URL: http://gainvesting.com/
Submission: On March 04 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 53 HTTP transactions. The main IP is 216.119.109.66, located in United States and belongs to CRYSTALTECH, US. The main domain is gainvesting.com.
This is the only time gainvesting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
30 gainvesting.com
gainvesting.com
621 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
602 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
49 KB
3 bbb.org
seal-atlanta.bbb.org — Cisco Umbrella Rank: 264723
seal-blue.bbb.org — Cisco Umbrella Rank: 44169
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
17 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
32 KB
0 newtekwebhosting.com Failed
piwik.newtekwebhosting.com Failed
53 7
Domain Requested by
30 gainvesting.com gainvesting.com
7 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com gainvesting.com
www.gstatic.com
www.google.com
4 fonts.gstatic.com www.google.com
2 www.google-analytics.com gainvesting.com
2 seal-atlanta.bbb.org gainvesting.com
1 seal-blue.bbb.org seal-atlanta.bbb.org
1 ajax.googleapis.com gainvesting.com
0 piwik.newtekwebhosting.com Failed gainvesting.com
53 9

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
bootcamp.gainvesting.com
gip.teachable.com
www.bbb.org
Subject Issuer Validity Valid
www.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh

This page contains 3 frames:

Primary Page: http://gainvesting.com/
Frame ID: 14107B8EE9DF67C3CE18F8C044A8406A
Requests: 39 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=cz5qyipodjsy
Frame ID: F23177C65353AF3355C8F33CB278F40E
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=5gufayu15a3l
Frame ID: A1EAC498ACA3F834A81C5A9804CDA5F0
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

Atlanta Real Estate Investing - Georgia Residential Partners

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

53
Requests

30 %
HTTPS

86 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

1325 kB
Transfer

2241 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 34
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710125701&utmhn=gainvesting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Atlanta%20Real%20Estate%20Investing%20-%20Georgia%20Residential%20Partners&utmhid=110600293&utmr=-&utmp=%2F&utmht=1677922914318&utmac=UA-26529538-1&utmcc=__utma%3D163974825.1721004952.1677922914.1677922914.1677922914.1%3B%2B__utmz%3D163974825.1677922914.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1847042304&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710125701&utmhn=gainvesting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Atlanta%20Real%20Estate%20Investing%20-%20Georgia%20Residential%20Partners&utmhid=110600293&utmr=-&utmp=%2F&utmht=1677922914318&utmac=UA-26529538-1&utmcc=__utma%3D163974825.1721004952.1677922914.1677922914.1677922914.1%3B%2B__utmz%3D163974825.1677922914.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1847042304&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gainvesting.com/
18 KB
18 KB
Document
General
Full URL
http://gainvesting.com/
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
665406807177886369203ee2240def183f28f2983e122f80f96fe88f68a4797b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Length
18379
Content-Type
text/html; charset=utf-8
Date
Sat, 04 Mar 2023 09:41:52 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
style.css
gainvesting.com/css/
25 KB
26 KB
Stylesheet
General
Full URL
http://gainvesting.com/css/style.css
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
77a4337db4e0cfa32349bfcf128a333b8543ac43a4764434b2534ac8ad5fdd7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:52 GMT
Last-Modified
Sat, 11 Aug 2018 14:18:32 GMT
Server
Microsoft-IIS/8.5
ETag
"c198202f7e31d41:0"
X-Powered-By
ASP.NET
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
26085
colorbox.css
gainvesting.com/css/
2 KB
2 KB
Stylesheet
General
Full URL
http://gainvesting.com/css/colorbox.css
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
49f752e669d5fb8ea6eab139f2c069674d0eb30bcb6c6ea962b730ca41e9cd78

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:53 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:25 GMT
Server
Microsoft-IIS/8.5
ETag
"facc0897a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2195
modernizr-2.0.6.min.js
gainvesting.com/js/libs/
16 KB
16 KB
Script
General
Full URL
http://gainvesting.com/js/libs/modernizr-2.0.6.min.js
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
30c6a8b5793995f8313a8fa2e4a0aba353038615424b4fb2ad68ea9d4f2b2435

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:53 GMT
Last-Modified
Mon, 10 Oct 2011 18:33:29 GMT
Server
Microsoft-IIS/8.5
ETag
"4b56521b7b87cc1:0"
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
16226
api.js
www.google.com/recaptcha/
884 B
906 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5e883d171beeef010c6999222d17e9355f12dfc0c95af1787aecae8a46bf23e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 09:41:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
586
x-xss-protection
1; mode=block
expires
Sat, 04 Mar 2023 09:41:53 GMT
print.css
gainvesting.com/css/
199 B
444 B
Stylesheet
General
Full URL
http://gainvesting.com/css/print.css
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c3e6f207fb8ce965eaa471c00f1c006471768d874a60755f15a2aa555b9f625c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 02 Jul 2012 04:59:23 GMT
Server
Microsoft-IIS/8.5
ETag
"23cce272f58cd1:0"
X-Powered-By
ASP.NET
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
199
PropImage.aspx
gainvesting.com/
110 KB
110 KB
Image
General
Full URL
http://gainvesting.com/PropImage.aspx?file=images/Properties/Property_BeforePic_5357.jpg&w=612&h=459
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
38b61e763255d5bdf0f9c18ae1b8c1c0cdc568a17b1cc42e7924feb7ab2bc398

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:53 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
112763
Content-Type
image/jpeg
PropImage.aspx
gainvesting.com/
104 KB
104 KB
Image
General
Full URL
http://gainvesting.com/PropImage.aspx?file=images/Properties/Property_BeforePic_5348.jpeg&w=612&h=459
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
49b1eb1efc0b2efd3e3b3c06f0640080fa8b40ffbb6d1d949f5dd42b2afe58bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:53 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
106366
Content-Type
image/jpeg
PropImage.aspx
gainvesting.com/
68 KB
68 KB
Image
General
Full URL
http://gainvesting.com/PropImage.aspx?file=images/Properties/Property_BeforePic_5345.png&w=612&h=459
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7f41b81045076fb1745582352e51c1aa9cb39b95d806b1d3352a7d29314179cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:53 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
69222
Content-Type
image/jpeg
georgia-residential-partners-3002910.png
seal-atlanta.bbb.org/logo/sehzbam/
99 B
525 B
Image
General
Full URL
http://seal-atlanta.bbb.org/logo/sehzbam/georgia-residential-partners-3002910.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / ASP.NET
Resource Hash
1dd031f2c08c70b72c6fadcf7b6d3b5cfe55527f8fdc839916ba8daf5fb416ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Sat, 04 Mar 2023 09:41:54 GMT
Server
keycdn-engine
X-AspNet-Version
4.0.30319
X-Edge-Location
defr
X-Powered-By
ASP.NET
X-Cache
MISS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
X-Shield
active
Content-Length
99
Expires
Sat, 04 Mar 2023 13:41:54 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/
89 KB
32 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 18:35:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
227198
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
32245
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 29 Feb 2024 18:35:15 GMT
plugins.js
gainvesting.com/js/
136 KB
136 KB
Script
General
Full URL
http://gainvesting.com/js/plugins.js?r=15543
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bc6229031c357a3fb04544bf0e53c9fcff7b74fa871638a82d54dfa57990303f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:53 GMT
Last-Modified
Sun, 17 Feb 2013 05:49:22 GMT
Server
Microsoft-IIS/8.5
ETag
"fb7e1a89d2cce1:0"
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
139301
script.js
gainvesting.com/js/
3 KB
3 KB
Script
General
Full URL
http://gainvesting.com/js/script.js?r=15543
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f8807978c4f24641a3a3566331cce799a1275fcb45bbce1897728157ef3fb346

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Fri, 10 Aug 2018 23:35:17 GMT
Server
Microsoft-IIS/8.5
ETag
"8b277dcb231d41:0"
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
2754
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/
408 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://gainvesting.com/
Origin
http://gainvesting.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Mar 2024 16:16:04 GMT
MainBG.png
gainvesting.com/img/
8 KB
8 KB
Image
General
Full URL
http://gainvesting.com/img/MainBG.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
20221f20f82f95ef81e69ac986072e03ce8bcfcc8ff567086b3e7760663c3750

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:53 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:55 GMT
Server
Microsoft-IIS/8.5
ETag
"dfb5ca9b7a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
7732
logo.png
gainvesting.com/img/
6 KB
6 KB
Image
General
Full URL
http://gainvesting.com/img/logo.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3bcbc54094e86264da96c956b36b27c284abda9daa9ef4d851d2954a3f622c46

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:54 GMT
Server
Microsoft-IIS/8.5
ETag
"37a5409b7a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5978
tagline.png
gainvesting.com/img/
3 KB
3 KB
Image
General
Full URL
http://gainvesting.com/img/tagline.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c696fe18e99777a23682267ee95b1bf63790789cabb9b8e4b95d1f636157e739

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:31:57 GMT
Server
Microsoft-IIS/8.5
ETag
"a7e269e47a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2688
socialiconscontact.png
gainvesting.com/img/
1 KB
2 KB
Image
General
Full URL
http://gainvesting.com/img/socialiconscontact.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a9472e82b023f8dac3bd68ec92bf4b55d3f3ca82506b46f454ec8b7a6bf7aa29

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:31:54 GMT
Server
Microsoft-IIS/8.5
ETag
"67c17ae27a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1349
socialiconsfacebook.png
gainvesting.com/img/
1 KB
1 KB
Image
General
Full URL
http://gainvesting.com/img/socialiconsfacebook.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e0e2c067230371b12ba4ec81ade44ed96ef28316ebea756759510bd60888778b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:31:55 GMT
Server
Microsoft-IIS/8.5
ETag
"1bebf8e27a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1255
callustoday.png
gainvesting.com/img/
2 KB
3 KB
Image
General
Full URL
http://gainvesting.com/img/callustoday.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ddf0f8107745b98670ed2fa2b7eed250e97de6cb8b1b94a5a41cfa61c3cfee1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:38 GMT
Server
Microsoft-IIS/8.5
ETag
"7b6baa917a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2530
menuBG.png
gainvesting.com/img/
1 KB
2 KB
Image
General
Full URL
http://gainvesting.com/img/menuBG.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2ac36fb9224ae4d8acff45ccaa47076c93967ff974acf17d21fba017fd9bf841

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:56 GMT
Server
Microsoft-IIS/8.5
ETag
"2f7e469c7a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1304
menuBGhighlight.png
gainvesting.com/img/
1 KB
1 KB
Image
General
Full URL
http://gainvesting.com/img/menuBGhighlight.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
15b50c3a0ce2559efe7629c35c696cad7767ea5b59f6ea07cd86919f0bd37be0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:57 GMT
Server
Microsoft-IIS/8.5
ETag
"1be5bf9c7a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1140
videoplaceholder.jpg
gainvesting.com/img/
84 KB
85 KB
Image
General
Full URL
http://gainvesting.com/img/videoplaceholder.jpg
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f79a41ce3335162f4208625cdbd7182c0a6cf4e3ce9c30ca4b781330a4bb2428

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:53 GMT
Last-Modified
Mon, 10 Oct 2011 18:31:58 GMT
Server
Microsoft-IIS/8.5
ETag
"8bc950e57a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
86527
homeboxBG.png
gainvesting.com/img/
2 KB
2 KB
Image
General
Full URL
http://gainvesting.com/img/homeboxBG.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c5a279690065acf67109e4e965802d6d4c1bece4486bb5443eafee8490e696c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:53 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:43 GMT
Server
Microsoft-IIS/8.5
ETag
"7154c947a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2236
icon_house.png
gainvesting.com/img/
1 KB
2 KB
Image
General
Full URL
http://gainvesting.com/img/icon_house.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
61330dd5d91dcc4f8aae9a292e871f5e2921ae5bb4420def81655cf79a841a13

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:47 GMT
Server
Microsoft-IIS/8.5
ETag
"ef46c5967a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1359
icon_atl.png
gainvesting.com/img/
1 KB
2 KB
Image
General
Full URL
http://gainvesting.com/img/icon_atl.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5f47cfb9906bc18aee6c7073598bbe453b481ec792f9970d4344da6846c04455

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:44 GMT
Server
Microsoft-IIS/8.5
ETag
"372b4d957a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1402
icon_retirement.png
gainvesting.com/img/
2 KB
2 KB
Image
General
Full URL
http://gainvesting.com/img/icon_retirement.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b3bd176648fe7882afc8034f4339925a5326c5f7d2ab0f5d2e0903b5be79dd92

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:49 GMT
Server
Microsoft-IIS/8.5
ETag
"7b3e36987a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1704
icon_video.png
gainvesting.com/img/
2 KB
2 KB
Image
General
Full URL
http://gainvesting.com/img/icon_video.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
49c56cb9873d435fa5d193e4ffc85c3d541d08b87d1328ecd82ee19926206819

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:50 GMT
Server
Microsoft-IIS/8.5
ETag
"67a5af987a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1561
icon_performance.png
gainvesting.com/img/
1 KB
2 KB
Image
General
Full URL
http://gainvesting.com/img/icon_performance.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
92f1de8ab6aa89debc934f363452269ce4d673d95e303efa4a0fa1a270d4f2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:48 GMT
Server
Microsoft-IIS/8.5
ETag
"8fd7bc977a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1516
icon_lightbulb.png
gainvesting.com/img/
1 KB
2 KB
Image
General
Full URL
http://gainvesting.com/img/icon_lightbulb.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
76ee9b81796ae67560fd63f67b918df9de95c89749a422d3d5bf00fe33c6eb49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:29:48 GMT
Server
Microsoft-IIS/8.5
ETag
"3ff41977a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1332
georgia-residential-partners-3002910.js
seal-atlanta.bbb.org/logo/
1 KB
1 KB
Script
General
Full URL
http://seal-atlanta.bbb.org/logo/georgia-residential-partners-3002910.js
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
HTTP/1.1
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / ASP.NET
Resource Hash
3bab32ceca79e24492efb8a84a23643fefbe791c30d5a3bc70cd77cd848eb245

Request headers

Referer
http://gainvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Content-Encoding
gzip
X-Edge-Location
defr
X-Powered-By
ASP.NET
X-Cache
MISS
Connection
keep-alive
Content-Length
704
Last-Modified
Wed, 14 Sep 2022 17:37:47 GMT
Server
keycdn-engine
ETag
"6ff458b460c8d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
Accept-Ranges
bytes
X-Shield
active
Expires
Sat, 04 Mar 2023 13:41:54 GMT
ViewMoreDetails.png
gainvesting.com/img/
3 KB
4 KB
Image
General
Full URL
http://gainvesting.com/img/ViewMoreDetails.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4bbf633b5a4cdaf80af0ced2a118f5830bd2a5a2a008b8350331fe78ed8ac13d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Mon, 10 Oct 2011 18:31:59 GMT
Server
Microsoft-IIS/8.5
ETag
"33dadae57a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3533
downloadereportBack.png
gainvesting.com/img/
7 KB
7 KB
Image
General
Full URL
http://gainvesting.com/img/downloadereportBack.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afbae02f1bed631b1d3754e8c24502ea2613f7c4fa77751ad14bb325e91b65e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:54 GMT
Last-Modified
Thu, 09 Aug 2018 17:28:57 GMT
Server
Microsoft-IIS/8.5
ETag
"e59b2d74630d41:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
7209
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
H2
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 04 Mar 2023 09:28:02 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
832
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sat, 04 Mar 2023 11:28:02 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
piwik.js
piwik.newtekwebhosting.com/
0
0

__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710125701&utmhn=gainvesting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Atlant...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710125701&utmhn=gainvesting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Atlan...
35 B
197 B
Image
General
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710125701&utmhn=gainvesting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Atlanta%20Real%20Estate%20Investing%20-%20Georgia%20Residential%20Partners&utmhid=110600293&utmr=-&utmp=%2F&utmht=1677922914318&utmac=UA-26529538-1&utmcc=__utma%3D163974825.1721004952.1677922914.1677922914.1677922914.1%3B%2B__utmz%3D163974825.1677922914.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1847042304&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/
Protocol
H2
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Mar 2023 09:41:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710125701&utmhn=gainvesting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Atlanta%20Real%20Estate%20Investing%20-%20Georgia%20Residential%20Partners&utmhid=110600293&utmr=-&utmp=%2F&utmht=1677922914318&utmac=UA-26529538-1&utmcc=__utma%3D163974825.1721004952.1677922914.1677922914.1677922914.1%3B%2B__utmz%3D163974825.1677922914.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1847042304&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
navprev.png
gainvesting.com/img/
1 KB
2 KB
Image
General
Full URL
http://gainvesting.com/img/navprev.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1ea6dc8654670521cc48995083eafa2a200dff1311f0b9600371df00b91e7faa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:57 GMT
Last-Modified
Mon, 10 Oct 2011 18:30:02 GMT
Server
Microsoft-IIS/8.5
ETag
"f89c59f7a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1368
navnext.png
gainvesting.com/img/
1 KB
2 KB
Image
General
Full URL
http://gainvesting.com/img/navnext.png
Requested by
Host: gainvesting.com
URL: http://gainvesting.com/css/style.css
Protocol
HTTP/1.1
Server
216.119.109.66 , United States, ASN14992 (CRYSTALTECH, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
30c79d21bdcf835d40d98bef533aad1028c77c75160b943a5d88a7a0cdbaad34

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:57 GMT
Last-Modified
Mon, 10 Oct 2011 18:30:01 GMT
Server
Microsoft-IIS/8.5
ETag
"5b5f479f7a87cc1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1364
anchor
www.google.com/recaptcha/api2/ Frame F231
42 KB
23 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=cz5qyipodjsy
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
71d4a30c74b1c3a2dfcaa8c1d64f85fbdfea6267bc80d81213993b147ea3b03c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iruuUUKafuzBMN02-1MMVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://gainvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22628
content-security-policy
script-src 'report-sample' 'nonce-iruuUUKafuzBMN02-1MMVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 09:41:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame A1EA
46 KB
25 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=5gufayu15a3l
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
67fbc69543dc89234f13b64ab4607b354738d9b26f45f03d927a8aa81f5fdd55
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sJCpBHdlUhGYbfufJCJhmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://gainvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
25730
content-security-policy
script-src 'report-sample' 'nonce-sJCpBHdlUhGYbfufJCJhmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 09:41:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame F231
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=cz5qyipodjsy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 08:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Mar 2024 08:08:33 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame F231
408 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=cz5qyipodjsy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Mar 2024 16:16:04 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame A1EA
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=5gufayu15a3l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 08:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Mar 2024 08:08:33 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame A1EA
408 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=5gufayu15a3l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Mar 2024 16:16:04 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F231
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 15:21:16 GMT
x-content-type-options
nosniff
age
66041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 10 Mar 2023 15:21:16 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F231
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=cz5qyipodjsy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 15:27:04 GMT
x-content-type-options
nosniff
age
152093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F231
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=cz5qyipodjsy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:28:44 GMT
x-content-type-options
nosniff
age
227593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 18:28:44 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A1EA
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 15:21:16 GMT
x-content-type-options
nosniff
age
66041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 10 Mar 2023 15:21:16 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A1EA
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=5gufayu15a3l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 15:27:04 GMT
x-content-type-options
nosniff
age
152093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A1EA
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=5gufayu15a3l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:28:44 GMT
x-content-type-options
nosniff
age
227593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 18:28:44 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame F231
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=cz5qyipodjsy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=cz5qyipodjsy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 09:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 04 Mar 2023 09:41:57 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame A1EA
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=5gufayu15a3l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez_34UAAAAAHIG02z9vbgFZMOezl8Wr92hwKg5&co=aHR0cDovL2dhaW52ZXN0aW5nLmNvbTo4MA..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=5gufayu15a3l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 09:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 04 Mar 2023 09:41:57 GMT
legacy.min.css
seal-blue.bbb.org/
3 KB
1 KB
Stylesheet
General
Full URL
http://seal-blue.bbb.org/legacy.min.css
Requested by
Host: seal-atlanta.bbb.org
URL: http://seal-atlanta.bbb.org/logo/georgia-residential-partners-3002910.js
Protocol
HTTP/1.1
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / ASP.NET
Resource Hash
687a68a1f30ee3ce6f18f262eb8dec5a69c560cc9dcd7c1ba94572da4420ac32

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://gainvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 09:41:58 GMT
Content-Encoding
gzip
X-Edge-Location
defr
X-Powered-By
ASP.NET
X-Cache
HIT
Connection
keep-alive
Content-Length
878
Last-Modified
Wed, 14 Sep 2022 17:37:47 GMT
Server
keycdn-engine
ETag
"2f7b5ab460c8d81:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
Accept-Ranges
bytes
X-Shield
active
Expires
Sat, 04 Mar 2023 13:41:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
piwik.newtekwebhosting.com
URL
http://piwik.newtekwebhosting.com/piwik.js

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| Modernizr object| respond function| yepnope object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| theForm function| __doPostBack object| btnLoginEvent function| DoLogin function| DoValidate function| DoLoad string| bbbprotocol object| recaptcha string| cp function| addOnloadEvent undefined| $ function| jQuery object| _gaq string| pkBaseURL object| _gat object| gaGlobal undefined| piwikTracker function| $j function| Hashtable function| log object| Highcharts string| nextContent string| nextType string| prevContent string| prevType object| closure_lm_449696

5 Cookies

Domain/Path Name / Value
.gainvesting.com/ Name: __utma
Value: 163974825.1721004952.1677922914.1677922914.1677922914.1
.gainvesting.com/ Name: __utmc
Value: 163974825
.gainvesting.com/ Name: __utmz
Value: 163974825.1677922914.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.gainvesting.com/ Name: __utmt
Value: 1
.gainvesting.com/ Name: __utmb
Value: 163974825.1.10.1677922914

5 Console Messages

Source Level URL
Text
javascript warning URL: http://gainvesting.com/(Line 293)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://seal-atlanta.bbb.org/logo/georgia-residential-partners-3002910.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://gainvesting.com/(Line 293)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://seal-atlanta.bbb.org/logo/georgia-residential-partners-3002910.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://gainvesting.com/(Line 326)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://piwik.newtekwebhosting.com/piwik.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://gainvesting.com/(Line 326)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://piwik.newtekwebhosting.com/piwik.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://piwik.newtekwebhosting.com/piwik.js
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.gstatic.com
gainvesting.com
piwik.newtekwebhosting.com
seal-atlanta.bbb.org
seal-blue.bbb.org
www.google-analytics.com
www.google.com
www.gstatic.com
piwik.newtekwebhosting.com
2001:4860:4802:38::178
216.119.109.66
2a00:1450:4001:801::2003
2a00:1450:4001:812::2003
2a00:1450:400d:803::2004
2a00:1450:400d:80a::200a
2a0b:4d07:102::1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15b50c3a0ce2559efe7629c35c696cad7767ea5b59f6ea07cd86919f0bd37be0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1dd031f2c08c70b72c6fadcf7b6d3b5cfe55527f8fdc839916ba8daf5fb416ae
1ea6dc8654670521cc48995083eafa2a200dff1311f0b9600371df00b91e7faa
20221f20f82f95ef81e69ac986072e03ce8bcfcc8ff567086b3e7760663c3750
2ac36fb9224ae4d8acff45ccaa47076c93967ff974acf17d21fba017fd9bf841
30c6a8b5793995f8313a8fa2e4a0aba353038615424b4fb2ad68ea9d4f2b2435
30c79d21bdcf835d40d98bef533aad1028c77c75160b943a5d88a7a0cdbaad34
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
38b61e763255d5bdf0f9c18ae1b8c1c0cdc568a17b1cc42e7924feb7ab2bc398
3bab32ceca79e24492efb8a84a23643fefbe791c30d5a3bc70cd77cd848eb245
3bcbc54094e86264da96c956b36b27c284abda9daa9ef4d851d2954a3f622c46
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
49b1eb1efc0b2efd3e3b3c06f0640080fa8b40ffbb6d1d949f5dd42b2afe58bc
49c56cb9873d435fa5d193e4ffc85c3d541d08b87d1328ecd82ee19926206819
49f752e669d5fb8ea6eab139f2c069674d0eb30bcb6c6ea962b730ca41e9cd78
4bbf633b5a4cdaf80af0ced2a118f5830bd2a5a2a008b8350331fe78ed8ac13d
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e883d171beeef010c6999222d17e9355f12dfc0c95af1787aecae8a46bf23e3
5f47cfb9906bc18aee6c7073598bbe453b481ec792f9970d4344da6846c04455
61330dd5d91dcc4f8aae9a292e871f5e2921ae5bb4420def81655cf79a841a13
665406807177886369203ee2240def183f28f2983e122f80f96fe88f68a4797b
67fbc69543dc89234f13b64ab4607b354738d9b26f45f03d927a8aa81f5fdd55
687a68a1f30ee3ce6f18f262eb8dec5a69c560cc9dcd7c1ba94572da4420ac32
71d4a30c74b1c3a2dfcaa8c1d64f85fbdfea6267bc80d81213993b147ea3b03c
76ee9b81796ae67560fd63f67b918df9de95c89749a422d3d5bf00fe33c6eb49
77a4337db4e0cfa32349bfcf128a333b8543ac43a4764434b2534ac8ad5fdd7e
7f41b81045076fb1745582352e51c1aa9cb39b95d806b1d3352a7d29314179cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92f1de8ab6aa89debc934f363452269ce4d673d95e303efa4a0fa1a270d4f2d7
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a9472e82b023f8dac3bd68ec92bf4b55d3f3ca82506b46f454ec8b7a6bf7aa29
afbae02f1bed631b1d3754e8c24502ea2613f7c4fa77751ad14bb325e91b65e9
b3bd176648fe7882afc8034f4339925a5326c5f7d2ab0f5d2e0903b5be79dd92
bc6229031c357a3fb04544bf0e53c9fcff7b74fa871638a82d54dfa57990303f
c3e6f207fb8ce965eaa471c00f1c006471768d874a60755f15a2aa555b9f625c
c5a279690065acf67109e4e965802d6d4c1bece4486bb5443eafee8490e696c4
c696fe18e99777a23682267ee95b1bf63790789cabb9b8e4b95d1f636157e739
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
ddf0f8107745b98670ed2fa2b7eed250e97de6cb8b1b94a5a41cfa61c3cfee1b
e0e2c067230371b12ba4ec81ade44ed96ef28316ebea756759510bd60888778b
f79a41ce3335162f4208625cdbd7182c0a6cf4e3ce9c30ca4b781330a4bb2428
f8807978c4f24641a3a3566331cce799a1275fcb45bbce1897728157ef3fb346