northernrockies.wradvisors.com Open in urlscan Pro
2606:4700::6810:42c5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://northernrockies.wradvisors.com/team/kim-dexter
Effective URL:
https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Submission: On March 03 via api (March 3rd 2020, 2:12:20 pm UTC) from US

Summary HTTP 32 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 32 HTTP transactions. The main IP is 2606:4700::6810:42c5, located in United States and belongs to CLOUDFLARENET, US. The main domain is northernrockies.wradvisors.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 2nd 2019. Valid for: a year.

This is the only time northernrockies.wradvisors.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6810:42c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2600:9000:20e... 2600:9000:20eb:5600:11:ad6d:cf00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	52.217.37.44 52.217.37.44	16509 (AMAZON-02) (AMAZON-02)
2	35.204.22.180 35.204.22.180	15169 (GOOGLE) (GOOGLE)
1	34.90.17.46 34.90.17.46	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.194.113 13.224.194.113	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1	52.11.118.251 52.11.118.251	16509 (AMAZON-02) (AMAZON-02)
32	10

2 2606:4700::6810:42c5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

northernrockies.wradvisors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:20eb:5600:11:ad6d:cf00:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fmgsuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.37.44 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

fmg-websites-custom.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.22.180 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 180.22.204.35.bc.googleusercontent.com

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.17.46 (United States)

ASN15169 (GOOGLE, US)
PTR: 46.17.90.34.bc.googleusercontent.com

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-113.fra2.r.cloudfront.net

static.site24x7rum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.11.118.251 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-118-251.us-west-2.compute.amazonaws.com

col.site24x7rum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	fmgsuite.com static.fmgsuite.com	752 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
3	amazonaws.com fmg-websites-custom.s3.amazonaws.com	22 KB
2	site24x7rum.com static.site24x7rum.com col.site24x7rum.com	48 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
2	wradvisors.com 1 redirects northernrockies.wradvisors.com	10 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	190 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	167 B
0	waddell.com Failed www.waddell.com Failed
32	10

	Domain	Requested by
18	static.fmgsuite.com	northernrockies.wradvisors.com static.fmgsuite.com
3	fmg-websites-custom.s3.amazonaws.com	northernrockies.wradvisors.com static.fmgsuite.com
2	ssl.google-analytics.com	1 redirects northernrockies.wradvisors.com
2	northernrockies.wradvisors.com	1 redirects
1	col.site24x7rum.com	static.site24x7rum.com
1	www.google.de	northernrockies.wradvisors.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	static.site24x7rum.com	northernrockies.wradvisors.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	northernrockies.wradvisors.com
0	www.waddell.com Failed	static.fmgsuite.com northernrockies.wradvisors.com
32	13

This site contains links to these domains. Also see Links.

Domain
brokercheck.finra.org
www.linkedin.com
www.facebook.com
www.caprivacy.org
www.finra.org
www.sipc.org
www.waddell.com

Subject Issuer	Validity	Valid
northernrockies.wradvisors.com CloudFlare Inc ECC CA-2	`2019-11-02` - `2020-10-09`	a year	crt.sh
*.fmgsuite.com DigiCert SHA2 Secure Server CA	`2018-09-18` - `2020-11-25`	2 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.site24x7rum.com Amazon	`2019-10-24` - `2020-11-24`	a year	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Frame ID: 780989539392561045B38C9BF745B6F5
Requests: 31 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 6FDDD9400EAD094368236D90C8EDB172
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://northernrockies.wradvisors.com/team/kim-dexter HTTP 302
https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Page Statistics

32
Requests

91 %
HTTPS

55 %
IPv6

10
Domains

13
Subdomains

10
IPs

4
Countries

921 kB
Transfer

1712 kB
Size

5
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://brokercheck.finra.org/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/waddell-&-reed

Search URL Search Domain Scan URL

URL: https://www.facebook.com/waddellandreed/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/fred-rhoads-cmfc-lutcf-271a1213

Search URL Search Domain Scan URL

URL: https://www.caprivacy.org/
Title: California Consumer Privacy Act (CCPA)

Search URL Search Domain Scan URL

URL: https://www.finra.org/
Title: FINRA

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: SIPC

Search URL Search Domain Scan URL

URL: https://www.waddell.com/disclosures-privacy
Title: Waddell & Reed, Inc. – Privacy Policy & Disclosures

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://northernrockies.wradvisors.com/team/kim-dexter HTTP 302
https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1764074696&utmhn=northernrockies.wradvisors.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20%7C%20Waddell%20%26%20Reed%2C%20Northern%20Rockies%20Market&utmhid=1798266973&utmr=-&utmp=%2F%3FredirectUrl%3D%2Fteam%2Fkim-dexter&utmht=1583244720434&utmac=UA-24680519-10&utmcc=__utma%3D141226925.1191137480.1583244720.1583244720.1583244720.1%3B%2B__utmz%3D141226925.1583244720.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1715710604&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24680519-10&cid=1191137480.1583244720&jid=1715710604&_v=5.7.2&z=1764074696 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=1191137480.1583244720&jid=1715710604&_v=5.7.2&z=1764074696 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=1191137480.1583244720&jid=1715710604&_v=5.7.2&z=1764074696&slf_rd=1&random=1103769268

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
northernrockies.wradvisors.com/
Redirect Chain

https://northernrockies.wradvisors.com/team/kim-dexter
https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter

51 KB
10 KB

754ms
753ms

Document
text/html

2606:4700::6810:42c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:42c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 015fdb2de248db20b38f0a1c76544a7eb669e7e04fc4dcdf95729ac91787ba6a

Request headers

:method: GET
:authority: northernrockies.wradvisors.com
:scheme: https
:path: /?redirectUrl=/team/kim-dexter
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dc40e6cfca373ee4cd713956738f4132b1583244718; __cf_bm=503c1a7c82f6623376faf0342d2550774b17419d-1583244718-1800-AaPJq8Jc0LYQ/YgdiCJ1CPjIYWVI8CUR2GfEyW5Et8cTxa/Vzzh8fSj826dgMOSVAn7CmBshwcfLMNFsB3eFH7g=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Tue, 03 Mar 2020 14:11:59 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-stackifyid: V2|d0ac5f06-a1d5-4460-8fdf-03d8fc374033|C78253|CD531
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56e3f3252e0dd6b5-FRA
content-encoding: gzip

Redirect headers

status: 302
date: Tue, 03 Mar 2020 14:11:58 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dc40e6cfca373ee4cd713956738f4132b1583244718; expires=Thu, 02-Apr-20 14:11:58 GMT; path=/; domain=.northernrockies.wradvisors.com; HttpOnly; SameSite=Lax __cf_bm=503c1a7c82f6623376faf0342d2550774b17419d-1583244718-1800-AaPJq8Jc0LYQ/YgdiCJ1CPjIYWVI8CUR2GfEyW5Et8cTxa/Vzzh8fSj826dgMOSVAn7CmBshwcfLMNFsB3eFH7g=; path=/; expires=Tue, 03-Mar-20 14:41:58 GMT; domain=.northernrockies.wradvisors.com; HttpOnly; Secure; SameSite=None
location: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
x-stackifyid: V2|b37c5993-e229-4657-93fc-b62cd49efc64|C78253|CD492
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56e3f320fa65d6b5-FRA

GET
H2 200 7ac.css
static.fmgsuite.com/site/templates/007/dist/ 239 KB
35 KB 51ms
10ms Stylesheet
text/css 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fmgsuite.com/site/templates/007/dist/7ac.css?v=2.86.36.33220.137
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c82a61a6c0a43d966ef4e18fd50850d2c1d3ea4b369e215923c54f460ffd9850

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-amz-version-id: rjvWqgYlBsymN_HVEtYwd68lxau3Qydd
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 15:25:30 GMT
server: AmazonS3
age: 42175
date: Tue, 03 Mar 2020 02:29:05 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Rc35HF4tilI-2RjvGAFEmfgxB14BYxEIggBPYOaCQOUMSk7VqikJpw==
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)

GET
H/1.1 200
OK waddell_market_site.css
fmg-websites-custom.s3.amazonaws.com/waddell/ 15 KB
15 KB 466ms
126ms Stylesheet
text/css 52.217.37.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fmg-websites-custom.s3.amazonaws.com/waddell/waddell_market_site.css
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 84dcfd38486b9006801322a1e711a192fadee585ab8b23ab38af1da50caf3173

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 03 Mar 2020 14:12:01 GMT
Last-Modified: Tue, 24 Sep 2019 20:31:41 GMT
Server: AmazonS3
x-amz-request-id: 059D290A488A699C
ETag: "a022851c4ea6c3748a39f5fbd4c14e41"
x-amz-version-id: yHp7jt37fF0zaYU7nZ8dpssAm1upsy9Y
x-amz-meta-version-id: vk2hYQh8vHcE1e0edh8bsEhE9xM0eJFf
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 15396
x-amz-id-2: EWo/A1P85jMLxFQ5vnodkRxkT9Fx947vbBwynsmhaDbK/K2/uY4pns8uItI3+0t46RwE5UfAV+c=

GET
H2 200 brokerCheck-bar-logo.png
static.fmgsuite.com/site/templates/global/img/ 6 KB
6 KB 60ms
20ms Image
image/png 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/site/templates/global/img/brokerCheck-bar-logo.png
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 270a370311bb246a1b54005d05dbb6d51b4f20ac2c3dc19d98e68c20633eeecd

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 02 Mar 2020 21:00:25 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Tue, 25 Feb 2020 15:26:07 GMT
server: AmazonS3
age: 61895
etag: "0a702e6adbbb9c114979785ab0055ff7"
x-cache: Hit from cloudfront
x-amz-version-id: mhV0KsP9qtw6jzOkAdZOZebQ9dSZfzjr
status: 200
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 6131
x-amz-cf-id: h3VXsY1dxbpsEStOswLSqkuk9II7qQivJ9BSKb0Mp2xEOkXXu7Bcpg==

GET
H2 200 fcf99051-0e3b-4a5b-ab15-4a79d55bd62f.png
static.fmgsuite.com/media/images/ 13 KB
14 KB 61ms
21ms Image
image/png 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/fcf99051-0e3b-4a5b-ab15-4a79d55bd62f.png?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 124373a7e79b8f430e92a65b06b154e015345731c0e84f43b33a463fcdb29113

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-version-id: kCHBFXnnrKE5ji6_Jfg_MVmiLgwZJ.lc
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Mon, 21 May 2018 22:11:54 GMT
server: AmazonS3
age: 232
etag: "d27595f5e68cc35e53bd714f2e3911d5"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Tue, 03 Mar 2020 14:08:08 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 13707
x-amz-cf-id: sB6NqjWZzBufsuxP8ajMmUZ9lfYKKIc8XSzIvh6uwfAY0m08ch1Ctg==

GET
H2 200 368a1df3-1c1c-4e96-b9ce-d9ca827944d1.jpg
static.fmgsuite.com/media/images/ 31 KB
31 KB 531ms
492ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/368a1df3-1c1c-4e96-b9ce-d9ca827944d1.jpg?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf2305e444e0244537172993428d88e73c219fe74dfde0bb8f1858010b485e7e

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:12:01 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Fri, 13 Dec 2019 15:30:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "eb1bdfd73e7cc30633a559165ade8826"
x-cache: Miss from cloudfront
x-amz-version-id: aHVlcAlDRqEWd.Q1GmrYc5xVrWlfpOjI
status: 200
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 31591
x-amz-cf-id: f702XQjRrAgxqlA1DiZpfQ0z9R-TOSS7Hu9jjYStW5rg-lnI867GZg==

GET
H2 200 3566bae8-46b3-4cde-a1ed-5d3f3c17763a.jpg
static.fmgsuite.com/media/images/ 12 KB
12 KB 60ms
21ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/3566bae8-46b3-4cde-a1ed-5d3f3c17763a.jpg?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2be5d86c7ea1a0b3a2e86b66e0f6d94bfd9f29e9e25ebd44c4d858139dd1da48

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:08:08 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jul 2018 04:43:30 GMT
server: AmazonS3
age: 232
etag: "494095d5db72ffb2beb6daf703ff795b"
x-cache: Hit from cloudfront
x-amz-version-id: PzNiKgLW1MmCLqY6LLQJf6l537RllyVJ
status: 200
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 12150
x-amz-cf-id: bDezSfpieRKRnhucWnyKU7EpkjTeP4MV1Dcdr8S3hJhno6vGpoNdfA==

GET
H2 200 d2bf7385-6b83-4e1e-83b4-93e82af35531.jpg
static.fmgsuite.com/media/images/ 10 KB
11 KB 13ms
9ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/d2bf7385-6b83-4e1e-83b4-93e82af35531.jpg?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9514de4fc395829089bb03fc071641c141950ef75ea35a2000deb83e72eb6935

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:08:08 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jul 2018 04:45:17 GMT
server: AmazonS3
age: 232
etag: "8b74affda7e8b507bccb62587a443e83"
x-cache: Hit from cloudfront
x-amz-version-id: 7RM6L0RW.JVi9niIcOZfVf1mU9mwnvVu
status: 200
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 10360
x-amz-cf-id: p1rgL6DhP2atPMhqj2reuhSVnzkgciM7uzzWGIVhqN1M_H-7zU7XvQ==

GET
H2 200 e775239f-02d8-431c-a584-fe5bf2df320c.jpg
static.fmgsuite.com/media/images/ 16 KB
16 KB 431ms
427ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/e775239f-02d8-431c-a584-fe5bf2df320c.jpg?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88e136fe5cfa1a92b27158e8c89dbd2b05d42a82a0617f71636966794a10799b

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:12:01 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jul 2018 04:49:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "823d297726865710d264ed40a4311446"
x-cache: Miss from cloudfront
x-amz-version-id: sp_PddgXfG7Vd3V3VDyJ3UFD78GUELUm
status: 200
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 16485
x-amz-cf-id: Es6Ury1wLwRXt6yVyKqr_CGn7IdemH0QQBvbB6DH72GVmgPl6AsHWw==

GET
H2 200 e283db80-2411-49c9-9efc-6b736d677464.jpg
static.fmgsuite.com/media/images/ 18 KB
19 KB 411ms
408ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/e283db80-2411-49c9-9efc-6b736d677464.jpg?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b182136253d359344d22b9fa9d4b4062e3534b5439c9806099916b6b8a58fc8

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:12:01 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 20:26:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "c729436d8b0bc1f10be6a42bda6d7f85"
x-cache: Miss from cloudfront
x-amz-version-id: JmN7Me59x3RKnyjj0c9Ks5z1PS8Rue3z
status: 200
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 18696
x-amz-cf-id: 6CxTpy7xiiACaZWhwNsBidvZHsqaHeXdw6-OxSAhbQzsyJg_zOTYHA==

GET
H2 200 4eeb3059-be18-412e-9dd5-73b7c91e64ef.jpg
static.fmgsuite.com/media/images/ 12 KB
12 KB 12ms
8ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/4eeb3059-be18-412e-9dd5-73b7c91e64ef.jpg?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab46cc132710d401413901f7a70828713520a28b9f1b9a231cf23af1320804dd

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:08:08 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Wed, 05 Feb 2020 19:39:43 GMT
server: AmazonS3
age: 232
etag: "00d63470632c440e2c56d9a750c69df7"
x-cache: Hit from cloudfront
x-amz-version-id: mhNqqzOYTTtZ.zo2IiCITnMp6Yj4DJMj
status: 200
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 12362
x-amz-cf-id: mHkQtsus0KfQXWWsVYhOMqvKKvv0LJbIiFVXx9GMsg7eR-ifwgYsZw==

GET
H2 200 cf651aa7-ef2c-46b1-9609-9ec5396353d0.jpg
static.fmgsuite.com/media/images/ 14 KB
15 KB 431ms
428ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/cf651aa7-ef2c-46b1-9609-9ec5396353d0.jpg?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c184a07dce0e7334411967da7730e523602095dd7823f9a0ea67d6ab858ee98

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:12:01 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 20:32:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "5af322e52cef63c2c85f7de7a1d2e3e9"
x-cache: Miss from cloudfront
x-amz-version-id: heNE3KubTjDiWHjtav5JIWhlFdE2wsln
status: 200
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 14595
x-amz-cf-id: 46tkC3Z_-iGXftsnMzRyLs4_268qiDKGkofYU7GhqDhStv6JzVUSzg==

GET
H2 200 2be13caa-9512-4b20-9cf4-e476b8bb99d2.jpg
static.fmgsuite.com/media/images/ 41 KB
41 KB 411ms
407ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/2be13caa-9512-4b20-9cf4-e476b8bb99d2.jpg?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3de8de493d74827c7eb91e085ea635aca3bace281cce9e6567fb94c43314efa

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:12:01 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Fri, 13 Dec 2019 15:31:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "51ea181013a5fafc52ed78975fc790c1"
x-cache: Miss from cloudfront
x-amz-version-id: UM1o2RfKZ3IDf6Oec2pspNMAD3xs.N9k
status: 200
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 41957
x-amz-cf-id: TkF9vrPZch4wmlhIhIFd0YUavrdvp5_FP2kWykqghjdEDm_OJ76ppA==

GET
H2 200 439-largethumb-b.jpg
static.fmgsuite.com/site/templates/global/img/assets/largethumb/ 49 KB
49 KB 437ms
434ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/site/templates/global/img/assets/largethumb/439-largethumb-b.jpg?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3de537453ce8380f11ee5c5574a29e3cf960f0475f261cc1b64cd1e821de6983

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:12:01 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Mon, 03 Dec 2018 17:02:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "ae9b407dd41ef6593994928ce6ef3109"
x-cache: Miss from cloudfront
x-amz-version-id: .q_wh5lVFtezywyq0kDGW.U6UDLwBzyD
status: 200
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 49740
x-amz-cf-id: sttWSOsgLeF_0vYzjLdiBAXXTCWYZDzWGq2G_rhTG4qINXB3wkLGEQ==

GET
H2 200 210-largethumb-a.jpg
static.fmgsuite.com/site/templates/global/img/assets/largethumb/ 15 KB
15 KB 494ms
491ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/site/templates/global/img/assets/largethumb/210-largethumb-a.jpg?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19f79b8e5caf1c59e9b2c2a82bfda62fcf0298742029d7f10fc40aa243429467

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:12:01 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Mon, 03 Dec 2018 16:51:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "f9a7bc1ff5e85aa9149c70d647ee6c04"
x-cache: Miss from cloudfront
x-amz-version-id: JMdMaFHQ51SgySusWxxQJAEQuAxbxowX
status: 200
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 15059
x-amz-cf-id: B4B4Q8_oOWC6kDa17G5Mzdkifl2lHXvi0t54yNAEbYvZwgoHjODO0A==

GET
H2 200 226-largethumb-c.jpg
static.fmgsuite.com/site/templates/global/img/assets/largethumb/ 26 KB
26 KB 430ms
427ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/site/templates/global/img/assets/largethumb/226-largethumb-c.jpg?v=1
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c26ce467cbb071c5cce9533fe792e62e43726e691000a1dbb0e90656f587f93f

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:12:01 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Mon, 03 Dec 2018 16:52:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "1640a864ef7d246ac1241f215f539838"
x-cache: Miss from cloudfront
x-amz-version-id: SiPrq3SrkaQ40x36X1MVUCWrG7KIOKLX
status: 200
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 26496
x-amz-cf-id: HNhMzkNfwctSdnGvZdHkxeAxX6DPu9qZkFiKb3Cd8EgKJUalLQdGsQ==

GET
H2 200 scripts.js Show response
static.fmgsuite.com/site/templates/007/dist/ 281 KB
87 KB 55ms
16ms Script
application/x-javascript 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b567110ad7b1e8be796fc1f9e4b696acc8b5fa72bd89a70a50d932f1d338ec93

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 02 Mar 2020 21:21:25 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 15:25:31 GMT
server: AmazonS3
age: 60635
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: vgFwQ9DubzWfF6hQo39.BjM_hYx0wYr9
status: 200
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
content-type: application/x-javascript
x-amz-cf-id: VCBR4Hwisyz9UN-eiVa9fvzgi7bTH5uu1BXQeU21mAG653Ilq-U4vw==
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)

GET
H/1.1 200
OK waddell_market_site.js Show response
fmg-websites-custom.s3.amazonaws.com/waddell/ 874 B
1 KB 481ms
142ms Script
application/javascript 52.217.37.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fmg-websites-custom.s3.amazonaws.com/waddell/waddell_market_site.js
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ea8956eaad7b6ae7d5754832831ebe75c0edf2bfd42c260f104d210ae3445fde

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 03 Mar 2020 14:12:01 GMT
Last-Modified: Thu, 04 Oct 2018 13:08:14 GMT
Server: AmazonS3
x-amz-request-id: 9DD9F66C4F4800DC
ETag: "fb1bf0542c5094a2a595a70985353799"
Content-Type: application/javascript
Content-Length: 874
Accept-Ranges: bytes
x-amz-version-id: kQHaHpn77n8GIR8Z5jQSShT72HJLNLVY
x-amz-id-2: 8KbK2d+1uG7NTWCv8ezQ46vKLYfmaw4dVVdc3W6PV8TPps0HsnEAy4YjQ8ntyjNB0NGdi4nmCz4=

GET
H2 200 hotjar-36513.js Show response
static.hotjar.com/c/ 3 KB
2 KB 18ms
16ms Script
application/javascript 35.204.22.180
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-36513.js?sv=4

Requested by

Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.204.22.180 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

180.22.204.35.bc.googleusercontent.com

Software

Resource Hash

b623117dfaa65abe4b83bfdb3780d414e15e3df712b9eeb3b45fcfd0999aec13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 14:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 274
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1626
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/db5eb10b02c89df7a87bfff43dae023a
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.092
accept-ranges: bytes
section-io-id: 418c8bc411c64a16b3d5d230b19c369a
section-origin-responded: true

GET
H2 200 modules.e483a7fd5848d79df4ee.js Show response
script.hotjar.com/ 401 KB
70 KB 19ms
18ms Script
application/javascript 34.90.17.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.e483a7fd5848d79df4ee.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-36513.js?sv=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.90.17.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 46.17.90.34.bc.googleusercontent.com
Software: /
Resource Hash: 4585112a2875bc18afb3fa188a407aefcd4dafa4b7b833fe3f873aece15429b1

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 14:11:59 GMT
content-encoding: br
content-type: application/javascript
age: 358294
status: 200
section-io-cache: Hit
content-length: 71460
last-modified: Fri, 28 Feb 2020 10:37:08 GMT
etag: "f0179ea5c6729cd6b8c9d565caabd69f"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.026
accept-ranges: bytes
section-io-id: a525fffe2ae2880458d1d86b31cfa8f9
section-origin-responded: true

GET
H/1.1 200
OK slant.png
fmg-websites-custom.s3.amazonaws.com/waddell/images/ 5 KB
6 KB 109ms
108ms Image
image/png 52.217.37.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmg-websites-custom.s3.amazonaws.com/waddell/images/slant.png
Requested by: Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6d675593f38c6bb591924e9abece486e1c9730a57e63ea06e50ea32170cc088c

Request headers

Referer: https://fmg-websites-custom.s3.amazonaws.com/waddell/waddell_market_site.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 14:12:01 GMT
Last-Modified: Tue, 22 May 2018 17:26:12 GMT
Server: AmazonS3
x-amz-request-id: E48A450F3B909E9B
ETag: "6b06f9afd3d7a450b597884111071cb2"
Content-Type: image/png
Content-Length: 5349
Accept-Ranges: bytes
x-amz-version-id: TIk3S_FldMjs6BZnimkzeE3Nu95exqhD
x-amz-id-2: zCpxCUrfPDdNLPCcOiI3KSjVf5UO5M4h2tpOVMXwMNax4K7Xf9zk0/e65CIkSXgAUk0rKCczF+0=

GET
H2 200 874ec4b4-80f2-4a82-8336-fdecb3a2707a.jpg
static.fmgsuite.com/media/images/ 265 KB
266 KB 514ms
513ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/874ec4b4-80f2-4a82-8336-fdecb3a2707a.jpg
Requested by: Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0056dc1e8b7567c95825a5650570d4d7aedc93344be4b14a4b8404bb2caa6c01

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 14:12:01 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Tue, 14 Aug 2018 14:11:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "401cb53717e9d92a41a90c06801d31ac"
x-cache: Miss from cloudfront
x-amz-version-id: R_strpIOY6AJkRbXTcASA6fNwwSfiRha
status: 200
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 271255
x-amz-cf-id: 3cz-Nnnv5NcGhwC98PF2A3p7d78xP4BjDPv7grcVo0iMVBZG9psqsA==

GET
H2 200 bba3d8fe-7dd6-46df-ba87-573f535935ae.jpg
static.fmgsuite.com/media/images/ 20 KB
20 KB 9ms
8ms Image
image/jpeg 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/bba3d8fe-7dd6-46df-ba87-573f535935ae.jpg
Requested by: Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 123f4e6253b4c92ffb13b8f59e282831c0567f932a3546a5b44991a2d27dbed9

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 02 Mar 2020 20:36:11 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
last-modified: Mon, 21 May 2018 19:52:44 GMT
server: AmazonS3
age: 63350
etag: "605465be2d0ff62b86641fe24c53f737"
x-cache: Hit from cloudfront
x-amz-version-id: oj_A51P0P4_vRk5x_iP5IISHkj5GMJ6t
status: 200
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 20045
x-amz-cf-id: JmiFsayb4Lv2ZfjaAEUe3eABz7uDzadz2RiU8D-pFdeX0N7d0qnWsw==

GET
H2 200 fontawesome-webfont.woff2
static.fmgsuite.com/site/templates/007/fonts/ 75 KB
76 KB 30ms
10ms Font
application/octet-stream 2600:9000:20eb:5600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fmgsuite.com/site/templates/007/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://static.fmgsuite.com/site/templates/007/dist/7ac.css?v=2.86.36.33220.137
Origin: https://northernrockies.wradvisors.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Mar 2020 14:08:08 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
age: 233
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 77160
last-modified: Tue, 25 Feb 2020 15:25:32 GMT
server: AmazonS3
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: 11KCHbUEBIDVaZYiXyKhfIBQAV2p2A4G
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: x8H7C_0DIowGk4oIj_bIJT9UGeXsJ33qeuLUhk4YTOCZACF3oN_ejg==

GET 30A8F8_0_0.woff2
www.waddell.com/Content/WDDLWEB/fonts/ 0
0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5844
date: Tue, 03 Mar 2020 12:34:36 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Tue, 03 Mar 2020 14:34:36 GMT

GET
H/1.1 200
OK site24x7rum-min.js Show response
static.site24x7rum.com/beacon/ 47 KB
47 KB 38ms
9ms Script
application/javascript 13.224.194.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586
Requested by: Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-113.fra2.r.cloudfront.net
Software: ZGS /
Resource Hash: 2d66f6a56da3f79bd83da13fca2a29110c683d32b2aa6cfcbf16680411173d0e

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 03 Mar 2020 11:24:22 GMT
Via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
Server: ZGS
Age: 10059
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
X-Amz-Cf-Id: ik-O5uJ2R4sOPW1eMKlMmvRXmHg4OKhlnwi-qZrt0mxJx0bzyrR-mQ==

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 6FDD 0
0 17ms
17ms Document
text/html 35.204.22.180
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-36513.js?sv=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.204.22.180 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 180.22.204.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter

Response headers

status: 200
date: Tue, 03 Mar 2020 14:12:00 GMT
content-type: text/html
content-length: 851
last-modified: Thu, 27 Feb 2020 17:17:29 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.111
section-origin-responded: true
age: 415608
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 0f5cb75033ba24bbd1d0c465a2248303

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1764074696&utmhn=northernrockies.wradvisors.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utm...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24680519-10&cid=1191137480.1583244720&jid=1715710604&_v=5.7.2&z=1764074696
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=1191137480.1583244720&jid=1715710604&_v=5.7.2&z=1764074696
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=1191137480.1583244720&jid=1715710604&_v=5.7.2&z=1764074696&slf_rd=1&random=1103769268

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=1191137480.1583244720&jid=1715710604&_v=5.7.2&z=1764074696&slf_rd=1&random=1103769268

Requested by

Host: northernrockies.wradvisors.com
URL: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Mar 2020 14:12:00 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Mar 2020 14:12:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=1191137480.1583244720&jid=1715710604&_v=5.7.2&z=1764074696&slf_rd=1&random=1103769268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 30A8F8_0_0.woff
www.waddell.com/Content/WDDLWEB/fonts/ 0
0

GET 30A8F8_0_0.ttf
www.waddell.com/Content/WDDLWEB/fonts/ 0
0

POST
H/1.1 200
OK data Show response
col.site24x7rum.com/rum/ 19 B
504 B 2897ms
478ms XHR
application/json 52.11.118.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://col.site24x7rum.com/rum/data

Requested by

Host: static.site24x7rum.com
URL: https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.118.251 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-118-251.us-west-2.compute.amazonaws.com

Software

ZGS /

Resource Hash

d371490817f54924439cd86d57c2a049bd3382bf43a1a73346f454a7cacd6b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://northernrockies.wradvisors.com/?redirectUrl=/team/kim-dexter
Origin: https://northernrockies.wradvisors.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 03 Mar 2020 14:12:06 GMT
X-Content-Type-Options: nosniff
Server: ZGS
Access-Control-Allow-Headers: request-id, request-context, Origin
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json;charset=ISO-8859-1
Access-Control-Allow-Origin: *
Connection: keep-alive
Vary: Origin
Content-Length: 19
X-XSS-Protection: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.waddell.com
URL: https://www.waddell.com/Content/WDDLWEB/fonts/30A8F8_0_0.woff2

Domain: www.waddell.com
URL: https://www.waddell.com/Content/WDDLWEB/fonts/30A8F8_0_0.woff

Domain: www.waddell.com
URL: https://www.waddell.com/Content/WDDLWEB/fonts/30A8F8_0_0.ttf

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.northernrockies.wradvisors.com/	1970-01-19 12:10:12	Name: __utmz Value: 141226925.1583244720.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
northernrockies.wradvisors.com/	1970-01-20 01:18:36	Name: site24x7rumID Value: 182598756189581.1583244718194.1583244718194
.northernrockies.wradvisors.com/	1969-12-31 23:59:59	Name: __utmc Value: 141226925
.northernrockies.wradvisors.com/	1970-01-19 07:47:26	Name: __utmb Value: 141226925.1.10.1583244720
.northernrockies.wradvisors.com/	1970-01-20 01:18:36	Name: __utma Value: 141226925.1191137480.1583244720.1583244720.1583244720.1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137(Line 1) Message: JQMIGRATE: Migrate is installed with logging active, version 3.0.1
console-api	warning	URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137(Line 1) Message: JQMIGRATE: jQuery.fn.offset() requires a valid DOM element
console-api	log	URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137(Line 1) Message: console.trace
console-api	warning	URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137(Line 1) Message: JQMIGRATE: jQuery.fn.offset() requires an element connected to a document
console-api	log	URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137(Line 1) Message: console.trace
console-api	warning	URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137(Line 1) Message: JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api	log	URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137(Line 1) Message: console.trace
console-api	warning	URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137(Line 1) Message: JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api	log	URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.36.33220.137(Line 1) Message: console.trace

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

col.site24x7rum.com
fmg-websites-custom.s3.amazonaws.com
northernrockies.wradvisors.com
script.hotjar.com
ssl.google-analytics.com
static.fmgsuite.com
static.hotjar.com
static.site24x7rum.com
stats.g.doubleclick.net
vars.hotjar.com
www.google.com
www.google.de
www.waddell.com
www.waddell.com
13.224.194.113
2600:9000:20eb:5600:11:ad6d:cf00:93a1
2606:4700::6810:42c5
2a00:1450:4001:800::2004
2a00:1450:4001:808::2008
2a00:1450:4001:81b::2003
2a00:1450:400c:c00::9d
34.90.17.46
35.204.22.180
52.11.118.251
52.217.37.44
0056dc1e8b7567c95825a5650570d4d7aedc93344be4b14a4b8404bb2caa6c01
015fdb2de248db20b38f0a1c76544a7eb669e7e04fc4dcdf95729ac91787ba6a
123f4e6253b4c92ffb13b8f59e282831c0567f932a3546a5b44991a2d27dbed9
124373a7e79b8f430e92a65b06b154e015345731c0e84f43b33a463fcdb29113
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
19f79b8e5caf1c59e9b2c2a82bfda62fcf0298742029d7f10fc40aa243429467
270a370311bb246a1b54005d05dbb6d51b4f20ac2c3dc19d98e68c20633eeecd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2be5d86c7ea1a0b3a2e86b66e0f6d94bfd9f29e9e25ebd44c4d858139dd1da48
2d66f6a56da3f79bd83da13fca2a29110c683d32b2aa6cfcbf16680411173d0e
3de537453ce8380f11ee5c5574a29e3cf960f0475f261cc1b64cd1e821de6983
4585112a2875bc18afb3fa188a407aefcd4dafa4b7b833fe3f873aece15429b1
4c184a07dce0e7334411967da7730e523602095dd7823f9a0ea67d6ab858ee98
6d675593f38c6bb591924e9abece486e1c9730a57e63ea06e50ea32170cc088c
84dcfd38486b9006801322a1e711a192fadee585ab8b23ab38af1da50caf3173
88e136fe5cfa1a92b27158e8c89dbd2b05d42a82a0617f71636966794a10799b
9514de4fc395829089bb03fc071641c141950ef75ea35a2000deb83e72eb6935
9b182136253d359344d22b9fa9d4b4062e3534b5439c9806099916b6b8a58fc8
ab46cc132710d401413901f7a70828713520a28b9f1b9a231cf23af1320804dd
b3de8de493d74827c7eb91e085ea635aca3bace281cce9e6567fb94c43314efa
b567110ad7b1e8be796fc1f9e4b696acc8b5fa72bd89a70a50d932f1d338ec93
b623117dfaa65abe4b83bfdb3780d414e15e3df712b9eeb3b45fcfd0999aec13
bf2305e444e0244537172993428d88e73c219fe74dfde0bb8f1858010b485e7e
c26ce467cbb071c5cce9533fe792e62e43726e691000a1dbb0e90656f587f93f
c82a61a6c0a43d966ef4e18fd50850d2c1d3ea4b369e215923c54f460ffd9850
d371490817f54924439cd86d57c2a049bd3382bf43a1a73346f454a7cacd6b73
ea8956eaad7b6ae7d5754832831ebe75c0edf2bfd42c260f104d210ae3445fde
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

northernrockies.wradvisors.com Open in urlscan Pro 2606:4700::6810:42c5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

91 %HTTPS

55 %IPv6

10 Domains

13 Subdomains

10 IPs

4 Countries

921 kBTransfer

1712 kBSize

5 Cookies

8 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

northernrockies.wradvisors.com Open in urlscan Pro
2606:4700::6810:42c5 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

91 %
HTTPS

55 %
IPv6

10
Domains

13
Subdomains

10
IPs

4
Countries

921 kB
Transfer

1712 kB
Size

5
Cookies

32 HTTP transactions
0 data transactions