAAAADj3Vpi-QsmxJutvYUg4DQcU-MNB&co=aHR0cHM6Ly9oYXJib3NpZGVzYWxlc2dyb3VwLnd1Zm9vLmNvbTo0NDM.&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=n1brtzcfwk1p
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 01 Jun 2022 14:37:12 GMT
nr-1216.min.js
js-agent.newrelic.com/ Frame A122 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: harbosidesalesgroup.wufoo.com
URL: https://harbosidesalesgroup.wufoo.com/forms/?formname=k19cl8bt0xcos10&embed=1&embedKey=k19cl8bt0xcos10403408&entsource=&referrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harbosidesalesgroup.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
702BXDH9DS50TBSA
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
5vd9vstz3V3z74kfjj1dCPZWEqafZIkasHjA0BdDCJvZTnwH4UnkRjWckumVI0cOdusYAlzF0pM=
x-served-by
cache-hhn4062-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1654094233.995598,VS0,VE0
date
Wed, 01 Jun 2022 14:37:12 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4841
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2056003169&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthecromwellfunds.com%2Fconference-call-replay-form&ul=en-us&de=UTF-8&dt=Long%2FShort%20Opportunities%20to%20Counter%20a%20Volatile%20Market%20%7C%20The%20Cromwell%20Funds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fconference-call-replay-form&el=25%25&_u=aEDAAUABAAAAAC~&jid=&gjid=&cid=2086484985.1654094229&tid=UA-222055252-1&_gid=909757165.1654094229&gtm=2wg5p1M4CJN7H&z=1464916716
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thecromwellfunds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 06:32:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
29101
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1e390569c3
bam-cell.nr-data.net/1/ Frame A122 		49 B
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/1e390569c3?a=536297313&v=1216.487a282&to=YQdTbENQXUFVAUxbDFhNZEpYHlVdRg9LHQpYBlRAH1lHX1g%3D&rst=3124&ck=0&ref=https://harbosidesalesgroup.wufoo.com/forms/&ap=109&be=1631&fe=3070&dc=2448&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1654094229882,%22n%22:0,%22r%22:0,%22re%22:718,%22f%22:718,%22dn%22:718,%22dne%22:718,%22c%22:718,%22ce%22:718,%22rq%22:719,%22rp%22:1612,%22rpe%22:1620,%22dl%22:1614,%22di%22:2448,%22ds%22:2448,%22de%22:2460,%22dc%22:3069,%22l%22:3069,%22le%22:3073%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=2300&fcp=2300&at=TUBQGgtKTk8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harbosidesalesgroup.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:37:13 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Connection
keep-alive
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTGr34xRZ6vtfJYH%2FqF%2F7acE1ygg78RrCG008PNZ6QR32CeY6e9J0ORvXfzxs9n5Q8DZ13SOAxGzhaLmx4nb06ggGVi39A4Kf%2B4UlVFWsd7%2F6sLMD7MXTebzciPyvaVgG8kdKtpe"}],"group":"cf-nel","max_age":604800}
Content-Type
text/javascript
Access-Control-Allow-Origin
*
access-control-allow-credentials
true
CF-Ray
7148af9c7a819a21-FRA

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| k19cl8bt0xcos10 function| WufooForm function| __poll function| __getChildFrameHeight number| __currentHeight string| __wufooCallBackFn object| CONTOUR function| $ function| jQuery object| whatInput object| Foundation object| CoreUtils object| Box function| onImagesLoaded object| MediaQuery object| Motion object| Nest function| Timer object| Triggers function| Abide function| Accordion function| AccordionMenu function| Drilldown function| Dropdown function| DropdownMenu function| Equalizer function| Interchange function| Magellan function| OffCanvas function| Orbit function| ResponsiveMenu function| ResponsiveToggle function| Reveal function| Slider function| SmoothScroll function| Sticky function| Tabs function| Toggler function| Tooltip function| ResponsiveAccordionTabs object| default object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| Highcharts object| $nav object| $primaryLi object| $primaryA object| $menu

5 Cookies

Domain/Path Name / Value
thecromwellfunds.com/ Name: PHPSESSID
Value: 5844e71ef80c48030d229b9ef7e3a651
.thecromwellfunds.com/ Name: _ga
Value: GA1.2.2086484985.1654094229
.thecromwellfunds.com/ Name: _gid
Value: GA1.2.909757165.1654094229
.thecromwellfunds.com/ Name: _gat_UA-222055252-1
Value: 1
.wufoo.com/ Name: ep201
Value: h5maiJeEXV4IMhNmfXY3UQ+SJko=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
cdn.signalfx.com
elertfinancial.com
fonts.googleapis.com
fonts.gstatic.com
harbosidesalesgroup.wufoo.com
js-agent.newrelic.com
secure.wufoo.com
static.wufoo.com
thecromwellfunds.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
148.72.79.126
151.101.2.137
162.247.243.147
18.66.248.122
18.66.248.68
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2003
72.167.49.220
068d386ec5d7d0aa76fa6052c7fcba1a0f3e81b44c5c9884499ac4c0158091ef
06cd464464a0201eeafd6424deecde72ca5b1bae657056cc35ea84ba53446e5b
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
1a108f888be23c9c00ba58170fba7d3e06dfa9149d9032d4b8e50287c9893790
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c6774ec4c85208008b481297d62d602e6438e04f4a0fff23ade91c44db5237d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
49e7157571f9d077696a5f6c57891355f480cd7095675856b2b32da245bad742
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61a5eca293013272f7da4298fd7f52739e5fac57f12b8e07eb3c9b09914a1285
64af24dc3013b42335d4962ba28270fe836f9dc572497ffc2fe52470fc34d0f8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
74f296bb109580b95553371f9ecaaea1ea5a3d771c178697dff26798601199b0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f06092f0948ca651f2b11e594cdc56293c21d6ab8543d7095ecde7e4b4811da
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b6a97f6fe7be259b852c6f51f205236571100362abe536a8dfba18924f1c896
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95f7eb413ba818c687458b8a6726bac17b4dd7c2f0cd122e48f14e0feddec296
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a36142cc89663cf8e5bf8b8a526ba03e1ed20c5efd2d7a08af19ccc010c97c8c
b0490b288d00b379b48a59f078dee3442e5be061f8287101074e0c97dc98afc9
ce358141326f8a2cc7d363f6cc66ea5e81a6cd31aad8214885843c1c91faba54
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
df8c54ae680fd879c8eb1ba236f99be1a4f3fbc905c3958c907594f6ff509b73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef6aa36ce177f8859b17540bb64de85942846da3e028cc684f1d962105c81c96
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f81e2f22cf861368dd6e13c8eddc6dd7e6ce7bae4b731eaf63fddb1d7141fc8d
f8e388feaf239f53eb63c829838a9c377fa943cec3a1edb21d5cc573ab055858
f8feea41477cf6c615d64e34192ca16596d8d1d4a19016c292aec5c894af2bb8