www.grfcpa.com Open in urlscan Pro
35.227.184.45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://grfcpa.com/
Effective URL:
https://www.grfcpa.com/
Submission: On September 29 via manual (September 29th 2022, 6:54:38 pm UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 25 domains to perform 122 HTTP transactions. The main IP is 35.227.184.45, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.grfcpa.com. The Cisco Umbrella rank of the primary domain is 889519.
TLS certificate: Issued by R3 on July 30th 2022. Valid for: 3 months.

This is the only time www.grfcpa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 38	35.227.184.45 35.227.184.45	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:dfcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:20:... 2606:4700:20::ac43:4771	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2400:52e0:1e0... 2400:52e0:1e01::879:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.113 18.66.147.113	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:83ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	54.229.35.143 54.229.35.143	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:d::6	15169 (GOOGLE) (GOOGLE)
122	34

38 35.227.184.45 (The Dalles, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 45.184.227.35.bc.googleusercontent.com

grfcpa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.grfcpa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:dfcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4771 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.equalweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2400:52e0:1e01::879:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-113.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.35.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-35-143.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:d::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr1---sn-4g5edn6k.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	grfcpa.com 2 redirects grfcpa.com — Cisco Umbrella Rank: 865579 www.grfcpa.com — Cisco Umbrella Rank: 889519	1 MB
17	youtube.com www.youtube.com — Cisco Umbrella Rank: 95 img.youtube.com — Cisco Umbrella Rank: 3091	916 KB
15	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 4599 api.omappapi.com — Cisco Umbrella Rank: 4724 z.omappapi.com Failed	144 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 588	277 KB
6	equalweb.com cdn.equalweb.com — Cisco Umbrella Rank: 19063	22 KB
5	googlevideo.com rr1---sn-4g5edn6k.googlevideo.com — Cisco Umbrella Rank: 51335	1 MB
5	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2132	16 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 275	30 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 static.doubleclick.net — Cisco Umbrella Rank: 342	2 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 595 script.hotjar.com — Cisco Umbrella Rank: 767 vars.hotjar.com — Cisco Umbrella Rank: 889 in.hotjar.com — Cisco Umbrella Rank: 1682	70 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 228	7 KB
2	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 3085 track.hubspot.com — Cisco Umbrella Rank: 2227	2 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4453	444 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2140	259 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3148	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2119	20 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4907	23 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4132	88 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2168	960 B
1	hscta.net js.hscta.net — Cisco Umbrella Rank: 17400	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	42 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 884	240 KB
122	25

	Domain	Requested by
37	www.grfcpa.com	1 redirects www.grfcpa.com
16	www.youtube.com	www.grfcpa.com www.youtube.com
14	a.omappapi.com	www.grfcpa.com a.omappapi.com
6	cdn.equalweb.com	www.grfcpa.com cdn.equalweb.com
6	use.typekit.net	www.grfcpa.com use.typekit.net
5	rr1---sn-4g5edn6k.googlevideo.com	www.youtube.com
5	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
4	jnn-pa.googleapis.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	track.hubspot.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	forms.hsforms.com	www.grfcpa.com
1	forms.hubspot.com	js.hscollectedforms.net
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	img.youtube.com	www.grfcpa.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	vars.hotjar.com	static.hotjar.com
1	api.omappapi.com	a.omappapi.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.grfcpa.com
1	p.typekit.net	use.typekit.net
1	js.hs-scripts.com	www.grfcpa.com
1	js.hscta.net	www.grfcpa.com
1	www.googletagmanager.com	www.grfcpa.com
1	use.fontawesome.com	www.grfcpa.com
1	grfcpa.com	1 redirects
0	z.omappapi.com Failed	a.omappapi.com
122	36

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
cta-redirect.hubspot.com
www.bbb.org
secure.cpacharge.com
grfcpa.suralink.com
grfcpa.sharepoint.com

Subject Issuer	Validity	Valid
www.grfcpa.com R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
a.omappapi.com R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
api.opmnstr.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-13` - `2022-11-22`	2 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.grfcpa.com/
Frame ID: D2B0F4A06479D4042D510A4025B8F9C3
Requests: 102 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 6F89EC8C4A8725E156157D92ADB84174
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
Frame ID: 2B989F084D54697AAFF0C5A867260A29
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GRF CPAs & Advisors | Personal Service With Powerful Solutions

Page URL History Show full URLs

http://grfcpa.com/ HTTP 301
http://www.grfcpa.com/ HTTP 301
https://www.grfcpa.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

EqualWeb (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.equalweb\.com.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

122
Requests

98 %
HTTPS

79 %
IPv6

25
Domains

36
Subdomains

34
IPs

5
Countries

4143 kB
Transfer

8516 kB
Size

14
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/grfcpas

Search URL Search Domain Scan URL

URL: https://www.facebook.com/grfcpas/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/grf-cpas-and-advisors

Search URL Search Domain Scan URL

URL: https://www.instagram.com/grfcpas/

Search URL Search Domain Scan URL

URL: https://cta-redirect.hubspot.com/cta/redirect/9337846/90102664-836a-4520-9eb8-7fba247a6da9
Title: <img class="hs-cta-img" id="hs-cta-img-90102664-836a-4520-9eb8-7fba247a6da9" style="border-width:0px;" src="https://no-cache.hubspot.com/cta/default/9337846/90102664-836a-4520-9eb8-7fba247a6da9.png" alt="AUDIT"/>

Search URL Search Domain Scan URL

URL: https://cta-redirect.hubspot.com/cta/redirect/9337846/a90f1c80-f4d6-468e-930f-6709f3796589
Title: <img class="hs-cta-img" id="hs-cta-img-a90f1c80-f4d6-468e-930f-6709f3796589" style="border-width:0px;" src="https://no-cache.hubspot.com/cta/default/9337846/a90f1c80-f4d6-468e-930f-6709f3796589.png" alt="TAX"/>

Search URL Search Domain Scan URL

URL: https://cta-redirect.hubspot.com/cta/redirect/9337846/bedc483b-294c-4b0c-9b26-05ecac14c81e
Title: <img class="hs-cta-img" id="hs-cta-img-bedc483b-294c-4b0c-9b26-05ecac14c81e" style="border-width:0px;" src="https://no-cache.hubspot.com/cta/default/9337846/bedc483b-294c-4b0c-9b26-05ecac14c81e.png" alt="OUTSOURCED ACCOUNTING"/>

Search URL Search Domain Scan URL

URL: https://cta-redirect.hubspot.com/cta/redirect/9337846/72f0fd27-54a9-46bd-b4fd-3a6cc8376e4e
Title: <img class="hs-cta-img" id="hs-cta-img-72f0fd27-54a9-46bd-b4fd-3a6cc8376e4e" style="border-width:0px;" src="https://no-cache.hubspot.com/cta/default/9337846/72f0fd27-54a9-46bd-b4fd-3a6cc8376e4e.png" alt="RISK & ADVISORY"/>

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/md/bethesda/profile/accounting/gelman-rosenberg-freedman-cpas-0241-236027221/#sealclick
Title: <img style="border: 0; margin-top: 23px;" src="https://seal-dc-easternpa.bbb.org/seals/gray-seal-200-42-whitetxt-bbb-236027221.png" alt="Gelman, Rosenberg & Freedman CPAs BBB Business Review" width="200" height="42" />

Search URL Search Domain Scan URL

URL: https://secure.cpacharge.com/pages/grfcpa/payments
Title: Pay Your Bill

Search URL Search Domain Scan URL

URL: https://grfcpa.suralink.com/
Title: Suralink Portal

Search URL Search Domain Scan URL

URL: https://grfcpa.sharepoint.com/
Title: ©

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://grfcpa.com/ HTTP 301
http://www.grfcpa.com/ HTTP 301
https://www.grfcpa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

122 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.grfcpa.com/
Redirect Chain

http://grfcpa.com/
http://www.grfcpa.com/
https://www.grfcpa.com/

89 KB
18 KB

715ms
232ms

Document
text/html

35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 21b18a3ac69dabdc8c9c89949f5da3826257c73540b98e6948061ae915fad8f7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 18:54:30 GMT
link: <https://www.grfcpa.com/wp-json/>; rel="https://api.w.org/" <https://www.grfcpa.com/wp-json/wp/v2/pages/19541>; rel="alternate"; type="application/json" <https://www.grfcpa.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 7
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 29 Sep 2022 18:54:29 GMT
Keep-Alive: timeout=20
Location: https://www.grfcpa.com/
Server: nginx

GET
H2 200 style.min.css
www.grfcpa.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 366ms
363ms Stylesheet
text/css 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:30 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 14:29:55 GMT
server: nginx
etag: W/"62d6bfe3-15b64"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sage-intacct-partners-public.css
www.grfcpa.com/wp-content/plugins/sage-intacct-partners/public/css/ 98 B
292 B 330ms
326ms Stylesheet
text/css 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/plugins/sage-intacct-partners/public/css/sage-intacct-partners-public.css?ver=1664477307
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:30 GMT
content-encoding: br
last-modified: Mon, 04 Apr 2022 17:18:25 GMT
server: nginx
etag: W/"624b2861-62"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick.min.css
www.grfcpa.com/wp-content/plugins/wp-carousel-free/public/css/ 1 KB
707 B 334ms
331ms Stylesheet
text/css 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/plugins/wp-carousel-free/public/css/slick.min.css?ver=2.4.10
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c98051109292b7a0765b7937162cf57678618bc1f61ef0026cdf11c3da33932f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:30 GMT
content-encoding: br
last-modified: Wed, 31 Aug 2022 15:50:20 GMT
server: nginx
etag: W/"630f833c-585"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 font-awesome.min.css
www.grfcpa.com/wp-content/cache/min/1/wp-content/plugins/wp-carousel-free/public/css/ 31 KB
7 KB 353ms
351ms Stylesheet
text/css 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/plugins/wp-carousel-free/public/css/font-awesome.min.css?ver=1664476694
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8e91df4c8051fcb74458192922a062705a907d471d2b33caf4f8764920c385fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:30 GMT
content-encoding: br
last-modified: Thu, 29 Sep 2022 18:38:14 GMT
server: nginx
etag: W/"6335e616-7a53"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-carousel-free-public.min.css
www.grfcpa.com/wp-content/plugins/wp-carousel-free/public/css/ 9 KB
2 KB 365ms
363ms Stylesheet
text/css 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/plugins/wp-carousel-free/public/css/wp-carousel-free-public.min.css?ver=2.4.10
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 036b43fb2ab000d8327706f66cbbfc3e880e033fef174fc3e5b02ab013c1935c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:30 GMT
content-encoding: br
last-modified: Wed, 31 Aug 2022 15:50:20 GMT
server: nginx
etag: W/"630f833c-241f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
www.grfcpa.com/wp-includes/js/jquery/ 87 KB
31 KB 208ms
208ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Thu, 29 Jul 2021 00:50:59 GMT
server: nginx
etag: W/"6101fb73-15db1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
www.grfcpa.com/wp-includes/js/jquery/ 11 KB
4 KB 315ms
315ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Mon, 14 Dec 2020 17:27:08 GMT
server: nginx
etag: W/"5fd7a06c-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap.min.js Show response
www.grfcpa.com/wp-content/themes/grf/css/js/ 48 KB
13 KB 181ms
181ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/themes/grf/css/js/bootstrap.min.js?ver=6.0.2
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Mon, 19 Aug 2019 13:03:55 GMT
server: nginx
etag: W/"5d5a9e3b-bf30"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.matchHeight.js Show response
www.grfcpa.com/wp-content/themes/grf/css/js/ 11 KB
3 KB 252ms
251ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/themes/grf/css/js/jquery.matchHeight.js?ver=6.0.2
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c0d1e018c274598a46b3f57f8dcbc0672cdba54dd55fa3a922bae6757034ab81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Mon, 19 Aug 2019 13:03:56 GMT
server: nginx
etag: W/"5d5a9e3c-2a91"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.cycle2.min.js Show response
www.grfcpa.com/wp-content/themes/grf/css/js/ 22 KB
7 KB 194ms
191ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/themes/grf/css/js/jquery.cycle2.min.js?ver=6.0.2
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 11f48d4b4695c44fed6a2868845ac7dcea105360de0c811d008fed3b1eb69c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Mon, 19 Aug 2019 13:03:56 GMT
server: nginx
etag: W/"5d5a9e3c-591d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.cycle2.carousel.min.js Show response
www.grfcpa.com/wp-content/themes/grf/css/js/ 4 KB
2 KB 199ms
196ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/themes/grf/css/js/jquery.cycle2.carousel.min.js?ver=6.0.2
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f535eb25d17d4ddecf67d5544eb607fa8644e982f5d5a36949d0763bb88f0d7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Mon, 19 Aug 2019 13:03:56 GMT
server: nginx
etag: W/"5d5a9e3c-109b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wow.min.js Show response
www.grfcpa.com/wp-content/themes/grf/css/js/ 8 KB
3 KB 242ms
239ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/themes/grf/css/js/wow.min.js?ver=6.0.2
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Tue, 04 Jan 2022 18:56:12 GMT
server: nginx
etag: W/"61d4984c-20df"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 youtube-background.js Show response
www.grfcpa.com/wp-content/themes/grf/css/js/ 17 KB
6 KB 186ms
183ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/themes/grf/css/js/youtube-background.js?ver=6.0.2
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 01df26cdf4bc59cad01cbb3b27b2cd340081a0098797a7e52fdda442db7a2d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Fri, 24 Dec 2021 13:28:36 GMT
server: nginx
etag: W/"61c5cb04-4294"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/ 242 KB
36 KB 489ms
487ms Stylesheet
text/css 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bc438071772d6abcb5814be6e00623a07b13f1cc6320868e9039fc87ab4036d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:30 GMT
content-encoding: br
last-modified: Thu, 29 Sep 2022 18:38:14 GMT
server: nginx
etag: W/"6335e616-3c897"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 unite-gallery.css
www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/css/unitegallery/css/ 29 KB
4 KB 380ms
379ms Stylesheet
text/css 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/css/unitegallery/css/unite-gallery.css?ver=1664476694
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: edb8a01d35a04be470180136658e73e6ce139ca90d9a362bf476a9479cedea37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:30 GMT
content-encoding: br
last-modified: Thu, 29 Sep 2022 18:38:14 GMT
server: nginx
etag: W/"6335e616-7327"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.0.8/js/ 665 KB
240 KB 140ms
86ms Script
application/javascript 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.8/js/all.js
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf7f72d16b9546274d8ca85efe62bd6bb759d68a9f5dfe76253d4122e1da7df8

Request headers

Referer: https://www.grfcpa.com/
Origin: https://www.grfcpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TVWMNGVVE64W035D
age: 392153
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: KFEwLy8N4hvG1zIsNnEtgjo91lAhZGfP14DGI79TRX5t21SH3f6ZjW3BfB80I8jmtXSRB8VnaV0elL+QOQd6ww==
last-modified: Wed, 30 Jun 2021 15:28:03 GMT
server: cloudflare
etag: W/"668aad8c7d9f38f93221a1dcf9f93805"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svCL7QEZ7Kcm6fKadXTfalyX6qDFa5jxjtnWyZStBqzL6xkrgMden0bSS4sTOg0tPMU9Q%2FsF9Lqe5qVH34A5UaG4m4ud7qyDyxGzHsJadGV5a0ZuUAfSYz%2BW4S4%2FrlAGgSZ2FdJ7Tp0mnE3DlVd%2BQT0G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31556926
cf-ray: 7526ed88edf8bc04-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 79ms
35ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1302376-2

Requested by

Host: www.grfcpa.com
URL: https://www.grfcpa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e596f670b89fde97ccb0e45eaa50a3c294cd87b12b40930c9d41c59744fbb02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42384
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Sep 2022 18:54:31 GMT

GET
H2 200 current.js Show response
js.hscta.net/cta/ 16 KB
6 KB 197ms
69ms Script
application/javascript 2606:4700::6811:dfcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Host: www.grfcpa.com
URL: https://www.grfcpa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:dfcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f3f4c9d032ef7d5e47130b1b0096850dde4d86f2451f3eb9cece4426514af3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
x-amz-version-id: NpISHYAuUCLOdhp4YLO_nGJDg2oFf6Ou
via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 25
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.93/bundles/current.js&cfRay=7526ecea5f11994a-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Wed, 13 Jul 2022 12:14:29 UTC
server: cloudflare
etag: W/"e0cdd0c4571847e3210509465add92cd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7526ed89afd868eb-FRA
x-amz-cf-id: DM_6BXSIOQKMtEj2uzppDF9hs-FyR-gQEgwV2wb3IsfXL-EszWXmEw==
x-hs-target-asset: cta-embed-js/static-1.93/bundles/current.js

GET
H2 200 9337846.js Show response
js.hs-scripts.com/ 2 KB
960 B 200ms
153ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/9337846.js?integration=WordPress&ver=9.0.123
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b5a2a3caeb274f54298cf7992f3754883b97c6b1f8272de24f3f5757d7e6ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 29 Sep 2022 17:44:27 GMT
server: cloudflare
x-hubspot-correlation-id: aa214c49-c91e-4ddd-96a9-dec7c8b9a87c
x-trace: 2B680DAB9D67EF36E2576BB8D842F2450880E2E165000000000000000000
vary: Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.grfcpa.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7526ed88ef249b80-FRA
expires: Thu, 29 Sep 2022 18:55:31 GMT

GET
H2 200 slick.min.js Show response
www.grfcpa.com/wp-content/plugins/wp-carousel-free/public/js/ 43 KB
11 KB 183ms
181ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/plugins/wp-carousel-free/public/js/slick.min.js?ver=2.4.10
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Wed, 31 Aug 2022 15:50:20 GMT
server: nginx
etag: W/"630f833c-ab69"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-carousel-free-public.min.js Show response
www.grfcpa.com/wp-content/plugins/wp-carousel-free/public/js/ 515 B
508 B 183ms
182ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/plugins/wp-carousel-free/public/js/wp-carousel-free-public.min.js?ver=2.4.10
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9b63b85a6de8dfc0814d42480df4dc254b564329c8494aaa7df45367a66d2bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Wed, 31 Aug 2022 15:50:20 GMT
server: nginx
etag: W/"630f833c-203"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 helper.min.js Show response
www.grfcpa.com/wp-content/plugins/optinmonster/assets/dist/js/ 2 KB
1 KB 242ms
240ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/plugins/optinmonster/assets/dist/js/helper.min.js?ver=2.10.0
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 858a82228958a3c8de474987772f997f6feeab666d6a34ac740b01fe81f69cac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Thu, 15 Sep 2022 14:59:06 GMT
server: nginx
etag: W/"63233dba-883"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 lazyload.min.js Show response
www.grfcpa.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 247ms
246ms Script
application/javascript 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
last-modified: Thu, 15 Sep 2022 14:59:09 GMT
server: nginx
etag: W/"63233dbd-2063"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 nvt5thd.css
use.typekit.net/ 9 KB
1 KB 407ms
332ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/nvt5thd.css

Requested by

Host: www.grfcpa.com
URL: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

17edcca62266b662cda87b005805731bc4feb5b33484e4014d0a086e9e424f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 29 Sep 2022 18:54:31 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1088

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 88ms
18ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=nvt5thd&ht=tk&f=7853.7855.7864.7866.16353.37461.37462.37463.37464.37465.37466.37467&a=5460977&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nvt5thd.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 hotjar-2049774.js Show response
static.hotjar.com/c/ 4 KB
2 KB 101ms
48ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2049774.js?sv=6

Requested by

Host: www.grfcpa.com
URL: https://www.grfcpa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

833d656ef4f2a206dce77d69ab54e57ba23cf5b2a3ecae13c9db6a80842ec60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/6d0e8a8d52c2283622dc327612e109b4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ilhs41-DEiUxjrgiV-3Cth-KhdZFMAnibFxhEjXxggjaiFsVNLh0CA==

GET
H2 200 accessibility.js Show response
cdn.equalweb.com/core/4.2.2/ 40 KB
14 KB 299ms
247ms Script
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/core/4.2.2/accessibility.js

Requested by

Host: www.grfcpa.com
URL: https://www.grfcpa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

125e6b9ca120fa2bc4892544dda8f20226f26c5bbf550fae4be07b80612982fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grfcpa.com/
Origin: https://www.grfcpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Dec 2021 12:02:00 GMT
server: cloudflare
etag: W/"0eca68d19fbd71:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Xk0ozIS344i07n4SNgFfr%2FjLoj6cxXyPBVLeVUqvfF%2F4JFi6Waxt%2F4kKz4XWp83dGa4h5LvvPVf9M3gfC34q%2FiFU7Ua4N8I0P9abmq%2FEq2NryTQnnBNoJ4ruoSkDtdR5WDkwpYvt%2Bir2m1tzbM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-country: DE
x-frame-options: deny
cf-ray: 7526ed88ed8f9042-FRA

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91e598571609682f85ac8eaf7a2d7f64abe0dbd9ecf01b48c89af46698329747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 421c19f2440e37a4afa5294268c9f292795f5b37773dadf976ed7c6b97584f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a10b74d31e3c2c6766d954b6bb40c5cab5760f2e3ec00c293c6bf45cf4d30a44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 search-icon.png
www.grfcpa.com/wp-content/themes/grf/img/ 305 B
506 B 356ms
356ms Image
image/png 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/themes/grf/img/search-icon.png
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 480520285398ea2062b8f49154125a17c8b2243c50b643c647f9f15cd193e8f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
last-modified: Tue, 20 Apr 2021 12:38:08 GMT
server: nginx
etag: "607ecb30-131"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 305

GET
H2 200 l
use.typekit.net/af/32b0e4/00000000000000007735a185/30/ 44 KB
45 KB 243ms
56ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/32b0e4/00000000000000007735a185/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nvt5thd.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4f8059cfd6739160b9073e937833a58c728a9791b380f27fcf2d047d76951155

Request headers

Referer: https://use.typekit.net/nvt5thd.css
Origin: https://www.grfcpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
server: nginx
etag: "dead750a1d4bc579636464295fb9e45aa84c4884"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45468

GET
H2 200 l
use.typekit.net/af/73dbad/00000000000000007735a197/30/ 46 KB
46 KB 314ms
127ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/73dbad/00000000000000007735a197/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nvt5thd.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bec209adcf425f5fdd306fbae2da80f735f40244249e4e67237401fa748f3583

Request headers

Referer: https://use.typekit.net/nvt5thd.css
Origin: https://www.grfcpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
server: nginx
etag: "22d15fa81757d553d95b9aa5b7c25d494b35d678"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46812

GET
H2 200 l
use.typekit.net/af/6f175d/00000000000000007735a18f/30/ 44 KB
44 KB 361ms
174ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6f175d/00000000000000007735a18f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nvt5thd.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8748adc82884b1aec724c65f2579b9e2b27420626eae72eeda317c251177dbf4

Request headers

Referer: https://use.typekit.net/nvt5thd.css
Origin: https://www.grfcpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
server: nginx
etag: "21bd16a849996a2dda5cf5689c86f9b275c891b8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45244

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85e7ac58062b0a6794dd44791648c4a70d4dee1911387ea79c0002fe8bc6d0dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4805496b7492b3ad994fdb6ed5596988af463761c0e77fa9a5030c4e2f253f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aeecda26fd3b07337e3132b39f7e0f4829d112f67d3a9b963d4674f15c6756d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbc4d71d90b8cba0ab3a9e56982605b49aa762585d8507628ec03daf3fe1783f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a82b21d2faee9275b342bf49da6d4cd3a5e3ba462cfb9b15f84eea330e99182c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f1fbff0b0970359ef9b252e66e58be8a65c6256bdb9970b49d1acf6dd8a5ff3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3f1e4144c0fc9a0638f42d5d6c9875ae6768680a7f2ffa5ef449ccdf25fe436

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 589d6afec4c3b3c5491f15c1e9cce3f058eff800e2c1b195cb0a7f7337640cab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75bc5af06f242ea8ea9279faec374273648b92457edc0fc4d992c03b59903ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 130 KB
41 KB 97ms
22ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 6a6cce7ced081f55fa2164ded3a65962a273d16b4eb48c17548854d7e0e706d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: MISS
x-amz-request-id: D6PC69KQY1E6N1G3
cdn-cachedat: 09/28/2022 16:11:04
cdn-pullzone: 293267
x-amz-id-2: /GDpnOpixRMGT35UOMBmFoRPj0pW7sKtHbDqR0kOFwv/t33/MTEnY4apqWN/AGcUdBOjrCIBLrY=
last-modified: Wed, 28 Sep 2022 16:10:55 GMT
server: BunnyCDN-AMS-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"35a4013a8eb1aceb90b99fc17402a6ed"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: cb98a99db131b8890b72f435077fe09c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 shutter-bg-left.png
www.grfcpa.com/wp-content/themes/grf/img/ 72 KB
72 KB 334ms
333ms Image
image/png 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/themes/grf/img/shutter-bg-left.png
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d7104b9ca2d10a53c21c48b4908ca52163e4cc13a7a335c55fc473fb539099d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
last-modified: Tue, 04 Jan 2022 19:00:25 GMT
server: nginx
etag: "61d49949-12054"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 73812

GET
H2 200 orange-stat-bubble.png
www.grfcpa.com/wp-content/themes/grf/img/ 23 KB
23 KB 333ms
333ms Image
image/png 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/themes/grf/img/orange-stat-bubble.png
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f9e963650271cfc0ea1b1ca5d3aedd8b73fa7040b50159d7146777ebebc0d212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
last-modified: Tue, 04 Jan 2022 19:00:26 GMT
server: nginx
etag: "61d4994a-5cc4"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23748

GET
H2 200 blue-stat-bubble.png
www.grfcpa.com/wp-content/themes/grf/img/ 21 KB
21 KB 333ms
332ms Image
image/png 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/themes/grf/img/blue-stat-bubble.png
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6431d95fae1785167a96a661aed6e41818c20200aafe2020fce6945a0dceb4f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
last-modified: Tue, 04 Jan 2022 19:00:26 GMT
server: nginx
etag: "61d4994a-523b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21051

GET
H2 200 shutter-bg-right.png
www.grfcpa.com/wp-content/themes/grf/img/ 69 KB
69 KB 333ms
332ms Image
image/png 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/themes/grf/img/shutter-bg-right.png
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3461dbaed3efdee01641406d5a7f10e19bad65bf166ca57a9eb6cbbd4553bd70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/themes/grf/style.css?ver=1664476694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
last-modified: Tue, 04 Jan 2022 19:00:25 GMT
server: nginx
etag: "61d49949-11292"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 70290

GET
H2 200 working-with-great-people-makes-all-the-difference.jpg
www.grfcpa.com/wp-content/uploads/2022/02/ 20 KB
20 KB 333ms
332ms Image
image/jpeg 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/uploads/2022/02/working-with-great-people-makes-all-the-difference.jpg
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 008ca3517439d25c15634e3ad936409d84b63deb0b87347bab5bd8b4673c24b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
last-modified: Mon, 14 Feb 2022 20:23:34 GMT
server: nginx
etag: "620aba46-4ef5"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20213

GET
H2 200 excellence-and-impact-section-banner.jpg
www.grfcpa.com/wp-content/uploads/2022/02/ 167 KB
167 KB 232ms
231ms Image
image/jpeg 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/uploads/2022/02/excellence-and-impact-section-banner.jpg
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94d11746fb9d90916f834839dbafa4909bc0a7724fa2ddd31ddb44f1d282a440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
last-modified: Mon, 14 Feb 2022 20:23:55 GMT
server: nginx
etag: "620aba5b-29a21"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 170529

GET
H2 200 trending.jpg
www.grfcpa.com/wp-content/uploads/2022/02/ 130 KB
131 KB 231ms
231ms Image
image/jpeg 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/uploads/2022/02/trending.jpg
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7f5ef76390284f7d89f89b4fbb942b7938e35d5f5fcdc6866ebf030e05ae7d99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
last-modified: Mon, 14 Feb 2022 20:24:19 GMT
server: nginx
etag: "620aba73-208e4"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 133348

GET
H2 200 l
use.typekit.net/af/e2b8db/00000000000000003b9ade23/27/ 95 KB
95 KB 287ms
126ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e2b8db/00000000000000003b9ade23/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nvt5thd.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 36b0dd828598eda706c5ee8e2b38e617a0289c269e318543d0252ba3b911c0bf

Request headers

Referer: https://use.typekit.net/nvt5thd.css
Origin: https://www.grfcpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
server: nginx
etag: "3df0a0bb45642548e428ccb6f167b1f267cdeb21"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 97360

GET
H2 200 l
use.typekit.net/af/2180b4/00000000000000007735a193/30/ 45 KB
45 KB 227ms
68ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2180b4/00000000000000007735a193/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nvt5thd.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8051dfda67a0e02e31a79f89396bc57c87637561b2bbef8b331330550356f629

Request headers

Referer: https://use.typekit.net/nvt5thd.css
Origin: https://www.grfcpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
server: nginx
etag: "f80968cdbaf622d8162462562899b5f12168d2d4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45736

GET
H2 200 fontawesome-webfont.woff2
www.grfcpa.com/wp-content/plugins/wp-carousel-free/public/fonts/ 75 KB
76 KB 328ms
328ms Font
font/woff2 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grfcpa.com/wp-content/plugins/wp-carousel-free/public/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/plugins/wp-carousel-free/public/css/font-awesome.min.css?ver=1664476694
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.grfcpa.com/wp-content/cache/min/1/wp-content/plugins/wp-carousel-free/public/css/font-awesome.min.css?ver=1664476694
Origin: https://www.grfcpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
last-modified: Wed, 31 Aug 2022 15:50:20 GMT
server: nginx
etag: "630f833c-12d68"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 77160

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
18ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1302376-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 17:01:59 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 6752
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 29 Sep 2022 19:01:59 GMT

GET
H2 200 modules.8203b45d0468dcab4b64.js Show response
script.hotjar.com/ 254 KB
65 KB 69ms
21ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8203b45d0468dcab4b64.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2049774.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

1940c4e25fa5e96c143f6024185570fd16bb1661459e3d119ccd4ff04c94c2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 08:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 38005
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66188
last-modified: Thu, 29 Sep 2022 08:20:37 GMT
etag: "8d1d8a5e8e622b17cd6f34cada8fcb94"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: cTX5N5i9faRatd9MbNu6DYIT6zAesNu_iP1t6WN__ZUD38s_KscBfA==

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 44ms
32ms Stylesheet
text/css 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:31 GMT
content-encoding: br
cdn-edgestorageid: 879
perma-cache: MISS
x-amz-request-id: CQW913FTY4HEC08T
cdn-cachedat: 09/28/2022 16:11:15
cdn-pullzone: 293267
x-amz-id-2: F3c7B7CVeFndvMq+G9i1VA8g/yBgU8fhC3PyswYoNlHbOKZadVp0CZeuUiIR8nqBaqeduOKR89Q=
last-modified: Wed, 28 Sep 2022 16:10:55 GMT
server: BunnyCDN-AMS-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"fdfc47d7f4872c3530f2516e9f42a6ed"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 725b620aa418feb6c1d8cfc3fb7355b6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pwbehhi9rmqnjlopofuu Show response
api.omappapi.com/v2/embed/140874/ 3 KB
2 KB 184ms
113ms XHR
application/json 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/140874/pwbehhi9rmqnjlopofuu
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 8708b643f608626811d70c002e7e1abc94aa1bc672e99f4803f48763910e4702

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: gzip
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
x-optinmonster-campaign: pwbehhi9rmqnjlopofuu
x-user-agent: standard--
last-modified: Fri, 24 Jun 2022 19:28:44 GMT
server: Pagely Gateway/1.5.1
etag: W/"ba82668a62b956f48fe40886c2d78f61"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: _20YgED8W4IzvuHPJUiQChgp9vhFt6gyT8OfvK7yCx-q2r4iEyCswQ==
expires: Thu, 29 Sep 2022 18:31:05 GMT

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 6F89 2 KB
1 KB 81ms
18ms Document
text/html 18.66.147.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2049774.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-113.fra60.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.grfcpa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1935445
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-cf-id: t0BtQq4if8aN8EwTpApwjDndRcPwCDlajZveZM8a4SRKbtv3rfQEYQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 24ms
24ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1041625060&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grfcpa.com%2F&ul=en-us&de=UTF-8&dt=GRF%20CPAs%20%26%20Advisors%20%7C%20Personal%20Service%20With%20Powerful%20Solutions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=996926935&gjid=1911178728&cid=641232115.1664477672&tid=UA-1302376-2&_gid=1783444351.1664477672&_r=1&gtm=2ou9s0&z=1787684600

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grfcpa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 18:54:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grfcpa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 548 KB
88 KB 271ms
206ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9337846.js?integration=WordPress&ver=9.0.123
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee

Request headers

Referer: https://www.grfcpa.com/
Origin: https://www.grfcpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
x-amz-version-id: Ur8e8LShl3Q9Sr_qgQx0CQrFz7yEnpM5
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js&cfRay=7526ed8adc019b25-IAD
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 06 Sep 2022 03:53:55 UTC
server: cloudflare
etag: W/"6ec4f161716a8da5c8c95cda1e89dc05"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7526ed8adc019b25-FRA
x-amz-cf-id: GRY02UtgJdJ10_LVoqPvSa8I4VisEjj67g-GvBAdWkZEpe59U3hI5g==
x-hs-target-asset: lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 65 KB
23 KB 230ms
84ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9337846.js?integration=WordPress&ver=9.0.123
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer: https://www.grfcpa.com/
Origin: https://www.grfcpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 27429
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=75244fe59ccb6921-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
server: cloudflare
etag: W/"7a468b833be86c01bc8dfd455308f792"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7526ed8b9d2d696a-FRA
x-amz-cf-id: _7AxP66HqAIyq7kjUwqD80V0SMBspMvLBWZPY9h7V2QtK1HpD9TqdA==
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js

GET
H2 200 9337846.js Show response
js.hs-banner.com/ 62 KB
16 KB 199ms
150ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/9337846.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9337846.js?integration=WordPress&ver=9.0.123
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d8595b138dd432af08c3faf15d080f2e2bd787d86a68a1bb639d92e0b4212cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
x-amz-version-id: w_RseTLaKvSR4r6wmbYdobEqFZa_fB6_
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: YGCRPNG2VPC4J94X
x-amz-server-side-encryption: AES256
x-amz-id-2: KD3nyObtSFcjq1nhObEAB18QnDBBO0BTtQ+Uic6rEMXssk4kWHuqj/kkXTf5hmrz+4oz71s5hQ0=
last-modified: Tue, 30 Aug 2022 22:24:59 GMT
server: cloudflare
etag: W/"ed6f93cf46cff0aa23331def998286b2"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.grfcpa.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7526ed8abf3f994a-FRA
expires: Thu, 29 Sep 2022 18:59:32 GMT

GET
H2 200 9337846.js Show response
js.hs-analytics.net/analytics/1664477400000/ 63 KB
20 KB 363ms
219ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1664477400000/9337846.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9337846.js?integration=WordPress&ver=9.0.123
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0842bcca8eec90d1d79b2d77f151c263744b62144e84de09d4f30bd436713a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: R9WNKAMHFVNVRDP0
x-amz-server-side-encryption: AES256
x-amz-id-2: /x7z5d65aRlkfvMFHhL/nmI+waIc0zE2mKzLtwBvCLSDvffIwKrRqgjANezRelyVhN4FbMwRmfY=
last-modified: Wed, 31 Aug 2022 13:05:43 GMT
server: cloudflare
etag: W/"e162320e4ce08fc588b07b4a957a39ea"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7526ed8b9ad068f5-FRA
expires: Thu, 29 Sep 2022 18:59:32 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 83ms
35ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9337846.js?integration=WordPress&ver=9.0.123
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe5717b2e530ed3889fef7a3f64bd8703892af4df7a50ebdab50877d714ccb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
x-amz-version-id: 7KJ54BFzipn1nE_Td6RfTtNOqayLQBYG
via: 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 397
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.293/bundles/pixels-release.js&cfRay=7526e3d97ab79b2e-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Fri, 23 Sep 2022 05:23:07 UTC
server: cloudflare
etag: W/"46dd82490c71a41bce1eabb2e38c89c0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7526ed8ab841694b-FRA
x-amz-cf-id: mCAbo3ZfOR5ARPkl6Jq0jQOfbYW4pS3fq-PEQeCF-cEBKba3kp2_og==
x-hs-target-asset: adsscriptloaderstatic/static-1.293/bundles/pixels-release.js

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 103ms
32ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1302376-2&cid=641232115.1664477672&jid=996926935&gjid=1911178728&_gid=1783444351.1664477672&_u=YEBAAUAAAAAAAC~&z=1300045583

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grfcpa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 18:54:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grfcpa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 992 B
2 KB 159ms
63ms Script
text/javascript 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.grfcpa.com
URL: https://www.grfcpa.com/wp-content/themes/grf/css/js/youtube-background.js?ver=6.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

930bb849a34c23019835428b195cd0b34075a59feb0398ddf30f9ddd12e8a265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 29 Sep 2022 18:54:32 GMT

GET
H2 200 JTi9xdabYMg Show response
www.youtube.com/embed/ Frame 2B98 68 KB
27 KB 131ms
116ms Document
text/html 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1

Requested by

Host: www.grfcpa.com
URL: https://www.grfcpa.com/wp-content/themes/grf/css/js/youtube-background.js?ver=6.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3da652ef1cb092c08ce8a36845eb902017ab769c3c6300c057d64f97114d722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grfcpa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 29 Sep 2022 18:54:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 maxresdefault.jpg
img.youtube.com/vi/JTi9xdabYMg/ 72 KB
73 KB 96ms
37ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/JTi9xdabYMg/maxresdefault.jpg

Requested by

Host: www.grfcpa.com
URL: https://www.grfcpa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cbdf5c6b4306faf5c8300235d67809f4e3cff47e90ab14cb3905aa9d74ffbef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73830
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Sep 2022 20:54:32 GMT

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 27ms
26ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
cdn-edgestorageid: 879
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 09/28/2022 16:04:52
cdn-pullzone: 293267
last-modified: Fri, 05 Aug 2022 15:30:54 GMT
server: BunnyCDN-AMS-879
cdn-fileserver: 419
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: W/"62ed37ae-40cb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 2bd4dfbf192286c43407261338a16e5d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 8.f3bca198.min.js Show response
a.omappapi.com/app/js/ 25 KB
8 KB 32ms
30ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/8.f3bca198.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: b0c6a4fa6370d74665cc2541281eff7fdd171962c7abd1f956e4494e753c5867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: MISS
x-amz-request-id: GCGVESP74YZA6EHD
cdn-cachedat: 09/28/2022 16:11:05
cdn-pullzone: 293267
x-amz-id-2: cJWmxu2uM4rmo2O5clO+st2OQ76/TGexgSOK3XYcBUzn93SsgEnHIGi5y5pxYsf088WEAq/7wiI=
last-modified: Wed, 28 Sep 2022 16:10:55 GMT
server: BunnyCDN-AMS-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"e1103f16738717c74ea6e0b9e19c8a90"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 95b48070d4d187d8e82175908e6067c5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.cfa23dcd.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 37ms
35ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.cfa23dcd.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: c151f184fa529a7c5a7e9568542b3d2c68fcafe1ae2a534666297f59ab2972f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
cdn-edgestorageid: 879
perma-cache: MISS
x-amz-request-id: GCGJ6NN1DZVH73PM
cdn-cachedat: 09/28/2022 16:11:05
cdn-pullzone: 293267
x-amz-id-2: 1+TZJV4EFWCZA8PArfAnIk/M9MjFA67DdELkeovQI8grx9jqtjvJkafQNSj4w6xoDsJMvvtCaHo=
last-modified: Wed, 28 Sep 2022 16:10:55 GMT
server: BunnyCDN-AMS-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"31d4045f9f19a34fe932150efc95266c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: dc2c3c036b0716be6b0c5f04b3f0fff9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7.b21e555c.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 30ms
28ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/7.b21e555c.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 90170c06cfc78164ffb53c71f2ad709278e24ed7235dc52e5aa173effde6bb20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: MISS
x-amz-request-id: XB8AYWPRGN6D5C8M
cdn-cachedat: 09/28/2022 16:11:06
cdn-pullzone: 293267
x-amz-id-2: ygrKpF7P2aa5Cfv3Ewz6Wr1r/AlUtqF03m3tYsogBHf8b7aZgIwRtwhTDbRWlOHX1twOVJRgNWY=
last-modified: Wed, 28 Sep 2022 16:10:55 GMT
server: BunnyCDN-AMS-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"f106dbaddab04739d62aef7e414b7602"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d2c639bc67992b7ecebec50c6df8d714
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.1f5c2736.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 33ms
32ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/9.1f5c2736.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: fc4753ea69f2c58c0c9ac253d2ce4dfa872ff4337b42be14dcf4b2f77ed97d02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
cdn-edgestorageid: 879
perma-cache: MISS
x-amz-request-id: GCGJ72YVGBCMP8H9
cdn-cachedat: 09/28/2022 16:11:05
cdn-pullzone: 293267
x-amz-id-2: gl7wJz55xMKLPf9Spt4raGMEuluu3oaKxuzYkXVU80/eQTAoBIYCNiv84f+lTKF9jFZzky7Juzc=
last-modified: Wed, 28 Sep 2022 16:10:55 GMT
server: BunnyCDN-AMS-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"9781b6c486c6d676587203a4e20c426e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 7fc05ca064310686e64e5f9d7d34793e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 18.83980738.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 34ms
32ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/18.83980738.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 0569d9cfa3c0c8bb573b0d931d3ccf18fccbf15f18876ab93b384737fd227d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: MISS
x-amz-request-id: GCGYZ743BY3BZG15
cdn-cachedat: 09/28/2022 16:11:05
cdn-pullzone: 293267
x-amz-id-2: 1G1Y55wYamPDLg38HYRwlCkQmbFc4HQIZ10uCab6D3hOCyqn0J15qCO+7O+7ELnHHzbJmiADkQk=
last-modified: Wed, 28 Sep 2022 16:10:55 GMT
server: BunnyCDN-AMS-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"2321be21cff17146107e744e546a1ea4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c1fcd929b74f2d8101af5e34817594d8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 17.a750669e.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 34ms
33ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/17.a750669e.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 78cf7a5e5085740aee10b64344005a582eff61ca5f6861cc5790344580995b36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: MISS
x-amz-request-id: GCGS1TV5ZZHYMKV6
cdn-cachedat: 09/28/2022 16:11:05
cdn-pullzone: 293267
x-amz-id-2: 9/VngrH1o5rcTjlR256lAUmDE0ghyuJhNOPyg1TgvAgfDl7bS1k8729cVrxCit6TzRpXfFK4Lhs=
last-modified: Wed, 28 Sep 2022 16:10:55 GMT
server: BunnyCDN-AMS-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"1249f6fc2d693058630db3b242ce1175"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5e5bfd473adc903a1f4afba2955b0354
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 12.186194b2.min.js Show response
a.omappapi.com/app/js/ 856 B
1 KB 35ms
34ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/12.186194b2.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 0460c2d46b7e010fa01e3a9d966baf7937e31fc59d2368b4bf86c5977101d9f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: MISS
x-amz-request-id: GCGHGPPAJASP4ADZ
cdn-cachedat: 09/28/2022 16:11:05
cdn-pullzone: 293267
x-amz-id-2: hPPo/Gq0ZWw0xVyWcMemj0v1JrmHj+ZbLLboanilI9q2bIx6pKMFo6kxMgHqk+pRLUSB+JYsEYk=
last-modified: Wed, 28 Sep 2022 16:10:55 GMT
server: BunnyCDN-AMS-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"fbc5da4e5618bbd209895a30a6f66c21"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 130d3ca47af8137441a66efda2b71298
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.b46b7a9c.min.js Show response
a.omappapi.com/app/js/ 11 KB
4 KB 34ms
34ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.b46b7a9c.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 7cfcdf4ec5c1cfa7938d703299c2e55a4dd3622d7f1b8bfeb39248b3cd5add0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: MISS
x-amz-request-id: GCGZ5N5D74JKV11J
cdn-cachedat: 09/28/2022 16:11:05
cdn-pullzone: 293267
x-amz-id-2: vZ8b3VxJX4x2WrT/5R3ih5sgNaIEo12vSLZVlkFxI5fPV4y1HHEV8OF3MCT60HOPjSLQ0nUVO9g=
last-modified: Wed, 28 Sep 2022 16:10:55 GMT
server: BunnyCDN-AMS-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"eea5a382e457f40684356a72ee37fe1f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 2081b489c25f8b90c1dcfc8cb618721b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 style.css Show response
cdn.equalweb.com/style/ 15 KB
4 KB 93ms
92ms Fetch
text/css 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/style.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.2.2/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

226fc7a2ce53c05b8872e306276e482c20796a22a179991903c90fe146b88548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Nov 2021 11:06:12 GMT
server: cloudflare
etag: W/"0aa851e11e5d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4%2FMW%2BGLu1IocDOGNraW%2FXiOYf8m1KPrhbtcHpNeVuLu6%2F5wYGpUVQVpCi6X7WHUGOPOOCE9FbyLjazA6WYWyYbB1W16JBS%2B7cBxQnomN6vkqmxhlK%2FihRX2b%2BgxpGFcnQbJERS8ABlTQQIOMTY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-country: DE
x-frame-options: deny
cf-ray: 7526ed8b7b239042-FRA

GET
H2 200 btncolor.css Show response
cdn.equalweb.com/style/ 105 B
434 B 91ms
90ms Fetch
text/css 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/btncolor.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.2.2/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Feb 2019 11:16:31 GMT
server: cloudflare
etag: W/"3f26cd3dfbc1d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B%2FbMp18v03cZsgJXkTeVG3Z%2FT25eqfUu4gzHmNEUZqNqsl6pWYEQnxfP24Djz6Phnf9C19G0qsViqROkqrjZq5vZfQFihlA9CH9R5YWLSD3eo%2BIQmhG%2F7rakjor8u55zxefozHQ%2Fw%2Beb%2Fspp7s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-country: DE
x-frame-options: deny
cf-ray: 7526ed8b7b259042-FRA

GET
H2 200 en.json Show response
cdn.equalweb.com/assets/locale/ 810 B
723 B 92ms
91ms Fetch
application/json 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/locale/en.json

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.2.2/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a59881aae83948c79aad351b6c2b206f08360449c9a47e725f4523b57c5d5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
server: cloudflare
etag: W/"f45920b9fc61d71:0"
x-frame-options: deny
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBNHiDhkTekqjISdUgOQU1oKdYSSXoC%2FoETxmfroQQ2Ltflp7VmfJQBU82Vcv%2Bbaq8w8z2WdeRh%2FbAaxKSAU83bHAVWm7ZnKJVmRSIEtts2X7R2u8MqZP%2FOy%2FeqN2x8zwbivxgPx%2BMLpBrKzH9A%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-country: DE
cf-ray: 7526ed8b7b279042-FRA

GET
H2 200 pdf.js Show response
cdn.equalweb.com/assets/scripts/ 7 KB
2 KB 100ms
100ms Fetch
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/scripts/pdf.js

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.2.2/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Feb 2020 12:50:59 GMT
server: cloudflare
etag: W/"80fb6ce547ead51:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cPkSJjaHyF2Fi45X33WL9gCHzOMcb%2F0JvIs0TzWAgQKbc3HdfHQ0B1huu7%2Fr7jzopbVww4kq31zmM1gKufe1HWTyTXN2mYdWoIn4HaXBMk40WbEwo1iNhjmLZpGuwCCysgjknS%2BsOuqWV8EkOU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-country: DE
x-frame-options: deny
cf-ray: 7526ed8b7b2a9042-FRA

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2049774/ 147 B
322 B 138ms
43ms XHR
application/json 54.229.35.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2049774/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8203b45d0468dcab4b64.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.35.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-35-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 977930fc96f7aeda8c849fe1022320d3c8ceb631dea2f1e0db36a6ad16ecf9cc

Request headers

Referer: https://www.grfcpa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 2049774 Show response
vc.hotjar.io/sessions/ 0
259 B 111ms
43ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2049774?s=0.25&r=0.2397644703726063
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8203b45d0468dcab4b64.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: XoE4DJU1QZjZTJDh3oN_ZKRHxSJc-wOYATDMiosyGypf5ntrorzRmg==

GET
H2 200 GRF-CPAs-Advisors-Logo_V_RGB.svg
www.grfcpa.com/wp-content/uploads/2022/01/ 38 KB
16 KB 191ms
189ms Image
image/svg+xml 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/uploads/2022/01/GRF-CPAs-Advisors-Logo_V_RGB.svg
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: df6c0f05ab2206f042dd19ab7c413c209cd20834ca4e534e8c8d098ec75ec725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
last-modified: Tue, 04 Jan 2022 19:13:48 GMT
server: nginx
etag: W/"61d49c6c-9671"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 nonprofits-associations-tile.png
www.grfcpa.com/wp-content/uploads/2022/01/ 50 KB
51 KB 192ms
190ms Image
image/png 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/uploads/2022/01/nonprofits-associations-tile.png
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 88f21a27266cc571bd572f6329d339ec61736d77e58b8d3f15c578817354382f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
last-modified: Tue, 04 Jan 2022 18:02:41 GMT
server: nginx
etag: "61d48bc1-c904"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 51460

GET
H2 200 privately-held-businesses.png
www.grfcpa.com/wp-content/uploads/2022/01/ 51 KB
51 KB 191ms
189ms Image
image/png 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/uploads/2022/01/privately-held-businesses.png
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d29a722a15c5f4a52820538027a31b8d5f0c483cfa83ea62a2c2fb84e3367865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
last-modified: Tue, 04 Jan 2022 18:03:21 GMT
server: nginx
etag: "61d48be9-cb94"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 52116

GET
H2 200 govt-contractors-tile.png
www.grfcpa.com/wp-content/uploads/2022/01/ 44 KB
45 KB 191ms
189ms Image
image/png 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/uploads/2022/01/govt-contractors-tile.png
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7ca03899cdd634427c4219c7be39c65673f4a84e2e31e45fcd24682bfdcf8f89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
last-modified: Tue, 04 Jan 2022 18:03:08 GMT
server: nginx
etag: "61d48bdc-b18e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 45454

GET
H2 200 individuals.png
www.grfcpa.com/wp-content/uploads/2022/01/ 53 KB
53 KB 191ms
190ms Image
image/png 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/uploads/2022/01/individuals.png
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5bba426e420f1a9cbb6bb992c6f3d35d3fbd794889c345e4f0e54c5230f00d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
last-modified: Tue, 04 Jan 2022 18:02:54 GMT
server: nginx
etag: "61d48bce-d33f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 54079

GET
H2 200 dashed-line-bg-1.png
www.grfcpa.com/wp-content/uploads/2022/01/ 4 KB
4 KB 191ms
190ms Image
image/png 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/uploads/2022/01/dashed-line-bg-1.png
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5927592f5476cfa4d99039e104da949ec0304132ab2786ff813c7962bb5195e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
last-modified: Tue, 04 Jan 2022 18:05:51 GMT
server: nginx
etag: "61d48c7f-111d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4381

GET
H2 200 problem-solving-new-opportunities.png
www.grfcpa.com/wp-content/uploads/2022/01/ 139 KB
139 KB 190ms
189ms Image
image/png 35.227.184.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grfcpa.com/wp-content/uploads/2022/01/problem-solving-new-opportunities.png
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.184.45 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.184.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0f328bcb73e3b4ff36ab537ce78972c29b4125577c18a1d57918de0abf079bcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
last-modified: Tue, 04 Jan 2022 18:06:34 GMT
server: nginx
etag: "61d48caa-22af7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 142071

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/5248e50a/www-widgetapi.vflset/ 156 KB
51 KB 252ms
190ms Script
text/javascript 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11950f1b39836cbd5aae1f74a8d22594b1a5fc244f7601e8086cccdde1d71689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 17:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52495
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 29 Sep 2023 17:20:34 GMT

OPTIONS
H2 200 domain-collection
js.hs-banner.com/cookie-banner-public/v1/ Frame 0
0 284ms
166ms Preflight
application/octet-stream 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/domain-collection
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.grfcpa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.grfcpa.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7526ed8cba1dbbf5-FRA
content-length: 0
content-type: application/octet-stream
date: Thu, 29 Sep 2022 18:54:32 GMT
server: cloudflare
timing-allow-origin: *

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 297ms
182ms Preflight
application/octet-stream 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.grfcpa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.grfcpa.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7526ed8cba23bbf5-FRA
content-length: 0
content-type: application/octet-stream
date: Thu, 29 Sep 2022 18:54:32 GMT
server: cloudflare
timing-allow-origin: *

POST
H2 204 domain-collection Show response
js.hs-banner.com/cookie-banner-public/v1/ 0
137 B 564ms
564ms XHR
text/plain 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/domain-collection
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/9337846.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.grfcpa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Sep 2022 18:54:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 3b70829d-bd30-4702-aa41-345420a3304b
x-trace: 2B408F5DFA83C66CA6A2E3D8F61C1B51134FB68A97000000000000000000
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.grfcpa.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7526ed8ddcedbbf5-FRA

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
137 B 319ms
319ms XHR
text/plain 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/9337846.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.grfcpa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 35cbf4dd-ffb5-40cd-938d-2eff0a20a076
x-trace: 2B0FE9E5EFE3BD3A77B7573CF644FA4D1BA7C32FC3000000000000000000
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.grfcpa.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7526ed8e8ed0bbf5-FRA

GET
H3 200 www-player.css
www.youtube.com/s/player/5248e50a/ Frame 2B98 358 KB
49 KB 34ms
29ms Stylesheet
text/css 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b0ee7225ad88345a88cfb755b77a6b4741c45e7a1933f92a7345fc06c314e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49798
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:48:14 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/5248e50a/www-embed-player.vflset/ Frame 2B98 305 KB
95 KB 65ms
60ms Script
text/javascript 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fee19626251374178b719acf5a9054e775ec7cd3c68438d4722bd0d56da48dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97166
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:48:14 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/ Frame 2B98 2 MB
578 KB 77ms
72ms Script
text/javascript 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c691eef5f1466c0589ffe91dfb84c9e3ae3be372cf40569e4f18543b8d6c563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 592063
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:51:50 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/5248e50a/fetch-polyfill.vflset/ Frame 2B98 9 KB
3 KB 33ms
29ms Script
text/javascript 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:48:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2B98 15 KB
16 KB 60ms
17ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 179271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 27 Sep 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2B98 15 KB
15 KB 64ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 246793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 22:21:19 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 239ms
200ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=9337846&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9eac7ed642522916e709d199cb2272aae88a0082aaa03fc1c58227875f4c4c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.grfcpa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 4288b399-f18e-46b0-924f-29303aaadd88
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.grfcpa.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7%2ByTzpnGXcZrLNos7wn3cYrMhko3UdL3cq3TE89izHraVr9y61ZXYBBqZuF3wVVF9GxhtgOI0Fz1okdb7Qn2ygWE50wrzxnh3Mf5%2FRrKoquGK9b9CJN%2B3kxgFEoDoW9doM16Td4juhyopGJ7PFu"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7526ed8c58e15b32-FRA

GET
H2 200 11.svg Show response
cdn.equalweb.com/assets/images/ 1017 B
909 B 287ms
287ms Fetch
image/svg+xml 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/images/11.svg

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.2.2/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247fc189082160e979e84de9e2a591da28319423bc1b706e9a99f2fe3bced7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Aug 2019 12:47:47 GMT
server: cloudflare
etag: W/"42b27526748d51:0"
x-frame-options: deny
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxgvbCIDd0ygu3PIeOfgTZhdlcKM7TsNdcoSX7OCbuTVQWNkXH9llAZq92igW7v16XPiv6%2BqYvoXNQrhMu1X9Qfqig7ucJzXn0WJdEeYayzHM6AGfgIMMOpeSrtlezRtcZR5q2F8cxv3s63U4x0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-country: DE
vary: Accept-Encoding
cf-ray: 7526ed8c1c8e9042-FRA

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
444 B 403ms
228ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: www.grfcpa.com
URL: https://www.grfcpa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: c3b9a536-ef0a-4f21-b20c-4796de435ef0
x-trace: 2B07C3EEDC88886EE1FF07D10ED6C39722A55E5EAE000000000000000000
vary: Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7526ed8f18266943-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2B98
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

59ms
26ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59fdbc7a9ad8086bf5d9b0a0fd43a08271edc37eac851577091c9a958d26ed5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 29 Sep 2022 18:54:32 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2B98 29 B
588 B 180ms
17ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:39:54 GMT
x-content-type-options: nosniff
age: 878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Sep 2022 18:54:54 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 163ms
27ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 29 Sep 2022 18:54:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2B98 66 KB
30 KB 65ms
32ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd0e82028eb321fd5c8d227384d0c758652a844fe7372a6dec2845f10cbc153e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31034
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 2B98 57 KB
20 KB 183ms
183ms XHR
application/json 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c20d4e400a4b4e5df551fc701a7502029945dacd7520a90a293f7cdac643c97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220927.01.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-Goog-Visitor-Id: CgtmNnhxRkRHSk9Mcyjo09eZBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20342
x-xss-protection: 0
expires: Thu, 29 Sep 2022 18:54:32 GMT

GET
H2 200 nrTPYF1MeWhW5u-1uricHJVJdskICRuFTkjv60UEiAs.js Show response
www.google.com/js/th/ Frame 2B98 36 KB
14 KB 125ms
19ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/nrTPYF1MeWhW5u-1uricHJVJdskICRuFTkjv60UEiAs.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eb4cf605d4c796856e6efb5bab89c1c954976c908091b854e48efeb4504880b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 05:22:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14144
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 05:22:41 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/ Frame 2B98 25 KB
8 KB 32ms
31ms Script
text/javascript 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e17cbde77014c5439662649c9a847768e743ed8abae03e49299bf9aa24831c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8105
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:52:23 GMT

GET
DATA 200
OK truncated
/ Frame 2B98 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu9O9GhwKgfbp_I1MOKiiRCPbA9Ur6llRnl9DYCJLA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2B98 3 KB
3 KB 121ms
33ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu9O9GhwKgfbp_I1MOKiiRCPbA9Ur6llRnl9DYCJLA=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b4ae6e58bd3c477477b6cc8086c7ea58352e01feda7bfe0123e1cf428f12a08f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2850
x-xss-protection: 0
server: fife
etag: "vf1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 28 Sep 2022 14:31:56 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 2B98 0
10 B 29ms
28ms Image
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?xCFo3w
Requested by: Host: www.grfcpa.com
URL: https://www.grfcpa.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 2B98 0
19 B 55ms
53ms XHR
text/html 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=248&afmt=250&cpn=uq3Dodf4zsc1tAyx&el=embedded&ns=yt&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24226335%2C24248385%2C24255165%2C24268154%2C24276619%2C24276631%2C24277989%2C24278545%2C24283280%2C24289901%2C24290131%2C39322399&cl=477281821&seq=1&docid=JTi9xdabYMg&ei=6Ok1Y_7dKfq7x_AP87mTmAo&event=streamingstats&plid=AAXp1WhsErtTQ5Wc&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FJTi9xdabYMg%3Fenablejsapi%3D1%26disablekb%3D1%26controls%3D0%26rel%3D0%26iv_load_policy%3D3%26cc_load_policy%3D0%26playsinline%3D1%26showinfo%3D0%26modestbranding%3D1%26fs%3D0%26origin%3Dhttps%3A%2F%2Fwww.grfcpa.com%26mute%3D1%26autoplay%3D1%26loop%3D1&cbr=Chrome&cbrver=106.0.5249.61&c=WEB_EMBEDDED_PLAYER&cver=1.20220927.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.011:B,0.238:B,0.238:B&cmt=0.011:0.000,0.238:0.000&afs=0.238:250::i&vfs=0.238:248:248::r&view=0.238:1800:1013&bwe=0.238:130000&bat=0.238:1:1&vis=0.238:0&bh=0.238:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
X-YouTube-Client-Version: 1.20220927.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmNnhxRkRHSk9Mcyjo09eZBg%3D%3D
X-YouTube-Ad-Signals: dt=1664477672561&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1800%2C1013&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 18:54:32 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr1---sn-4g5edn6k.googlevideo.com/ Frame 2B98 156 KB
157 KB 286ms
109ms Fetch
video/webm 2a00:1450:4001:d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5edn6k.googlevideo.com/videoplayback?expire=1664499272&ei=6Ok1Y_7dKfq7x_AP87mTmAo&ip=2001%3Aac8%3A20%3A303%3A%3A203e&id=o-AHiar5h0i2v9_-fsCML_9fYBpKo4LvTWi520InFZ3jub&itag=248&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=5f&mm=31%2C29&mn=sn-4g5edn6k%2Csn-4g5lznl7&ms=au%2Crdu&mv=m&mvi=1&pl=49&initcwndbps=231250&spc=yR2vp6DHHDno6Dj1Pm_BS2WIsA_sii4&vprv=1&mime=video%2Fwebm&ns=rjaavXKwcSyy3KXVDZsA0LEI&gir=yes&clen=1079272&dur=17.475&lmt=1641420054752254&mt=1664477130&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=ZTOziDXBritZOA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPGT764k7YoCBvgbIJL7RtOeTnxRSJHPSni8K0UkAe1jAiEAwS1ZHT2BxXY2YF6ixbwym4BWEolS0Z0HSpdok5sqSIU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAIHkulQ2pe0LVuEOidXgzRKt4EF-K_UtDjO2WJdFCzPQAiAODxkqJMrLlX6WJBn6YE_1HiL17mT4ZNqXdbqG9E-EgA%3D%3D&alr=yes&cpn=uq3Dodf4zsc1tAyx&cver=1.20220927.01.00&range=0-159380&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e26aca35cb9aa4ebde6f974da9bf64c756a11c63350362d3d0443d79d07ccac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 18:54:33 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 159381
Last-Modified: Wed, 05 Jan 2022 22:00:54 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 29 Sep 2022 18:54:33 GMT

POST
H/1.1 200
OK videoplayback Show response
rr1---sn-4g5edn6k.googlevideo.com/ Frame 2B98 8 KB
9 KB 257ms
82ms Fetch
audio/webm 2a00:1450:4001:d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5edn6k.googlevideo.com/videoplayback?expire=1664499272&ei=6Ok1Y_7dKfq7x_AP87mTmAo&ip=2001%3Aac8%3A20%3A303%3A%3A203e&id=o-AHiar5h0i2v9_-fsCML_9fYBpKo4LvTWi520InFZ3jub&itag=250&source=youtube&requiressl=yes&mh=5f&mm=31%2C29&mn=sn-4g5edn6k%2Csn-4g5lznl7&ms=au%2Crdu&mv=m&mvi=1&pl=49&initcwndbps=231250&spc=yR2vp6DHHDno6Dj1Pm_BS2WIsA_sii4&vprv=1&mime=audio%2Fwebm&ns=rjaavXKwcSyy3KXVDZsA0LEI&gir=yes&clen=8195&dur=17.501&lmt=1641420050658784&mt=1664477130&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=ZTOziDXBritZOA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdf9BfHQCqvo8J5450oEDO1Urlk8IfZAhvc6fWxwZcjwCICVnlutkhIqExKYFXC-y3dXeXysFoGczaaIlR3dyWcGP&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAIHkulQ2pe0LVuEOidXgzRKt4EF-K_UtDjO2WJdFCzPQAiAODxkqJMrLlX6WJBn6YE_1HiL17mT4ZNqXdbqG9E-EgA%3D%3D&alr=yes&cpn=uq3Dodf4zsc1tAyx&cver=1.20220927.01.00&range=0-8194&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cfed51f5262c4d0c7d3189b6289b23082b45f185f16bdac99e64806d13133c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 18:54:33 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 8195
Last-Modified: Wed, 05 Jan 2022 22:00:50 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 29 Sep 2022 18:54:33 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/ Frame 2B98 32 KB
9 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbef389a93aff1fbb18f2d905ebcd3b0c140b457de11e63cca0d725164f23e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8763
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:51:52 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 2B98 7 KB
2 KB 273ms
273ms XHR
application/json 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7281b9b3d04a1a3433953409d6193526433305c056af3b12f74fdca0a796bbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220927.01.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-Goog-Visitor-Id: CgtmNnhxRkRHSk9Mcyjo09eZBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 29 Sep 2022 18:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2271
x-xss-protection: 0
expires: Thu, 29 Sep 2022 18:54:33 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
893 B 435ms
306ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=709389575&v=1.1&a=9337846&ct=standard-page&rcu=https%3A%2F%2Fwww.grfcpa.com%2F&pu=https%3A%2F%2Fwww.grfcpa.com%2F&t=GRF+CPAs+%26+Advisors+%7C+Personal+Service+With+Powerful+Solutions&cts=1664477672995&vi=219b312f1b3c984430324b046eb6348c&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 446cc766-60a2-406a-902f-04429bdf7f9c
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccmqPuGryWrhBeFUzwO1Tkj9zFZ63V1Lkw91pxDFqCK%2FYzN5rbsueioyYKJK23no%2FVEZmZMyv3xmdd4wBATH8VXqrbl6HpsIpklpLU%2BfzTxNeXHXwQhWQ1ClH3EkBJRG2Z5kDeOra%2BNBKElx%2BwWy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7526ed91fcd99951-FRA
x-robots-tag: none

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2B98 90 B
134 B 30ms
30ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

503b2f10cbf5bbcbc4945d437e3c7066e9f30782ba0fb9ffa0ab94d96882fda4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 29 Sep 2022 18:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 24ms
24ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 29 Sep 2022 18:54:33 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 AMLnZu9O9GhwKgfbp_I1MOKiiRCPbA9Ur6llRnl9DYCJLA=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2B98 4 KB
4 KB 98ms
64ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu9O9GhwKgfbp_I1MOKiiRCPbA9Ur6llRnl9DYCJLA=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab86ef72ca75bfd6401fa2cd651dbc816d66e24d83619e572a7f8953a0dab376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3623
x-xss-protection: 0
server: fife
etag: "vf1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 28 Sep 2022 14:31:57 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 2B98 0
17 B 54ms
53ms XHR
text/html 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=uq3Dodf4zsc1tAyx&ver=2&cmt=0.014&fmt=248&fs=0&rt=1.008&euri=https%3A%2F%2Fwww.grfcpa.com%2F&lact=1040&cl=477281821&mos=1&volume=100&cbr=Chrome&cbrver=106.0.5249.61&c=WEB_EMBEDDED_PLAYER&cver=1.20220927.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=17.501&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24226335%2C24248385%2C24255165%2C24268154%2C24276619%2C24276631%2C24277989%2C24278545%2C24283280%2C24289901%2C24290131%2C39322399&rtn=9&afmt=250&size=1800%3A1013&inview=0&muted=1&docid=JTi9xdabYMg&ei=6Ok1Y_7dKfq7x_AP87mTmAo&plid=AAXp1WhsErtTQ5Wc&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FJTi9xdabYMg%3Fenablejsapi%3D1%26disablekb%3D1%26controls%3D0%26rel%3D0%26iv_load_policy%3D3%26cc_load_policy%3D0%26playsinline%3D1%26showinfo%3D0%26modestbranding%3D1%26fs%3D0%26origin%3Dhttps%3A%2F%2Fwww.grfcpa.com%26mute%3D1%26autoplay%3D1%26loop%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBTGV0MXV3TEl6aHVLMktsWkt1RjFoZ3RrWTVIOTU4V3ptOUF3ZGNMbjBDNi1Ualk5UWJSQVBta0tESmhNYXU5dnltOGZNZzVNTUFLdHg5aTFKTFBfUkVWSjQ1Y3NKZWRfbzMtWmpjdmZfaGU1NE9PTHkyT2duY2xSZWx2bFBWNUE5UFNCdw

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
X-YouTube-Client-Version: 1.20220927.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmNnhxRkRHSk9Mcyjo09eZBg%3D%3D
X-YouTube-Ad-Signals: dt=1664477672561&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1800%2C1013&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 18:54:33 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 2B98 0
19 B 53ms
53ms XHR
text/html 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=JTi9xdabYMg&cpn=uq3Dodf4zsc1tAyx&ei=6Ok1Y_7dKfq7x_AP87mTmAo&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
X-YouTube-Client-Version: 1.20220927.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmNnhxRkRHSk9Mcyjo09eZBg%3D%3D
X-YouTube-Ad-Signals: dt=1664477672561&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1800%2C1013&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 18:54:33 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr1---sn-4g5edn6k.googlevideo.com/ Frame 2B98 155 KB
155 KB 142ms
79ms Fetch
video/webm 2a00:1450:4001:d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c0e8df233c9a7609af5cf23c43522e4558f91d6f33a74fcf249c724bdcfe9a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 29 Sep 2022 18:54:34 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159096
last-modified: Wed, 05 Jan 2022 22:00:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 29 Sep 2022 18:54:34 GMT

POST
H3 200 videoplayback Show response
rr1---sn-4g5edn6k.googlevideo.com/ Frame 2B98 240 KB
240 KB 58ms
57ms Fetch
video/webm 2a00:1450:4001:d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3dd8d82303d38254067a1e8f97e85450da5c948a206de4b5d1a49fe70ada037d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 29 Sep 2022 18:54:34 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245819
last-modified: Wed, 05 Jan 2022 22:00:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 29 Sep 2022 18:54:34 GMT

POST
H3 200 videoplayback Show response
rr1---sn-4g5edn6k.googlevideo.com/ Frame 2B98 503 KB
503 KB 51ms
50ms Fetch
video/webm 2a00:1450:4001:d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1098c88771dff243d0318a621f343d33c4376be56f5959511562a63d3d425717

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 29 Sep 2022 18:54:34 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514976
last-modified: Wed, 05 Jan 2022 22:00:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 29 Sep 2022 18:54:34 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2B98 28 B
54 B 61ms
60ms XHR
application/json 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-Goog-Request-Time: 1664477674801
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/JTi9xdabYMg?enablejsapi=1&disablekb=1&controls=0&rel=0&iv_load_policy=3&cc_load_policy=0&playsinline=1&showinfo=0&modestbranding=1&fs=0&origin=https://www.grfcpa.com&mute=1&autoplay=1&loop=1
X-YouTube-Client-Version: 1.20220927.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmNnhxRkRHSk9Mcyjo09eZBg%3D%3D
X-YouTube-Ad-Signals: dt=1664477672447&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1800%2C1013&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 29 Sep 2022 18:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 29 Sep 2022 18:54:34 GMT

GET
H2 200 1821b90742b9a6fd187196493090bb9a-optin.json Show response
a.omappapi.com/app/campaign-views/e5671b704ece/pwbehhi9rmqnjlopofuu/ 23 KB
5 KB 210ms
69ms XHR
application/json 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/e5671b704ece/pwbehhi9rmqnjlopofuu/1821b90742b9a6fd187196493090bb9a-optin.json
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 22d0ba023b245f6d37b38aa10ee03dd1b2873879346bc7089ef067febd67973f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:37 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-198
cdn-cachedat: 09/29/2022 02:06:00
cdn-pullzone: 293267
last-modified: Fri, 24 Jun 2022 19:31:16 GMT
server: BunnyCDN-AMS-879
cdn-fileserver: 373
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: W/"62b61104-5c85"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 9c37698f1c6f10457e46a1f2c5c8aa8e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7345f7e5314b1656097579-grf-were-hiring.jpg
a.omappapi.com/users/e5671b704ece/images/ 30 KB
31 KB 29ms
29ms Image
image/webp 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/e5671b704ece/images/7345f7e5314b1656097579-grf-were-hiring.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 2889991a629fa0314d4eff6b9adf4b29754d779b9576f9e8c0f948736d0b89c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:37 GMT
cdn-edgestorageid: 879
perma-cache: HIT
cdn-storageserver: DE-197
cdn-cachedat: 09/29/2022 08:36:57
cdn-pullzone: 293267
content-length: 30884
last-modified: Fri, 24 Jun 2022 19:09:22 GMT
server: BunnyCDN-AMS-879
cdn-fileserver: 369
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: "62b60be2-78a4"
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 7c723c8f92af4ccc7d2719fc074788d9
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7345f7e5314b1656097579-grf-were-hiring.jpg
a.omappapi.com/users/e5671b704ece/images/ 30 KB
31 KB 27ms
26ms Image
image/webp 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/e5671b704ece/images/7345f7e5314b1656097579-grf-were-hiring.jpg
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 2889991a629fa0314d4eff6b9adf4b29754d779b9576f9e8c0f948736d0b89c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grfcpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:54:37 GMT
cdn-edgestorageid: 879
perma-cache: HIT
cdn-storageserver: DE-197
cdn-cachedat: 09/29/2022 08:36:57
cdn-pullzone: 293267
content-length: 30884
last-modified: Fri, 24 Jun 2022 19:09:22 GMT
server: BunnyCDN-AMS-879
cdn-fileserver: 369
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: "62b60be2-78a4"
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: e4ed582669e28bbdf027061efbbbfe62
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET i
z.omappapi.com/v3/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: z.omappapi.com
URL: https://z.omappapi.com/v3/i?aid=140874&cid=pwbehhi9rmqnjlopofuu&sid=6144b96d8cead&rt=false&dv=desktop&cty=popup&url=&v=5

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.grfcpa.com/	1970-01-20 15:57:17	Name: _omappvp Value: QBdt1npK9GCddrTzufkrhQbzPmxxfjpZxyry7pvbBx7CckyndybtzKmImHRPGrx8oprG1CO2JVxCS72TrILuQ7tuzq0t9FjN
www.grfcpa.com/	1970-01-20 06:21:18	Name: _omappvs Value: 1664477671949
.grfcpa.com/	1970-01-20 15:57:17	Name: _ga Value: GA1.2.641232115.1664477672
.grfcpa.com/	1970-01-20 06:22:44	Name: _gid Value: GA1.2.1783444351.1664477672
.grfcpa.com/	1970-01-20 06:21:17	Name: _gat_gtag_UA_1302376_2 Value: 1
.grfcpa.com/	1970-01-20 15:06:53	Name: _hjSessionUser_2049774 Value: eyJpZCI6IjAxMzdlMTg1LTgxMWUtNWFhNi05OGFlLWE3NzY1MjU2ZDcyYyIsImNyZWF0ZWQiOjE2NjQ0Nzc2NzIwNDcsImV4aXN0aW5nIjpmYWxzZX0=
.grfcpa.com/	1970-01-20 06:21:19	Name: _hjFirstSeen Value: 1
www.grfcpa.com/	1970-01-20 06:21:17	Name: _hjIncludedInSessionSample Value: 0
.grfcpa.com/	1970-01-20 06:21:19	Name: _hjSession_2049774 Value: eyJpZCI6ImEyNGQ4N2M1LTQ3MmUtNDIzYS04ZTAxLWY4N2ZiM2EzYzE4ZCIsImNyZWF0ZWQiOjE2NjQ0Nzc2NzIyMzUsImluU2FtcGxlIjpmYWxzZX0=
www.grfcpa.com/	1970-01-20 06:21:17	Name: _hjIncludedInPageviewSample Value: 1
.grfcpa.com/	1970-01-20 06:21:19	Name: _hjAbsoluteSessionInProgress Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Smi8Nn7OItk
.youtube.com/	1970-01-20 10:40:29	Name: VISITOR_INFO1_LIVE Value: f6xqFDGJOLs
.hubspot.com/	1970-01-20 06:21:19	Name: __cf_bm Value: kkgty_GtQ6QrZxwa_LJdqH5GBJK5rF4Lco_d_ops3Z0-1664477673-0-AUC2HsulVJcGQ8dUVSjfUC4R5mLFKe+hAj607CjyNlR7B7u10OuvE3vnuWyTQDWhbPvhrgpcR0Nxh5F84G37vfw=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.grfcpa.com/wp-content/themes/grf/css/js/youtube-background.js?ver=6.0.2(Line 199) Message: Unrecognized feature: 'mute'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
api.omappapi.com
cdn.equalweb.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
grfcpa.com
img.youtube.com
in.hotjar.com
jnn-pa.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hscta.net
js.hsleadflows.net
p.typekit.net
rr1---sn-4g5edn6k.googlevideo.com
script.hotjar.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
use.fontawesome.com
use.typekit.net
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.grfcpa.com
www.youtube.com
yt3.ggpht.com
z.omappapi.com
z.omappapi.com
18.66.112.110
18.66.112.19
18.66.147.113
18.66.97.37
2400:52e0:1e01::879:1
2606:4700:20::ac43:4771
2606:4700:4400::ac40:9a55
2606:4700::6810:5805
2606:4700::6811:46b0
2606:4700::6811:70b0
2606:4700::6811:83ab
2606:4700::6811:d3cc
2606:4700::6811:dfcc
2606:4700::6811:e9cc
2606:4700::6813:9a53
2606:4700:e2::ac40:850f
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2006
2a00:1450:4001:811::200e
2a00:1450:4001:827::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:4001:d::6
2a00:1450:400c:c00::9b
2a00:1450:400d:80d::200e
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
35.227.184.45
52.222.236.74
54.229.35.143
008ca3517439d25c15634e3ad936409d84b63deb0b87347bab5bd8b4673c24b0
01df26cdf4bc59cad01cbb3b27b2cd340081a0098797a7e52fdda442db7a2d61
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
036b43fb2ab000d8327706f66cbbfc3e880e033fef174fc3e5b02ab013c1935c
0460c2d46b7e010fa01e3a9d966baf7937e31fc59d2368b4bf86c5977101d9f3
0569d9cfa3c0c8bb573b0d931d3ccf18fccbf15f18876ab93b384737fd227d03
0842bcca8eec90d1d79b2d77f151c263744b62144e84de09d4f30bd436713a46
0b5a2a3caeb274f54298cf7992f3754883b97c6b1f8272de24f3f5757d7e6ab6
0e17cbde77014c5439662649c9a847768e743ed8abae03e49299bf9aa24831c7
0e596f670b89fde97ccb0e45eaa50a3c294cd87b12b40930c9d41c59744fbb02
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
0f1fbff0b0970359ef9b252e66e58be8a65c6256bdb9970b49d1acf6dd8a5ff3
0f328bcb73e3b4ff36ab537ce78972c29b4125577c18a1d57918de0abf079bcb
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
1098c88771dff243d0318a621f343d33c4376be56f5959511562a63d3d425717
11950f1b39836cbd5aae1f74a8d22594b1a5fc244f7601e8086cccdde1d71689
11f48d4b4695c44fed6a2868845ac7dcea105360de0c811d008fed3b1eb69c61
125e6b9ca120fa2bc4892544dda8f20226f26c5bbf550fae4be07b80612982fc
17edcca62266b662cda87b005805731bc4feb5b33484e4014d0a086e9e424f61
1940c4e25fa5e96c143f6024185570fd16bb1661459e3d119ccd4ff04c94c2b9
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cbdf5c6b4306faf5c8300235d67809f4e3cff47e90ab14cb3905aa9d74ffbef
21b18a3ac69dabdc8c9c89949f5da3826257c73540b98e6948061ae915fad8f7
226fc7a2ce53c05b8872e306276e482c20796a22a179991903c90fe146b88548
22d0ba023b245f6d37b38aa10ee03dd1b2873879346bc7089ef067febd67973f
247fc189082160e979e84de9e2a591da28319423bc1b706e9a99f2fe3bced7af
2889991a629fa0314d4eff6b9adf4b29754d779b9576f9e8c0f948736d0b89c1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2fee19626251374178b719acf5a9054e775ec7cd3c68438d4722bd0d56da48dd
3461dbaed3efdee01641406d5a7f10e19bad65bf166ca57a9eb6cbbd4553bd70
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
36b0dd828598eda706c5ee8e2b38e617a0289c269e318543d0252ba3b911c0bf
3dd8d82303d38254067a1e8f97e85450da5c948a206de4b5d1a49fe70ada037d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
421c19f2440e37a4afa5294268c9f292795f5b37773dadf976ed7c6b97584f3c
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
480520285398ea2062b8f49154125a17c8b2243c50b643c647f9f15cd193e8f5
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4f8059cfd6739160b9073e937833a58c728a9791b380f27fcf2d047d76951155
503b2f10cbf5bbcbc4945d437e3c7066e9f30782ba0fb9ffa0ab94d96882fda4
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb
581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9
589d6afec4c3b3c5491f15c1e9cce3f058eff800e2c1b195cb0a7f7337640cab
5927592f5476cfa4d99039e104da949ec0304132ab2786ff813c7962bb5195e8
59fdbc7a9ad8086bf5d9b0a0fd43a08271edc37eac851577091c9a958d26ed5d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bba426e420f1a9cbb6bb992c6f3d35d3fbd794889c345e4f0e54c5230f00d90
6431d95fae1785167a96a661aed6e41818c20200aafe2020fce6945a0dceb4f9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a6cce7ced081f55fa2164ded3a65962a273d16b4eb48c17548854d7e0e706d8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8595b138dd432af08c3faf15d080f2e2bd787d86a68a1bb639d92e0b4212cf
7281b9b3d04a1a3433953409d6193526433305c056af3b12f74fdca0a796bbbd
75bc5af06f242ea8ea9279faec374273648b92457edc0fc4d992c03b59903ec2
78cf7a5e5085740aee10b64344005a582eff61ca5f6861cc5790344580995b36
7aeecda26fd3b07337e3132b39f7e0f4829d112f67d3a9b963d4674f15c6756d
7ca03899cdd634427c4219c7be39c65673f4a84e2e31e45fcd24682bfdcf8f89
7cfcdf4ec5c1cfa7938d703299c2e55a4dd3622d7f1b8bfeb39248b3cd5add0b
7f5ef76390284f7d89f89b4fbb942b7938e35d5f5fcdc6866ebf030e05ae7d99
8051dfda67a0e02e31a79f89396bc57c87637561b2bbef8b331330550356f629
833d656ef4f2a206dce77d69ab54e57ba23cf5b2a3ecae13c9db6a80842ec60f
858a82228958a3c8de474987772f997f6feeab666d6a34ac740b01fe81f69cac
85e7ac58062b0a6794dd44791648c4a70d4dee1911387ea79c0002fe8bc6d0dc
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8708b643f608626811d70c002e7e1abc94aa1bc672e99f4803f48763910e4702
8748adc82884b1aec724c65f2579b9e2b27420626eae72eeda317c251177dbf4
88f21a27266cc571bd572f6329d339ec61736d77e58b8d3f15c578817354382f
8a59881aae83948c79aad351b6c2b206f08360449c9a47e725f4523b57c5d5e4
8b0ee7225ad88345a88cfb755b77a6b4741c45e7a1933f92a7345fc06c314e76
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8e91df4c8051fcb74458192922a062705a907d471d2b33caf4f8764920c385fd
90170c06cfc78164ffb53c71f2ad709278e24ed7235dc52e5aa173effde6bb20
91e598571609682f85ac8eaf7a2d7f64abe0dbd9ecf01b48c89af46698329747
930bb849a34c23019835428b195cd0b34075a59feb0398ddf30f9ddd12e8a265
94d11746fb9d90916f834839dbafa4909bc0a7724fa2ddd31ddb44f1d282a440
977930fc96f7aeda8c849fe1022320d3c8ceb631dea2f1e0db36a6ad16ecf9cc
9b63b85a6de8dfc0814d42480df4dc254b564329c8494aaa7df45367a66d2bd0
9c691eef5f1466c0589ffe91dfb84c9e3ae3be372cf40569e4f18543b8d6c563
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9eac7ed642522916e709d199cb2272aae88a0082aaa03fc1c58227875f4c4c26
9eb4cf605d4c796856e6efb5bab89c1c954976c908091b854e48efeb4504880b
9f3f4c9d032ef7d5e47130b1b0096850dde4d86f2451f3eb9cece4426514af3a
a10b74d31e3c2c6766d954b6bb40c5cab5760f2e3ec00c293c6bf45cf4d30a44
a82b21d2faee9275b342bf49da6d4cd3a5e3ba462cfb9b15f84eea330e99182c
ab86ef72ca75bfd6401fa2cd651dbc816d66e24d83619e572a7f8953a0dab376
b0c6a4fa6370d74665cc2541281eff7fdd171962c7abd1f956e4494e753c5867
b4ae6e58bd3c477477b6cc8086c7ea58352e01feda7bfe0123e1cf428f12a08f
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bbc4d71d90b8cba0ab3a9e56982605b49aa762585d8507628ec03daf3fe1783f
bbe5717b2e530ed3889fef7a3f64bd8703892af4df7a50ebdab50877d714ccb1
bc438071772d6abcb5814be6e00623a07b13f1cc6320868e9039fc87ab4036d5
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bec209adcf425f5fdd306fbae2da80f735f40244249e4e67237401fa748f3583
bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee
c0d1e018c274598a46b3f57f8dcbc0672cdba54dd55fa3a922bae6757034ab81
c0e8df233c9a7609af5cf23c43522e4558f91d6f33a74fcf249c724bdcfe9a32
c151f184fa529a7c5a7e9568542b3d2c68fcafe1ae2a534666297f59ab2972f8
c20d4e400a4b4e5df551fc701a7502029945dacd7520a90a293f7cdac643c97c
c3f1e4144c0fc9a0638f42d5d6c9875ae6768680a7f2ffa5ef449ccdf25fe436
c4805496b7492b3ad994fdb6ed5596988af463761c0e77fa9a5030c4e2f253f2
c98051109292b7a0765b7937162cf57678618bc1f61ef0026cdf11c3da33932f
cbef389a93aff1fbb18f2d905ebcd3b0c140b457de11e63cca0d725164f23e2e
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cf7f72d16b9546274d8ca85efe62bd6bb759d68a9f5dfe76253d4122e1da7df8
cfed51f5262c4d0c7d3189b6289b23082b45f185f16bdac99e64806d13133c14
d29a722a15c5f4a52820538027a31b8d5f0c483cfa83ea62a2c2fb84e3367865
d3da652ef1cb092c08ce8a36845eb902017ab769c3c6300c057d64f97114d722
d7104b9ca2d10a53c21c48b4908ca52163e4cc13a7a335c55fc473fb539099d8
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6c0f05ab2206f042dd19ab7c413c209cd20834ca4e534e8c8d098ec75ec725
e26aca35cb9aa4ebde6f974da9bf64c756a11c63350362d3d0443d79d07ccac1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
edb8a01d35a04be470180136658e73e6ce139ca90d9a362bf476a9479cedea37
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f535eb25d17d4ddecf67d5544eb607fa8644e982f5d5a36949d0763bb88f0d7f
f9e963650271cfc0ea1b1ca5d3aedd8b73fa7040b50159d7146777ebebc0d212
fc4753ea69f2c58c0c9ac253d2ce4dfa872ff4337b42be14dcf4b2f77ed97d02
fd0e82028eb321fd5c8d227384d0c758652a844fe7372a6dec2845f10cbc153e

www.grfcpa.com Open in urlscan Pro 35.227.184.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

98 %HTTPS

79 %IPv6

25 Domains

36 Subdomains

34 IPs

5 Countries

4143 kBTransfer

8516 kBSize

14 Cookies

12 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.grfcpa.com Open in urlscan Pro
35.227.184.45 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

98 %
HTTPS

79 %
IPv6

25
Domains

36
Subdomains

34
IPs

5
Countries

4143 kB
Transfer

8516 kB
Size

14
Cookies

122 HTTP transactions
14 data transactions