urlscan.io logo urlscan.io
SecurityTrails logo

thefinancialguys.com Open in urlscan Pro
198.71.233.230  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://joinmedicare.us/
Effective URL: https://thefinancialguys.com/wny-medicare-made-easy/
Submission: On September 16 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 5 countries across 27 domains to perform 118 HTTP transactions. The main IP is 198.71.233.230, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is thefinancialguys.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 24th 2020. Valid for: 2 years.
This is the only time thefinancialguys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.168.131.241 26496 (AS-26496-...)
26 198.71.233.230 26496 (AS-26496-...)
1 69.16.175.42 20446 (HIGHWINDS3)
1 104.22.1.18 13335 (CLOUDFLAR...)
2 34.107.203.240 15169 (GOOGLE)
1 104.18.112.52 13335 (CLOUDFLAR...)
1 104.16.8.31 13335 (CLOUDFLAR...)
2 142.250.184.202 15169 (GOOGLE)
2 142.250.181.232 15169 (GOOGLE)
1 2.18.233.89 16625 (AKAMAI-AS)
2 2 142.250.74.206 15169 (GOOGLE)
4 142.250.185.68 15169 (GOOGLE)
1 2.18.234.132 16625 (AKAMAI-AS)
3 172.217.16.142 15169 (GOOGLE)
1 18.66.97.49 16509 (AMAZON-02)
3 31.13.92.14 32934 (FACEBOOK)
11 142.250.185.195 15169 (GOOGLE)
1 2 108.174.11.69 14413 (LINKEDIN)
1 1 13.107.42.14 8068 (MICROSOFT...)
11 142.250.185.110 15169 (GOOGLE)
1 142.250.186.174 15169 (GOOGLE)
2 74.125.206.157 15169 (GOOGLE)
1 35.202.21.90 15169 (GOOGLE)
1 18.66.139.102 16509 (AMAZON-02)
15 142.250.185.138 15169 (GOOGLE)
1 18.66.139.40 16509 (AMAZON-02)
4 142.250.184.227 15169 (GOOGLE)
1 52.16.211.92 16509 (AMAZON-02)
4 31.13.68.35 32934 (FACEBOOK)
1 2 142.250.180.226 15169 (GOOGLE)
1 142.250.185.166 15169 (GOOGLE)
4 35.192.151.63 15169 (GOOGLE)
1 142.250.185.161 15169 (GOOGLE)
1 142.250.180.246 15169 (GOOGLE)
2 142.250.186.35 15169 (GOOGLE)
2 216.58.212.147 15169 (GOOGLE)
1 5 104.19.151.86 13335 (CLOUDFLAR...)
118 35
1    184.168.131.241 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
joinmedicare.us
26    198.71.233.230 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-198-71-233-230.ip.secureserver.net
thefinancialguys.com
1    69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
code.jquery.com
1    104.22.1.18 (None, )

ASN13335 (CLOUDFLARENET, US)
www.riskalyze.com
2    34.107.203.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.203.107.34.bc.googleusercontent.com
embed.lpcontent.net
static.leadpages.net
1    104.18.112.52 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.sitescdn.net
1    104.16.8.31 (None, )

ASN13335 (CLOUDFLARENET, US)
ry159.infusionsoft.com
2    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
2    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
1    2.18.233.89 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-89.deploy.static.akamaitechnologies.com
eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com
2    142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net
maps.google.com
4    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
1    2.18.234.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-132.deploy.static.akamaitechnologies.com
snap.licdn.com
3    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
www.google-analytics.com
1    18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
3    31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net
connect.facebook.net
11    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
2    108.174.11.69 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-69.fwd.linkedin.com
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
11    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
www.youtube.com
1    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
analytics.google.com
2    74.125.206.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
stats.g.doubleclick.net
1    35.202.21.90 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 90.21.202.35.bc.googleusercontent.com
thefinancialguys.lpages.co
1    18.66.139.102 (United States)

ASN16509 (AMAZON-02, US)
script.hotjar.com
15    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
maps.googleapis.com
1    18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
4    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
maps.gstatic.com
1    52.16.211.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-211-92.eu-west-1.compute.amazonaws.com
in.hotjar.com
4    31.13.68.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-03-xsp1.facebook.com
www.facebook.com
2    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
static.doubleclick.net
4    35.192.151.63 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
1    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
yt3.ggpht.com
1    142.250.180.246 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f22.1e100.net
i.ytimg.com
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.gstatic.com
2    216.58.212.147 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f147.1e100.net
js.center.io
5    104.19.151.86 (None, )

ASN13335 (CLOUDFLARENET, US)
ry159.infusionsoft.app
Domain Requested by
26 thefinancialguys.com thefinancialguys.com
15 maps.googleapis.com www.google.com
maps.googleapis.com
thefinancialguys.com
11 www.youtube.com thefinancialguys.com
www.youtube.com
11 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
5 ry159.infusionsoft.app 1 redirects ry159.infusionsoft.com
ry159.infusionsoft.app
4 api.leadpages.io embed.lpcontent.net
js.center.io
4 www.facebook.com thefinancialguys.com
4 maps.gstatic.com www.google.com
thefinancialguys.com
4 www.google.com thefinancialguys.com
www.youtube.com
3 connect.facebook.net thefinancialguys.com
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
thefinancialguys.com
2 js.center.io thefinancialguys.lpages.co
js.center.io
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 px.ads.linkedin.com 1 redirects thefinancialguys.com
2 maps.google.com 2 redirects
2 www.googletagmanager.com thefinancialguys.com
www.googletagmanager.com
2 fonts.googleapis.com thefinancialguys.com
thefinancialguys.lpages.co
1 static.leadpages.net thefinancialguys.lpages.co
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 thefinancialguys.lpages.co embed.lpcontent.net
1 analytics.google.com www.googletagmanager.com
1 www.linkedin.com 1 redirects
1 static.hotjar.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com www.riskalyze.com
1 ry159.infusionsoft.com thefinancialguys.com
1 assets.sitescdn.net thefinancialguys.com
1 embed.lpcontent.net thefinancialguys.com
1 www.riskalyze.com thefinancialguys.com
1 code.jquery.com thefinancialguys.com
1 joinmedicare.us 1 redirects
118 38

This site contains no links.

Subject Issuer Validity Valid
thefinancialguys.com
Go Daddy Secure Certificate Authority - G2		 2020-01-24 -
2022-04-21		 2 years crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
riskalyze.com
Cloudflare Inc ECC CA-3		 2021-09-14 -
2022-09-13		 a year crt.sh
embed.lpcontent.net
GTS CA 1D4		 2021-09-07 -
2021-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-10 -
2022-09-09		 a year crt.sh
*.infusionsoft.com
Go Daddy Secure Certificate Authority - G2		 2021-05-11 -
2022-06-12		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.ssl.cf2.rackcdn.com
DigiCert SHA2 Secure Server CA		 2021-03-22 -
2022-03-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.lpages.co
Go Daddy Secure Certificate Authority - G2		 2020-02-24 -
2022-02-24		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.leadpages.io
Go Daddy Secure Certificate Authority - G2		 2019-11-12 -
2021-11-12		 2 years crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
static.leadpages.net
GTS CA 1D4		 2021-09-07 -
2021-12-06		 3 months crt.sh
*.center.io
Go Daddy Secure Certificate Authority - G2		 2020-01-21 -
2022-01-21		 2 years crt.sh
*.infusionsoft.app
Go Daddy Secure Certificate Authority - G2		 2021-06-03 -
2022-06-03		 a year crt.sh

This page contains 10 frames:

Primary Page: https://thefinancialguys.com/wny-medicare-made-easy/
Frame ID: 6DA2C868D5214808C98604EBAFE8760F
Requests: 65 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
Frame ID: AFF242F24C6D92BB13F44C362D085C6E
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
Frame ID: 8BDD0B692FD823D5D5F942CFACF5DBAD
Requests: 15 HTTP requests in this frame

Frame: https://thefinancialguys.lpages.co/serve-leadbar/2idHSXUMdupCCSFAzLFUtb/
Frame ID: 19B6997B05C52E9B8104B5E512B18BDD
Requests: 8 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: D82437E3C02614438EB45C8C7912144B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
Frame ID: CC638F017E7172863B6C06EF1AAA8317
Requests: 18 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0F7B477AFEEA6B42E9B6562ECB570732
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A4BE25EF6C749126406CC2C9AE0FC4E8
Requests: 1 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 26CED35B02FB5B825AD0D1DB48241B28
Requests: 1 HTTP requests in this frame

Frame: https://ry159.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: 0A545946B8343BD05B07655FFBD7B86B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://joinmedicare.us/ HTTP 301
    https://thefinancialguys.com/wny-medicare-made-easy/ Page URL

Page Statistics

118
Requests

100 %
HTTPS

0 %
IPv6

27
Domains

38
Subdomains

35
IPs

5
Countries

3563 kB
Transfer

10045 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://joinmedicare.us/ HTTP 301
    https://thefinancialguys.com/wny-medicare-made-easy/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://maps.google.com/maps?q=305%20Spindrift%20Drive%2C%20Williamsville%2C%20NY%2014221&t=m&z=13&output=embed&iwloc=near HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
Request Chain 24
  • https://maps.google.com/maps?q=305%20Spindrift%20Drive%2C%20Williamsville%2C%20NY%2014221&t=m&z=13&output=embed&iwloc=near HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
Request Chain 48
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1828946&time=1631832315059&url=https%3A%2F%2Fthefinancialguys.com%2Fwny-medicare-made-easy%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1828946%26time%3D1631832315059%26url%3Dhttps%253A%252F%252Fthefinancialguys.com%252Fwny-medicare-made-easy%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1828946&time=1631832315059&url=https%3A%2F%2Fthefinancialguys.com%2Fwny-medicare-made-easy%2F&liSync=true
Request Chain 86
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 110
  • https://ry159.infusionsoft.app/app/webTracking/contact/1631832314749?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=thefinancialguys.com&location=https://thefinancialguys.com/wny-medicare-made-easy/&referrer= HTTP 302
  • https://ry159.infusionsoft.app/slices/spacer.gif

118 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thefinancialguys.com/wny-medicare-made-easy/
Redirect Chain
  • http://joinmedicare.us/
  • https://thefinancialguys.com/wny-medicare-made-easy/
2 MB
236 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
6fec582f7449a559ec472c566fc0d2b8b56232ca39e908154151ff5be0c20378
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
thefinancialguys.com
:scheme
https
:path
/wny-medicare-made-easy/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
openresty
date
Thu, 16 Sep 2021 22:45:13 GMT
content-type
text/html; charset=UTF-8
accept-ranges
bytes
age
0
content-encoding
gzip
set-cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380; expires=Fri, 01-Oct-2021 22:45:03 GMT; Max-Age=1296000; path=/; secure; HttpOnly
vary
Accept-Encoding, User-Agent
x-backend
local
x-cache
uncached
x-cache-hit
MISS
x-cacheable
YES:Forced
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

Server
nginx/1.16.1
Date
Thu, 16 Sep 2021 22:45:03 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Location
https://thefinancialguys.com/wny-medicare-made-easy/
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:13 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2016 16:34:16 GMT
server
nginx
etag
W/"57d97c08-8c85"
vary
Accept-Encoding
x-hw
1631832313.dop243.fr8.t,1631832313.cds213.fr8.hn,1631832313.cds284.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8323
dashicons.min.css
thefinancialguys.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.com/wp-includes/css/dashicons.min.css
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/css/dashicons.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
thefinancialguys.com
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
267414
x-cache
cached
vary
Accept-Encoding
content-length
35730
x-xss-protection
1; mode=block
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
font-awesome.min.css
thefinancialguys.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		86 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
thefinancialguys.com
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
267414
x-cache
cached
vary
Accept-Encoding
content-length
12863
x-xss-protection
1; mode=block
last-modified
Mon, 08 Jun 2020 12:20:21 GMT
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
wpo-minify-header-a68a1e60.min.js
thefinancialguys.com/wp-content/cache/wpo-minify/1631729450/assets/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.com/wp-content/cache/wpo-minify/1631729450/assets/wpo-minify-header-a68a1e60.min.js
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
d1999be904875845a4eae41a8c56f7aa670c01ec3239068df8ed8f40b9cc17a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/cache/wpo-minify/1631729450/assets/wpo-minify-header-a68a1e60.min.js
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
101897
x-cache
cached
vary
Accept-Encoding
content-length
40936
x-xss-protection
1; mode=block
last-modified
Wed, 15 Sep 2021 18:12:34 GMT
server
openresty
etag
"1e23c-5cc0ca4721051-gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
loader.js
www.riskalyze.com/hosted/v2/5db6dc909135e48f8e13/rq/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.riskalyze.com/hosted/v2/5db6dc909135e48f8e13/rq/loader.js
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.1.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4004d9d57e422ece6154f0b96986f0a7571335aa8c0ed3f7669c40629c8b0c85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
etag
W/"65aa-7aWYJXb9Z9aqY034WnA2Oth/CF8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
x-envoy-upstream-service-time
12
cf-ray
68fd9fbb3acf2790-PRG
x-xss-protection
1; mode=block
expires
0
embed.js
embed.lpcontent.net/leadbars/current/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.lpcontent.net/leadbars/current/embed.js
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0edf9d90a044765e07c092e7979ddd57511f6270fcdd35281359ed8ade988ffb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:44:36 GMT
content-encoding
gzip
server
Google Frontend
age
38
etag
"tPQ8CA"
content-type
application/javascript
access-control-allow-origin
*
x-cloud-trace-context
fda7c5accf38824eb2c05d22b1879156
cache-control
public, max-age=300
alt-svc
clear
content-length
15869
via
1.1 google
expires
Thu, 16 Sep 2021 22:49:36 GMT
ytag.min.js
assets.sitescdn.net/ytag/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.sitescdn.net/ytag/ytag.min.js
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.112.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf7b4335f93390740535b1e55da9296acbda0b1740ab5d0be17d75cfe32ebfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 14 Jun 2021 15:45:54 GMT
server
cloudflare
age
4139
etag
W/"2c59d483e66e9b95db2f13a78bbb50de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
68fd9fbeca0d412b-PRG
x-amz-request-id
3PJZYAKXH8V6K6JT
x-amz-id-2
zTut5gf8eYDc1ZEfNxEwDTNLXJI3S2aJzzTfPKhqmMG6dZzqWmcuyRLFEJbCHvE6zFtLoFr5N7g=
Aetna-square-2-400x400-1-150x150.png
thefinancialguys.com/wp-content/uploads/2020/04/ 		1008 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/04/Aetna-square-2-400x400-1-150x150.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
47be9240aca567d4f1b3b5f6fbd4397633af5b75b3972120a5cb995ae1884d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/04/Aetna-square-2-400x400-1-150x150.png
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 15:56:26 GMT
server
openresty
age
265501
etag
"3f0-5b102a437e637"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/png
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
1008
x-xss-protection
1; mode=block
BCBS-square-400x400-1-150x150.png
thefinancialguys.com/wp-content/uploads/2020/04/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/04/BCBS-square-400x400-1-150x150.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
a0e733109c256cea7e363ace19723eb8aadd4a4033d14d6f920732e8076513f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/04/BCBS-square-400x400-1-150x150.png
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Oct 2020 19:09:30 GMT
server
openresty
age
265501
etag
"4d5-5b12d9259c4a1"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/png
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
1237
x-xss-protection
1; mode=block
Excellus-square-2-400x400-1-150x150.png
thefinancialguys.com/wp-content/uploads/2020/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/04/Excellus-square-2-400x400-1-150x150.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
0a662d3ce7c803d83655595386db33321d2946309ad6b70a0de4a0ea8e23aa61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/04/Excellus-square-2-400x400-1-150x150.png
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 15:55:57 GMT
server
openresty
age
265501
etag
"638-5b102a27f1251"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/png
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
1592
x-xss-protection
1; mode=block
Fidelis-square-2-400x400-1-150x150.png
thefinancialguys.com/wp-content/uploads/2020/04/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/04/Fidelis-square-2-400x400-1-150x150.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
194a16f0a2ddbd9f5fc5c8e79f875da8b9bccdf7883db44228612fcffb2524e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/04/Fidelis-square-2-400x400-1-150x150.png
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Oct 2020 19:09:57 GMT
server
openresty
age
265501
etag
"593-5b12d93f17cd6"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/png
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
1427
x-xss-protection
1; mode=block
Humana-square-400x400-1-150x150.png
thefinancialguys.com/wp-content/uploads/2020/04/ 		769 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/04/Humana-square-400x400-1-150x150.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
85164b842e5da2a9a7604deee2ce23f64856b87918de6c498d51cb4ecd7f392b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/04/Humana-square-400x400-1-150x150.png
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 15:56:10 GMT
server
openresty
age
265501
etag
"301-5b102a33d211d"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/png
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
769
x-xss-protection
1; mode=block
United-Healthcare-square-400x400-1-150x150.png
thefinancialguys.com/wp-content/uploads/2020/04/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/04/United-Healthcare-square-400x400-1-150x150.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
d74630ec50153fcb2d6f288062e3615ebdb1ebd4ac6d0985e59bc5a5a1878dee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/04/United-Healthcare-square-400x400-1-150x150.png
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 15:56:05 GMT
server
openresty
age
265501
etag
"4b4-5b102a2edb22a"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/png
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
1204
x-xss-protection
1; mode=block
Univera-square-2-400x400-1-150x150.png
thefinancialguys.com/wp-content/uploads/2020/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/04/Univera-square-2-400x400-1-150x150.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
4a41b28e0c4262da8dc1ea9ad5ccbe420bce02a9d2c735f702832627b37fbd7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/04/Univera-square-2-400x400-1-150x150.png
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 15:56:00 GMT
server
openresty
age
265501
etag
"859-5b102a2ac1fe4"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/png
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
2137
x-xss-protection
1; mode=block
1470399614_Social_Media.png
thefinancialguys.com/wp-content/uploads/2020/04/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/04/1470399614_Social_Media.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
4b72fdb16626c119bc446032d252c2817632350272ce2cf9a42c05f8269e0226
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/04/1470399614_Social_Media.png
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
server
openresty
cache-control
no-cache, must-revalidate, max-age=0
age
1951
vary
Accept-Encoding
x-cache
cached
content-type
text/html; charset=UTF-8
x-cache-hit
HIT
strict-transport-security
max-age=31536000; includeSubDomains
x-backend
local
x-xss-protection
1; mode=block
expires
Wed, 11 Jan 1984 05:00:00 GMT
wpo-minify-footer-ebd80d76.min.js
thefinancialguys.com/wp-content/cache/wpo-minify/1631729450/assets/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.com/wp-content/cache/wpo-minify/1631729450/assets/wpo-minify-footer-ebd80d76.min.js
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
df1983b30c27af1b34ff889366fabadf11ed220d6ba986092d9b848dd6e2b3a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/cache/wpo-minify/1631729450/assets/wpo-minify-footer-ebd80d76.min.js
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
101897
x-cache
cached
vary
Accept-Encoding
content-length
17310
x-xss-protection
1; mode=block
last-modified
Wed, 15 Sep 2021 18:12:35 GMT
server
openresty
etag
"e0d0-5cc0ca48cc124-gzip"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
getTrackingCode
ry159.infusionsoft.com/app/webTracking/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ry159.infusionsoft.com/app/webTracking/getTrackingCode
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.8.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69500b7f81a0fcb2fa2dd92441a2104044ce62a7853c3afa5ad14ba19da19eaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 google
cache-control
no-cache, no-store
cf-ray
68fd9fbc8c612784-PRG
vary
accept-encoding
x-xss-protection
1; mode=block
expires
Thu, 16 Sep 2021 22:45:14 GMT
wpo-minify-footer-e6787775.min.js
thefinancialguys.com/wp-content/cache/wpo-minify/1631729450/assets/ 		424 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.com/wp-content/cache/wpo-minify/1631729450/assets/wpo-minify-footer-e6787775.min.js
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
d3d326200ef7b37fb474ef414130412a8bd5063203513a284a25df4f942ee16f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/cache/wpo-minify/1631729450/assets/wpo-minify-footer-e6787775.min.js
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
96165
x-cache
cached
vary
Accept-Encoding
content-length
115279
x-xss-protection
1; mode=block
last-modified
Wed, 15 Sep 2021 20:02:28 GMT
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
wpo-minify-footer-4ba81dad.min.js
thefinancialguys.com/wp-content/cache/wpo-minify/1631729450/assets/ 		182 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.com/wp-content/cache/wpo-minify/1631729450/assets/wpo-minify-footer-4ba81dad.min.js
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
070ab839228d2bfca0edb7d517a5db7594540cf522a3a68f03932510aec77458
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/cache/wpo-minify/1631729450/assets/wpo-minify-footer-4ba81dad.min.js
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
101898
x-cache
cached
vary
Accept-Encoding
content-length
48008
x-xss-protection
1; mode=block
last-modified
Wed, 15 Sep 2021 18:12:36 GMT
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
wpo-minify-footer-56871d8e.min.js
thefinancialguys.com/wp-content/cache/wpo-minify/1631729450/assets/ 		188 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.com/wp-content/cache/wpo-minify/1631729450/assets/wpo-minify-footer-56871d8e.min.js
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
d0df1ce3b59fc3685e52d1daecb5be16c0726a560a109cc79e6bd544e6e5e3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/cache/wpo-minify/1631729450/assets/wpo-minify-footer-56871d8e.min.js
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
101898
x-cache
cached
vary
Accept-Encoding
content-length
47486
x-xss-protection
1; mode=block
last-modified
Wed, 15 Sep 2021 18:12:36 GMT
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
css2
fonts.googleapis.com/ 		106 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Lato:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Open+Sans:ital,wght@0,100;0,300;0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,400;0,500;0,600;0,700&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto+Slab:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Allan:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
4e0e15a2df00ae75a008bde49b32bea27b9e2a691cae2ac64026d0ec084676b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 22:45:14 GMT
server
ESF
date
Thu, 16 Sep 2021 22:45:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Sep 2021 22:45:14 GMT
gtm.js
www.googletagmanager.com/ 		189 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLDBJS4
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8df50ec75fe166a045e17efbc05eb3c6a80b1741a2d19ab9c5939187ebc7cca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66854
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:54:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Sep 2021 22:45:14 GMT
rsk-button.css
eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com/rsk-button.css
Requested by
Host: www.riskalyze.com
URL: https://www.riskalyze.com/hosted/v2/5db6dc909135e48f8e13/rq/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e92c572fe48977061e02d1291df28e9764aff81ac9bcbbb15be6481a965ec94a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 22:45:14 GMT
Content-Encoding
gzip
Origin
https://mycloud.rackspace.com
Last-Modified
Tue, 27 May 2014 17:39:05 GMT
X-Trans-Id
txc3fd96cd4d1748bcaa1f9-0060b2515bord1
ETag
653048f5cd393eee3d9b8efd5cd74b12
Vary
Accept-Encoding
Content-Type
text/css
X-Timestamp
1401212344.50797
Cache-Control
public, max-age=148911
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2456
Expires
Sat, 18 Sep 2021 16:07:05 GMT
embed
www.google.com/maps/ Frame AFF2
Redirect Chain
  • https://maps.google.com/maps?q=305%20Spindrift%20Drive%2C%20Williamsville%2C%20NY%2014221&t=m&z=13&output=embed&iwloc=near
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
mafe /
Resource Hash
0287f5a3ab7a5d628ea6c4c46c23c6db0db180d2380bf17358a382eab029e878
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-b6XqjYWs7TC1Ps/uj1++jw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thefinancialguys.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 16 Sep 2021 22:45:15 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
vary
Accept-Language
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-b6XqjYWs7TC1Ps/uj1++jw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding
gzip
server
mafe
content-length
938
x-xss-protection
0
server-timing
gfet4t7; dur=306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date
Thu, 16 Sep 2021 22:45:14 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
content-type
text/html; charset=UTF-8
server
mafe
content-length
313
x-xss-protection
0
x-frame-options
SAMEORIGIN
server-timing
gfet4t7; dur=8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
embed
www.google.com/maps/ Frame 8BDD
Redirect Chain
  • https://maps.google.com/maps?q=305%20Spindrift%20Drive%2C%20Williamsville%2C%20NY%2014221&t=m&z=13&output=embed&iwloc=near
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
mafe /
Resource Hash
c1c172b34f11f844d3b7e0b1a9ea661a755080084eded24cf8d6b2f8708732df
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-baKzLJVfKBAQlr1A2EozDA==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thefinancialguys.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 16 Sep 2021 22:45:15 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
vary
Accept-Language
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-baKzLJVfKBAQlr1A2EozDA==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding
gzip
server
mafe
content-length
934
x-xss-protection
0
server-timing
gfet4t7; dur=306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date
Thu, 16 Sep 2021 22:45:14 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
content-type
text/html; charset=UTF-8
server
mafe
content-length
313
x-xss-protection
0
x-frame-options
SAMEORIGIN
server-timing
gfet4t7; dur=8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
older-couples.jpeg
thefinancialguys.com/wp-content/uploads/2020/04/ 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/04/older-couples.jpeg
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
2d3b7002ae9c49d7fb3f3f88bea86aadcef009520c048667b37ced0306efd06e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/04/older-couples.jpeg
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 15:55:38 GMT
server
openresty
age
265501
etag
"2c865-5b102a15142df"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/jpeg
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
182373
x-xss-protection
1; mode=block
Judge-and-Gavel.jpg
thefinancialguys.com/wp-content/uploads/2020/02/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/02/Judge-and-Gavel.jpg
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
e330923f5f97be852cebc6ca35620dda1b73a1da7d10c8e4fceade79800dd932
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/02/Judge-and-Gavel.jpg
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 18:31:49 GMT
server
openresty
age
265501
etag
"178b8-5b104cfe9e52c"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/jpeg
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
96440
x-xss-protection
1; mode=block
fa-solid-900.woff2
thefinancialguys.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://thefinancialguys.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
:path
/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
Origin
https://thefinancialguys.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
267414
x-cache
cached
content-length
78196
x-xss-protection
1; mode=block
last-modified
Wed, 01 Sep 2021 17:59:16 GMT
server
openresty
etag
"13174-5caf2d321f3cf"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
x-cache-hit
HIT
accept-ranges
bytes
fa-brands-400.woff2
thefinancialguys.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://thefinancialguys.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
:path
/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
Origin
https://thefinancialguys.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
267414
x-cache
cached
content-length
76764
x-xss-protection
1; mode=block
last-modified
Wed, 01 Sep 2021 17:59:16 GMT
server
openresty
etag
"12bdc-5caf2d32252b2"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
x-cache-hit
HIT
accept-ranges
bytes
eicons.woff2
thefinancialguys.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 		87 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.10.0
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
772a939fe72b662d152060e58932d5a64a8eeb3ec32c39335da803ad4e5d4ca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://thefinancialguys.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
:path
/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.10.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
Origin
https://thefinancialguys.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
267414
x-cache
cached
content-length
89444
x-xss-protection
1; mode=block
last-modified
Wed, 01 Sep 2021 17:59:16 GMT
server
openresty
etag
"15d64-5caf2d3258f46"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
x-cache-hit
HIT
accept-ranges
bytes
TFG-insurance-logo-2019-white-yellow-1024x295.png
thefinancialguys.com/wp-content/uploads/2020/05/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/05/TFG-insurance-logo-2019-white-yellow-1024x295.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
c06abe472f68a8e0834b95ed549e0c6941918795c3d88359d96ac46175465db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/05/TFG-insurance-logo-2019-white-yellow-1024x295.png
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 16:04:27 GMT
server
openresty
age
265501
etag
"382d-5b102c0d8e51f"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/png
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
14381
x-xss-protection
1; mode=block
TFG-insurance-logo-2019-white-yellow-1024x295.png
thefinancialguys.com/wp-content/uploads/2020/04/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/04/TFG-insurance-logo-2019-white-yellow-1024x295.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
c06abe472f68a8e0834b95ed549e0c6941918795c3d88359d96ac46175465db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/04/TFG-insurance-logo-2019-white-yellow-1024x295.png
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 15:55:40 GMT
server
openresty
age
265501
etag
"382d-5b102a173ff64"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/png
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
14381
x-xss-protection
1; mode=block
AdobeStock_103421178.jpeg
thefinancialguys.com/wp-content/uploads/2019/03/ 		296 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2019/03/AdobeStock_103421178.jpeg
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
fd7633ed68e52ab673d67dd5e8832d43e73c0b5d9a80608fb13f07cf29b3d448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2019/03/AdobeStock_103421178.jpeg
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 18:12:08 GMT
server
openresty
age
265501
etag
"49e98-5b1048986adfa"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/jpeg
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
302744
x-xss-protection
1; mode=block
WHAM_1180-stacked-e1624152547753.png
thefinancialguys.com/wp-content/uploads/2020/04/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2020/04/WHAM_1180-stacked-e1624152547753.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
8a66251362eb95238812127b4a545e8580c96b2c51c6294a1f84f2fad75c62ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2020/04/WHAM_1180-stacked-e1624152547753.png
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 20 Jun 2021 01:29:07 GMT
server
openresty
age
265501
etag
"5016-5c5287ba102a5"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/png
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
20502
x-xss-protection
1; mode=block
WBEN930am-logo.jpg
thefinancialguys.com/wp-content/uploads/2013/05/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefinancialguys.com/wp-content/uploads/2013/05/WBEN930am-logo.jpg
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.230 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-230.ip.secureserver.net
Software
openresty /
Resource Hash
55d2e75c4ec6be170bb0c72011bf5c9217fdbc7605302aa4e0412c2ecfa32f1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2013/05/WBEN930am-logo.jpg
pragma
no-cache
cookie
FORMLIFT_ID=formlift_session_6143c8efa91109.41096380
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thefinancialguys.com
referer
https://thefinancialguys.com/wny-medicare-made-easy/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/wny-medicare-made-easy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 15:41:38 GMT
server
openresty
age
265501
etag
"5664-5b1026f4292be"
x-cacheable
YES
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
cached
content-type
image/jpeg
x-cache-hit
HIT
accept-ranges
bytes
x-backend
local
content-length
22116
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-05LWXE0TDX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLDBJS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
51552d818ffd8653ccab1d4bfd9ac7c60fb65dd9ac97e462d452f997a8482c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51111
x-xss-protection
0
expires
Thu, 16 Sep 2021 22:45:14 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLDBJS4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 22:45:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Aug 2021 21:34:05 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=45505
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLDBJS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6794
date
Thu, 16 Sep 2021 20:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 16 Sep 2021 22:52:00 GMT
hotjar-2294670.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2294670.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLDBJS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
08bd597dc02e78446a12830692f324da163656460b7187352cfe512e7919d7d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:14 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-P2
etag
W/1de8ad2e4769b8cf1fb989471b68c184
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
JT7fyZSYnlx41C3gZU-aim770-tvaHOmcsU_n73tez-gJRASrIV6Fg==
via
1.1 018ffb575888f1c9ec960e3e977c042f.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
qtat997rMMYzYlZTptfGqrwxEn3lHVvTlZN+VyERvfZooKOSurIhzRBuBhXowgM2ZBmWk2WkEN8F64aU+nRoAw==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 16 Sep 2021 22:45:14 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Lato:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Open+Sans:ital,wght@0,100;0,300;0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,400;0,500;0,600;0,700&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto+Slab:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Allan:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefinancialguys.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 06:58:19 GMT
x-content-type-options
nosniff
age
402415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31120
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:50:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 06:58:19 GMT
JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Lato:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Open+Sans:ital,wght@0,100;0,300;0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,400;0,500;0,600;0,700&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto+Slab:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Allan:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefinancialguys.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 14:29:59 GMT
x-content-type-options
nosniff
age
29715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19536
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:41 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Sep 2022 14:29:59 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Lato:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Open+Sans:ital,wght@0,100;0,300;0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,400;0,500;0,600;0,700&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto+Slab:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Allan:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefinancialguys.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:18:36 GMT
x-content-type-options
nosniff
age
120398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 13:18:36 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Lato:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Open+Sans:ital,wght@0,100;0,300;0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,400;0,500;0,600;0,700&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto+Slab:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Allan:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefinancialguys.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 17:49:36 GMT
x-content-type-options
nosniff
age
104138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 17:49:36 GMT
ea8XadU7WuTxEubxNdU.woff2
fonts.gstatic.com/s/allan/v13/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/allan/v13/ea8XadU7WuTxEubxNdU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Lato:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Open+Sans:ital,wght@0,100;0,300;0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,400;0,500;0,600;0,700&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto+Slab:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Allan:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
da0a763cb88419837ee68bec4fde133a4646df0b7ef8de75b953ee09f39c4f76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefinancialguys.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:00:29 GMT
x-content-type-options
nosniff
age
103485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21104
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:44:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 18:00:29 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Lato:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Open+Sans:ital,wght@0,100;0,300;0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,400;0,500;0,600;0,700&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto+Slab:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Allan:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefinancialguys.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 06:55:08 GMT
x-content-type-options
nosniff
age
402606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 06:55:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Lato:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Open+Sans:ital,wght@0,100;0,300;0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,400;0,500;0,600;0,700&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto+Slab:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Allan:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefinancialguys.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:03:18 GMT
x-content-type-options
nosniff
age
240116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:03:18 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Lato:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;0,800&family=Open+Sans:ital,wght@0,100;0,300;0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,400;0,500;0,600;0,700&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto+Slab:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Allan:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefinancialguys.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 03:59:10 GMT
x-content-type-options
nosniff
age
240364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 03:59:10 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1828946&time=1631832315059&url=https%3A%2F%2Fthefinancialguys.com%2Fwny-medicare-made-easy%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1828946%26time%3D1631832315059%26url%3Dhttps%253A%252F%252Fthefinancialguys.com%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1828946&time=1631832315059&url=https%3A%2F%2Fthefinancialguys.com%2Fwny-medicare-made-easy%2F&liSync=true
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1828946&time=1631832315059&url=https%3A%2F%2Fthefinancialguys.com%2Fwny-medicare-made-easy%2F&liSync=true
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.69 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-69.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-eda6
content-type
application/javascript
content-length
0
x-li-uuid
lH6KbNhupRZwlJMruyoAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?f=l
x-content-type-options
nosniff
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXMJJGBo82yIgHDtHKOtA==
pragma
no-cache
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5FA1BF07F7544A85B694A65021ED0DB5 Ref B: PRG01EDGE1007 Ref C: 2021-09-16T22:45:15Z
x-frame-options
sameorigin
date
Thu, 16 Sep 2021 22:45:15 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1828946&time=1631832315059&url=https%3A%2F%2Fthefinancialguys.com%2Fwny-medicare-made-easy%2F&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
410836259734499
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/410836259734499?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
799475c02c555791b93b7787d5f0da11cad7374b59ca3d038214824d1e0fd672
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
POie+hl2qeyToSJhWW6v72aIKcDCehFIb9qcIq3JZDCtEHuZVT3+YzOKs1qwkMdlWvTrT/uRGE65U2NmXWvKHQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 16 Sep 2021 22:45:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wp-content/cache/wpo-minify/1631729450/assets/wpo-minify-header-a68a1e60.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
ESF /
Resource Hash
1d58ec10678df035f4fd517509f207848056cc21dfb1066c40508368942cda9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires
Thu, 16 Sep 2021 22:45:15 GMT
collect
analytics.google.com/g/ 		0
371 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-05LWXE0TDX&gtm=2oe9f0&_p=206770444&sr=1600x1200&_gaz=1&ul=en-us&cid=924731501.1631832315&_s=1&dl=https%3A%2F%2Fthefinancialguys.com%2Fwny-medicare-made-easy%2F&dt=WNY%20Medicare%20Made%20Easy%20-%20The%20Financial%20Guys&sid=1631832314&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-05LWXE0TDX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thefinancialguys.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 22:45:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thefinancialguys.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-05LWXE0TDX&cid=924731501.1631832315&gtm=2oe9f0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-05LWXE0TDX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thefinancialguys.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 22:45:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thefinancialguys.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:21:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 16 Sep 2021 23:21:51 GMT
/
thefinancialguys.lpages.co/serve-leadbar/2idHSXUMdupCCSFAzLFUtb/ Frame 19B6 		81 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thefinancialguys.lpages.co/serve-leadbar/2idHSXUMdupCCSFAzLFUtb/
Requested by
Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadbars/current/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
d80174354d2096b3a4cefb95c49bb5bfab9e1d2acc1d4581fec7c3a8219524a2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
thefinancialguys.lpages.co
:scheme
https
:path
/serve-leadbar/2idHSXUMdupCCSFAzLFUtb/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thefinancialguys.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 16 Aug 2021 19:58:47 GMT
etag
W/"ca292da3c33976cc65f489e3f47bc3ff"
x-cache
MISS, HIT
cache-control
no-cache
server
Leadpages
strict-transport-security
max-age=15768000
content-encoding
br
modules.5fe2f4f38cf4833026a9.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2294670.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
660610
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59626
access-control-allow-origin
*
last-modified
Thu, 09 Sep 2021 07:14:26 GMT
etag
"e8c5ca8d148a212696c04c37e713b2a1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 70d755f7200c02162c7545e4ce74649b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
z1HFmn73l27YeojUN5AI_TcQNSuEMR82j5eCklNYVGKXpkSLO0rTtg==
js
maps.googleapis.com/maps/api/ Frame AFF2 		149 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
mafe /
Resource Hash
79ee548a3586d8f51573e37af2b82d1dc12113b2382e88ecd8bb0832509137c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:43:39 GMT
content-encoding
gzip
server
mafe
age
96
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=14
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49745
x-xss-protection
0
expires
Thu, 16 Sep 2021 23:13:39 GMT
www-widgetapi.js
www.youtube.com/s/player/1256b7e2/www-widgetapi.vflset/ 		135 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1256b7e2/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 20:26:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
8342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44724
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 19:13:02 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Sep 2022 20:26:13 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-113788952-1&cid=924731501.1631832315&jid=940952372&gjid=1902455234&_gid=641597414.1631832315&_u=aCDAgEAjAAAAAE~&z=1968904055
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thefinancialguys.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 16 Sep 2021 22:45:15 GMT
content-type
text/plain
access-control-allow-origin
https://thefinancialguys.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=206770444&t=pageview&_s=1&dl=https%3A%2F%2Fthefinancialguys.com%2Fwny-medicare-made-easy%2F&ul=en-us&de=UTF-8&dt=WNY%20Medicare%20Made%20Easy%20-%20The%20Financial%20Guys&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAj~&jid=940952372&gjid=1902455234&cid=924731501.1631832315&tid=UA-113788952-1&_gid=641597414.1631832315&gtm=2wg9f0PLDBJS4&z=2004712045
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 12:41:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36218
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame D824 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2294670.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thefinancialguys.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ba67e20db38657ee5cb05d05b3da9d71.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
zWIQCt62ObC8tbq4YsE9vflpDyaXxQ5T8eAt4i2Dl8ScIu8AsZQD6w==
age
5046010
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-113788952-1&cid=924731501.1631832315&jid=940952372&_u=aCDAgEAjAAAAAE~&z=1909706219
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 22:45:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/46/5/intl/de_ALL/ Frame AFF2 		253 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/46/5/intl/de_ALL/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
72adba864c1f28dcc56a67cae4f207c6f0b71b0fe2db5854a64cd7d0a51e380d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 20:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74139
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:31:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="maps-api-js"
expires
Thu, 15 Sep 2022 20:02:00 GMT
186113892721891
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/186113892721891?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
79b8e3c4d9fa616b7cfebfa4b1e25db9d3c3305e3481b80c65026e0a50012a1c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
OzhZh4Z4cJwSedWeqtsDr9X2QMXPriy/ZEZqJqZle91O6UwXLia1ScgXElrbIjwFDtSMpKE5UmZUn2esqHR5fQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 16 Sep 2021 22:45:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/2294670/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2294670/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.211.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-211-92.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c

Request headers

Referer
https://thefinancialguys.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=410836259734499&ev=PageView&dl=https%3A%2F%2Fthefinancialguys.com%2Fwny-medicare-made-easy%2F&rl=&if=false&ts=1631832315359&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631832315358.1183600179&it=1631832315090&coo=false&rqm=GET
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.68.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-xsp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 16 Sep 2021 22:45:15 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=186113892721891&ev=PageView&dl=https%3A%2F%2Fthefinancialguys.com%2Fwny-medicare-made-easy%2F&rl=&if=false&ts=1631832315363&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631832315358.1183600179&it=1631832315090&coo=false&rqm=GET
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.68.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-xsp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 16 Sep 2021 22:45:15 GMT
js
maps.googleapis.com/maps/api/ Frame 8BDD 		149 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
mafe /
Resource Hash
79ee548a3586d8f51573e37af2b82d1dc12113b2382e88ecd8bb0832509137c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:43:39 GMT
content-encoding
gzip
server
mafe
age
96
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=14
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49745
x-xss-protection
0
expires
Thu, 16 Sep 2021 23:13:39 GMT
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/46/5/intl/de_ALL/ Frame 8BDD 		253 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/46/5/intl/de_ALL/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1s305+Spindrift+Drive,+Williamsville,+NY+14221!5e0!6i13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
72adba864c1f28dcc56a67cae4f207c6f0b71b0fe2db5854a64cd7d0a51e380d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 20:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74139
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:31:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="maps-api-js"
expires
Thu, 15 Sep 2022 20:02:00 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/ Frame 8BDD 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
51851a21c509338ed5929ff2697da8a2618c44ed6fc30f4b74afd6cf131dd5e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 22:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32060
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:30:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="maps-api-js"
expires
Thu, 15 Sep 2022 22:14:36 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/ Frame 8BDD 		288 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
8bc39e9e059dcc0542cba0dcb785648490f8a89782431afbd1a8a232947c296c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 20:02:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90355
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:30:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="maps-api-js"
expires
Thu, 15 Sep 2022 20:02:06 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/ Frame 8BDD 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
39ace5b1c26347d6ae3273bda3b6ccb5fb7b17cf096cb1fac7c826c8ec890c21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 22:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22895
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:30:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="maps-api-js"
expires
Thu, 15 Sep 2022 22:28:30 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/ Frame 8BDD 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
84480a62a33383f425926a34fbf56813315bdb549bf4be08f77a7fae27f80e13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 20:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1393
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:30:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="maps-api-js"
expires
Thu, 15 Sep 2022 20:02:09 GMT
google4.png
maps.gstatic.com/mapfiles/embed/images/ Frame 8BDD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/embed/images/google4.png
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2073
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Thu, 16 Sep 2021 22:45:15 GMT
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 8BDD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i589867&2i770810&2e1&3u13&4m2&1u317&2u246&5m5&1e0&5sde-DE&6sus&10b1&12b1&client=google-maps-embed&token=123398
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
1bd291c528ad6ca70c565607022968163898877cf2719249f5932e7485c2a608
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=88
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14549
x-xss-protection
0
expires
Fri, 17 Sep 2021 22:45:15 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/ Frame 8BDD 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
3260a8b5389bacd0c805c0b19256c1d6aed7231483e5e1459fba54c9006bc4fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 20:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9531
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:30:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="maps-api-js"
expires
Thu, 15 Sep 2022 20:02:08 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/ Frame 8BDD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
0cd2efc3c5c4ff75679eaa3905c3a2aed2adf1c20e9a2c93ff654288ce07c346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 20:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1234
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:30:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="maps-api-js"
expires
Thu, 15 Sep 2022 20:15:49 GMT
XprnMTgzOpU
www.youtube.com/embed/ Frame CC63 		56 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
ESF /
Resource Hash
32eece9a1b26503d6b48aeeceae5b07ec185a3fd7798f510bc5fd5e9a225c955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thefinancialguys.com/
accept-encoding
gzip, deflate, br
cookie
YSC=SX01MxuFO44; VISITOR_INFO1_LIVE=4ZL0P3OoTkI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 16 Sep 2021 22:45:15 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 8BDD 		326 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Thu, 16 Sep 2021 22:45:15 GMT
ViewportInfoService.GetViewportInfo
maps.googleapis.com/maps/api/js/ Frame 8BDD 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d42.90894324872015&2d-78.79928882257401&2m2&1d43.00474973393409&2d-78.6324001063949&2u13&4sde-DE&5e0&6sm%40573000000&7b0&8e0&11e289&12e2&callback=_xdc_._s88e5g&client=google-maps-embed&token=87331
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
mafe /
Resource Hash
8e0e32d5397aa481dc2937bc3f85678cb1b8e20ab4b8b308f9e9e05cb9e94d9a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 22:45:15 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=19
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2150
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ViewportInfoService.GetViewportInfo
maps.googleapis.com/maps/api/js/ Frame 8BDD 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d42.89718411573324&2d-78.79378610146834&2m2&1d43.01557912175066&2d-78.63337996428345&2u10&4sde-DE&5e2&7b0&8e0&11e289&12e2&callback=_xdc_._kueauk&client=google-maps-embed&token=79792
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
mafe /
Resource Hash
832d935bca026e10db21a69b0ecb9e54e86bfeb1279a5c948f16ba7af4ac81df
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 22:45:15 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player-webp.css
www.youtube.com/s/player/1256b7e2/ Frame CC63 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1256b7e2/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
f48ebd2372c6d901f56fa7bb12d57960094e8efdff9099ee7f5e10c06ac2e513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 15:28:50 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 13 Sep 2021 19:13:02 GMT
server
sffe
age
198985
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46342
x-xss-protection
0
expires
Wed, 14 Sep 2022 15:28:50 GMT
www-embed-player.js
www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/ Frame CC63 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
f34e3dd42302f7589f4c05d28e501d2ebf24d1585e83db4aba1b7443d0a7cf6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 15:29:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 13 Sep 2021 19:13:02 GMT
server
sffe
age
198929
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67242
x-xss-protection
0
expires
Wed, 14 Sep 2022 15:29:46 GMT
base.js
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame CC63 		2 MB
504 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
3ecd5e6658606bd3ebe5230987a60837c536ff525517218a8b3ddfd41d66311a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 15:31:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 13 Sep 2021 19:13:02 GMT
server
sffe
age
198839
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
516210
x-xss-protection
0
expires
Wed, 14 Sep 2022 15:31:16 GMT
fetch-polyfill.js
www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/ Frame CC63 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 15:29:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 13 Sep 2021 19:13:02 GMT
server
sffe
age
198929
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Wed, 14 Sep 2022 15:29:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CC63 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 09:07:47 GMT
x-content-type-options
nosniff
age
221848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 09:07:47 GMT
id
googleads.g.doubleclick.net/pagead/ Frame CC63
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
3744fb174ef0623b491418e28208493a8e4483d8aab626430db39dc1eafa5f2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Sep 2021 22:45:15 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame CC63 		29 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:39:16 GMT
x-content-type-options
nosniff
age
359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Sep 2021 22:54:16 GMT
remote.js
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame CC63 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
e9e30dccc8ac3d91e997eee228488bd5650602f3ce2734beadf6d21cbcc328ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 15:31:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
198838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29907
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 19:13:02 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 15:31:17 GMT
Eg7QwH47eZ8F7br57dZ0Bl95QQwUw_gBk_JaCBPNBfU.js
www.google.com/js/th/ Frame CC63 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Eg7QwH47eZ8F7br57dZ0Bl95QQwUw_gBk_JaCBPNBfU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
sffe /
Resource Hash
120ed0c07e3b799f05edbaf9edd674065f79410c14c3f80193f25a0813cd05f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
229534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13284
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 13:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 06:59:41 GMT
embed.js
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame CC63 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
0162754f11024315f58623795cccac1fd1c3e289d13c08ad1490b0dbaa0c65e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 15:31:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
198838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7343
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 19:13:02 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 15:31:17 GMT
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.4&correlateBy=W6sZtezmSENUnbYpa4b8Qy&kind=timer,counter,text,text,timer,text,timer&label=bar_embed_script_load,bar_embed_delayed_trigger_queue,bar_embed_embedded,bar_embed_embedded,bar_embed_show,bar_embed_shown,bar_embed_delayed_trigger_show&value=719.7000000476837,1,2idHSXUMdupCCSFAzLFUtb,2idHSXUMdupCCSFAzLFUtb,1.399999976158142,2idHSXUMdupCCSFAzLFUtb,1.5&tags=,,,,,,
Requested by
Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadbars/current/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 22:45:16 GMT
Server
Stargate
access-control-max-age
600
X-Forwarded-For
216.131.114.43
Content-Type
image/gif
access-control-allow-origin
https://thefinancialguys.com
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
x-request-id
009qp22fitriatvcp5v0
truncated
/ Frame CC63 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
AKedOLTvwYE33DP0_i6OGBGEgBTadFNv-0YXZoVgdyAE=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CC63 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLTvwYE33DP0_i6OGBGEgBTadFNv-0YXZoVgdyAE=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
fife /
Resource Hash
b9a2fb5de4876ceddf8048af881f4c11a0d83c4a48f7976345f643db6f92dcfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
x-content-type-options
nosniff
server
fife
etag
"v5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3632
x-xss-protection
0
expires
Fri, 17 Sep 2021 22:45:15 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/XprnMTgzOpU/ Frame CC63 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/XprnMTgzOpU/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f22.1e100.net
Software
sffe /
Resource Hash
431f69dd355933147b8c2324878606245eac314bd61aaf0b9219df6cabe0d5a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63574
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Sep 2021 00:45:15 GMT
css
fonts.googleapis.com/ Frame 19B6 		6 KB
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700
Requested by
Host: thefinancialguys.lpages.co
URL: https://thefinancialguys.lpages.co/serve-leadbar/2idHSXUMdupCCSFAzLFUtb/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
48304dee04c234faea58977b4a71328a3f0dbab9501a7fa891152a27d2c6c153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 22:02:05 GMT
server
ESF
date
Thu, 16 Sep 2021 22:45:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Sep 2021 22:45:15 GMT
all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame 19B6 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by
Host: thefinancialguys.lpages.co
URL: https://thefinancialguys.lpages.co/serve-leadbar/2idHSXUMdupCCSFAzLFUtb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 22:17:25 GMT
content-encoding
gzip
server
Google Frontend
age
88070
etag
"tPQ8CA"
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
f0c65121c4cfc7a838d990c812b94c17
cache-control
public, max-age=31536000
alt-svc
clear
content-length
14628
via
1.1 google
expires
Thu, 15 Sep 2022 22:17:25 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame CC63 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview"
expires
Thu, 16 Sep 2021 22:45:15 GMT
generate_204
www.youtube.com/ Frame CC63 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?Q6C5yA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/92/ Frame CC63 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/92/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 06:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15330
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 15:08:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 17 Sep 2021 06:39:58 GMT
center.js
js.center.io/ Frame 19B6 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: thefinancialguys.lpages.co
URL: https://thefinancialguys.lpages.co/serve-leadbar/2idHSXUMdupCCSFAzLFUtb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.147 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f147.1e100.net
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:41:55 GMT
content-encoding
gzip
server
Google Frontend
age
200
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
6a58470ed9b1cdf1e852c12fae8b150b
cache-control
public, max-age=300
content-length
5417
expires
Thu, 16 Sep 2021 22:46:55 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ Frame 19B6 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefinancialguys.lpages.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 04:26:58 GMT
x-content-type-options
nosniff
age
325097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 04:26:58 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ Frame 19B6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefinancialguys.lpages.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:03:27 GMT
x-content-type-options
nosniff
age
582108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Sep 2022 05:03:27 GMT
/
www.facebook.com/tr/ Frame 0F7B 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.68.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-xsp1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
5346
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://thefinancialguys.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thefinancialguys.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://thefinancialguys.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://thefinancialguys.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Thu, 16 Sep 2021 22:45:16 GMT
/
www.facebook.com/tr/ Frame A4BE 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: thefinancialguys.com
URL: https://thefinancialguys.com/wny-medicare-made-easy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.68.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-xsp1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
5346
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://thefinancialguys.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thefinancialguys.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://thefinancialguys.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://thefinancialguys.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Thu, 16 Sep 2021 22:45:16 GMT
identify.html
js.center.io/ Frame 26CE 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.147 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f147.1e100.net
Software
Google Frontend /
Resource Hash
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

:method
GET
:authority
js.center.io
:scheme
https
:path
/identify.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thefinancialguys.lpages.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.lpages.co/

Response headers

date
Thu, 16 Sep 2021 22:41:23 GMT
expires
Thu, 16 Sep 2021 22:46:23 GMT
etag
"OMWYXg"
x-cloud-trace-context
980b189d18c6d405b2bcb8388553cc7c
content-type
text/html
content-encoding
gzip
server
Google Frontend
content-length
2016
age
232
cache-control
public, max-age=300
capture
api.leadpages.io/analytics/v1/events/ Frame 19B6 		35 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadbar&l=2idHSXUMdupCCSFAzLFUtb&v=&e=&st=&lc=en-US&pid=Uy5ZdtPa7JwT6yzArw5uUX-default-prop&uid=ZELaYr88AC7VoW8gKeSiYU&sid=SMXyv5WPTQ2dbaSoDui434&cid=lp-2idHSXUMdupCCSFAzLFUtb&uri=https%3A%2F%2Fthefinancialguys.lpages.co%2Fserve-leadbar%2F2idHSXUMdupCCSFAzLFUtb%2F&rf=https%3A%2F%2Fthefinancialguys.com%2F&rx=1600&ry=68&tz=%2B00%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 22:45:16 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
216.131.114.43
Content-Type
image/gif
access-control-allow-origin
https://thefinancialguys.lpages.co
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
access-control-max-age
600
Connection
keep-alive
x-request-id
009rajr0p3osssjq2k3g
websiteTriggerIframe
ry159.infusionsoft.app/app/webTracking/ Frame 0A54 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ry159.infusionsoft.app/app/webTracking/websiteTriggerIframe
Requested by
Host: ry159.infusionsoft.com
URL: https://ry159.infusionsoft.com/app/webTracking/getTrackingCode
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.151.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076a367482fb9ad8865b1a2e08ee62da9ad955888bf37e71836c3299b12a0e9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ry159.infusionsoft.app
:scheme
https
:path
/app/webTracking/websiteTriggerIframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thefinancialguys.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/

Response headers

date
Thu, 16 Sep 2021 22:45:16 GMT
content-type
text/html;charset=UTF-8
pragma
no-cache
cache-control
no-cache, no-store
expires
Thu, 16 Sep 2021 22:45:16 GMT
set-cookie
JSESSIONID=0EFD9EEAEBCAE6132379FF3EF0F7E115; Path=/; Secure; HttpOnly GCLB=CNTrlN2P17KXJw; path=/; HttpOnly; expires=Fri, 17-Sep-2021 10:45:16 GMT __cf_bm=n21J1qjeQG9uBEnsX1OVUHKg5Gfr62Xti3NXFlbeLqs-1631832316-0-ARJnxtvK9+Op6KRto+WI7G0QP2VNm9k9B8pOin29ffpOWPw+CRT/YtRj2JeMIVniCEgYVsHEJJA+uvlT1kmHR2BbpN8z7f1wRla7QX7feTnd; path=/; expires=Thu, 16-Sep-21 23:15:16 GMT; domain=.infusionsoft.app; HttpOnly; Secure; SameSite=None
strict-transport-security
max-age=31536000;includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vary
accept-encoding
content-language
de-DE
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68fd9fc908d127c0-PRG
content-encoding
gzip
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.4&correlateBy=W6sZtezmSENUnbYpa4b8Qy&kind=timer&label=bar_embed_load&value=509.7000000476837&tags=
Requested by
Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadbars/current/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 22:45:16 GMT
Server
Stargate
access-control-max-age
600
X-Forwarded-For
216.131.114.43
Content-Type
image/gif
access-control-allow-origin
https://thefinancialguys.com
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
x-request-id
009qp25ucenlcqsn7e9g
api.js
ry159.infusionsoft.app/cdn-cgi/bm/cv/669835187/ Frame 0A54 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ry159.infusionsoft.app/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: ry159.infusionsoft.app
URL: https://ry159.infusionsoft.app/app/webTracking/websiteTriggerIframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.151.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ry159.infusionsoft.app/app/webTracking/websiteTriggerIframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
68fd9fca49ce27c0-PRG
spacer.gif
ry159.infusionsoft.app/slices/
Redirect Chain
  • https://ry159.infusionsoft.app/app/webTracking/contact/1631832314749?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=thefinancialguys.com&location=https://thefinancialguys....
  • https://ry159.infusionsoft.app/slices/spacer.gif
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ry159.infusionsoft.app/slices/spacer.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.151.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 22:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
accept-encoding
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 10:26:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"43-1631788008422"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;includeSubDomains
content-type
image/gif;charset=UTF-8
via
1.1 google
cache-control
public, max-age=31554000
cf-ray
68fd9fcb7a9d27c0-PRG
expires
Sat, 17 Sep 2022 03:45:16 GMT

Redirect headers

pragma
no-cache, no-cache
date
Thu, 16 Sep 2021 22:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
location
/slices/spacer.gif
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;includeSubDomains
via
1.1 google
cache-control
no-cache, no-store, no-cache, no-store
cf-ray
68fd9fca69e627c0-PRG
vary
accept-encoding
x-xss-protection
1; mode=block
expires
Thu, 16 Sep 2021 22:45:16 GMT, -1
result
ry159.infusionsoft.app/cdn-cgi/bm/cv/ Frame 0A54 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ry159.infusionsoft.app/cdn-cgi/bm/cv/result?req_id=68fd9fc908d127c0
Requested by
Host: ry159.infusionsoft.app
URL: https://ry159.infusionsoft.app/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.151.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ry159.infusionsoft.app/app/webTracking/websiteTriggerIframe
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Sep 2021 22:45:16 GMT
server
cloudflare
cf-ray
68fd9fcaba2b27c0-PRG
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
log_event
www.youtube.com/youtubei/v1/ Frame CC63 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/XprnMTgzOpU?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthefinancialguys.com&widgetid=1
X-YouTube-Client-Version
1.20210913.1.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs0WkwwUDNPb1RrSSj7kY-KBg%3D%3D
X-YouTube-Ad-Signals
dt=1631832315576&flash=0&frm=2&u_tz&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C865%2C487&vis=1&wgl=true&ca_type=image&bid=ANyPxKp8I8spviiZMiPo8wyXeUTvjkigh0rDA8dwokYkETjWSNYoNbTzYZhdgPBzadEeZLiLRtaz-94Sr5Sip2SQkq04-yB2VQ

Response headers

date
Thu, 16 Sep 2021 22:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
common.js
maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/ Frame AFF2 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
51851a21c509338ed5929ff2697da8a2618c44ed6fc30f4b74afd6cf131dd5e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 22:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32060
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:30:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="maps-api-js"
expires
Thu, 15 Sep 2022 22:14:36 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/ Frame AFF2 		288 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
8bc39e9e059dcc0542cba0dcb785648490f8a89782431afbd1a8a232947c296c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 20:02:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90355
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:30:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="maps-api-js"
expires
Thu, 15 Sep 2022 20:02:06 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame AFF2 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&callback=_xdc_._c3oema&client=google-maps-embed&token=46080
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
mafe /
Resource Hash
bc199dcfb32aa0238edfa804736fe7036f0c83dee838dff320a31e0ae1238e15
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 22:45:20 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
capture
api.leadpages.io/analytics/v1/observations/ Frame 19B6 		35 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=iU3hBz2G7vPYEKANkVMbPE&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=58.10000002384186,29.100000023841858,1,345.8000000715256
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thefinancialguys.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 22:45:20 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
216.131.114.43
Content-Type
image/gif
access-control-allow-origin
https://thefinancialguys.lpages.co
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
access-control-max-age
600
Connection
keep-alive
x-request-id
009rakr8pg00vl2q6d40
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 8BDD 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&callback=_xdc_._c3oema&client=google-maps-embed&token=46080
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/5/intl/de_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
mafe /
Resource Hash
bc199dcfb32aa0238edfa804736fe7036f0c83dee838dff320a31e0ae1238e15
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 22:45:20 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Domain/Path Name / Value
.api.leadpages.io/analytics/v1/events/capture Name: view.Uy5ZdtPa7JwT6yzArw5uUX-default-prop.2idHSXUMdupCCSFAzLFUtb
Value: 1631832316000
thefinancialguys.com/ Name: FORMLIFT_ID
Value: formlift_session_6143c8efa91109.41096380
.infusionsoft.com/ Name: __cf_bm
Value: cjTVIWHEZO1qrYXVhEE8cCJPQZjr1NjLfnsA7wXIC9g-1631832314-0-AUX7LYsa9YhETkyyasytf1dxCYA/l9Kq20kN79t2hcWzBip+4ny1fqvHkPrCSP4YvP/uL09MLgtZgw66xla3Iy0=
.sitescdn.net/ Name: __cf_bm
Value: fbhDWNuWyxR8uQIoah.TdMxoaoH1fmwjSJ9Ih81P5eg-1631832314-0-AaOhApdMFJkqoPIrvS7kGK5zJnIpUMFHDZk2kbEW3rApdlR7S3H3+Zj3sVaFf1HqdRBoLPuBG2IzzHJOrQnWsBo=
.thefinancialguys.com/ Name: _gcl_au
Value: 1.1.1812011465.1631832315
.thefinancialguys.com/ Name: _ga_05LWXE0TDX
Value: GS1.1.1631832314.1.0.1631832314.60
.thefinancialguys.com/ Name: _ga
Value: GA1.2.924731501.1631832315
.thefinancialguys.com/ Name: _gid
Value: GA1.2.641597414.1631832315
.youtube.com/ Name: YSC
Value: SX01MxuFO44
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 4ZL0P3OoTkI
.thefinancialguys.com/ Name: _dc_gtm_UA-113788952-1
Value: 1
.thefinancialguys.com/ Name: _hjid
Value: bab19db4-ccb7-4305-b6d8-548dab210a2f
.thefinancialguys.com/ Name: _hjFirstSeen
Value: 1
thefinancialguys.com/ Name: _hjIncludedInPageviewSample
Value: 1
.thefinancialguys.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.thefinancialguys.com/ Name: _fbp
Value: fb.1.1631832315358.1183600179
.linkedin.com/ Name: UserMatchHistory
Value: AQIWhD9O1lQ94gAAAXvwyRYHJYkWhrXQNEtTyxPOMIWZt03wddw84Cu1llAx3ym1tJmSQGsUbevnVw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLKvNawebKgzQAAAXvwyRYHwCtXr9x1Elt9QCKh65FMr1H453xiSPL6hKwjSd9FrIgDWyXt1P1AG_0dgrAZLg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&f15bbe23-d521-4770-800d-11c1dd7aaaf8"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2211:u=1:x=1:i=1631832315:t=1631918715:v=2:sig=AQHcl8MCcgjBzzkylMPxfBoeLumIEuyn"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202109162245151a535568-f8e0-4872-89a7-92bad5e82464AQEDCzDJQFTdDmyP0fddicAhCKOvy7SH"
js.center.io/ Name: centerVisitorId
Value: ZELaYr88AC7VoW8gKeSiYU
.doubleclick.net/ Name: IDE
Value: AHWqTUlwHxhq0Fq3TGX9krRLKx7q074a8F5wRa0Zkz-mvLg3Qfo79mZju_U4zZOD
.infusionsoft.app/ Name: __cf_bm
Value: evcVKATVk7Tr9m86Fe9NdpmfCv.ZrFi6S6lcqPfW4wk-1631832316-0-ARe35mdV+rHwbItpCije30cA0mQUg5s1O+ybpnqStrkcJx+pElybkpCsB0FyC2KGfFqxDC80gHtm6XYdpn0VY2FcIS5u5rvS9RKC9n193W1ZNe+RXr3xBz0Aijzvw4YDLSZtBo2EfVVNVif4osjAiC4YBvswQ54uzfQPvCkEMJfEI5kJySqKrKE4bEEEDBOOBg==
ry159.infusionsoft.app/ Name: InfusionsoftTrackingCookie
Value: d6798dd5e165ddf71f2b3e1535bda2eb

1 Console Messages

Source Level URL
Text
network error URL: https://thefinancialguys.com/wp-content/uploads/2020/04/1470399614_Social_Media.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.leadpages.io
assets.sitescdn.net
code.jquery.com
connect.facebook.net
eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com
embed.lpcontent.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
in.hotjar.com
joinmedicare.us
js.center.io
maps.google.com
maps.googleapis.com
maps.gstatic.com
px.ads.linkedin.com
ry159.infusionsoft.app
ry159.infusionsoft.com
script.hotjar.com
snap.licdn.com
static.doubleclick.net
static.hotjar.com
static.leadpages.net
stats.g.doubleclick.net
thefinancialguys.com
thefinancialguys.lpages.co
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.riskalyze.com
www.youtube.com
yt3.ggpht.com
104.16.8.31
104.18.112.52
104.19.151.86
104.22.1.18
108.174.11.69
13.107.42.14
142.250.180.226
142.250.180.246
142.250.181.232
142.250.184.202
142.250.184.227
142.250.185.110
142.250.185.138
142.250.185.161
142.250.185.166
142.250.185.195
142.250.185.68
142.250.186.174
142.250.186.35
142.250.74.206
172.217.16.142
18.66.139.102
18.66.139.40
18.66.97.49
184.168.131.241
198.71.233.230
2.18.233.89
2.18.234.132
216.58.212.147
31.13.68.35
31.13.92.14
34.107.203.240
35.192.151.63
35.202.21.90
52.16.211.92
69.16.175.42
74.125.206.157
0162754f11024315f58623795cccac1fd1c3e289d13c08ad1490b0dbaa0c65e0
0287f5a3ab7a5d628ea6c4c46c23c6db0db180d2380bf17358a382eab029e878
070ab839228d2bfca0edb7d517a5db7594540cf522a3a68f03932510aec77458
076a367482fb9ad8865b1a2e08ee62da9ad955888bf37e71836c3299b12a0e9f
08bd597dc02e78446a12830692f324da163656460b7187352cfe512e7919d7d0
0a662d3ce7c803d83655595386db33321d2946309ad6b70a0de4a0ea8e23aa61
0cd2efc3c5c4ff75679eaa3905c3a2aed2adf1c20e9a2c93ff654288ce07c346
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0edf9d90a044765e07c092e7979ddd57511f6270fcdd35281359ed8ade988ffb
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120ed0c07e3b799f05edbaf9edd674065f79410c14c3f80193f25a0813cd05f5
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
194a16f0a2ddbd9f5fc5c8e79f875da8b9bccdf7883db44228612fcffb2524e3
1bd291c528ad6ca70c565607022968163898877cf2719249f5932e7485c2a608
1d58ec10678df035f4fd517509f207848056cc21dfb1066c40508368942cda9f
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2d3b7002ae9c49d7fb3f3f88bea86aadcef009520c048667b37ced0306efd06e
3260a8b5389bacd0c805c0b19256c1d6aed7231483e5e1459fba54c9006bc4fb
32eece9a1b26503d6b48aeeceae5b07ec185a3fd7798f510bc5fd5e9a225c955
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
3744fb174ef0623b491418e28208493a8e4483d8aab626430db39dc1eafa5f2e
39ace5b1c26347d6ae3273bda3b6ccb5fb7b17cf096cb1fac7c826c8ec890c21
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ecd5e6658606bd3ebe5230987a60837c536ff525517218a8b3ddfd41d66311a
4004d9d57e422ece6154f0b96986f0a7571335aa8c0ed3f7669c40629c8b0c85
431f69dd355933147b8c2324878606245eac314bd61aaf0b9219df6cabe0d5a7
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
47be9240aca567d4f1b3b5f6fbd4397633af5b75b3972120a5cb995ae1884d78
48304dee04c234faea58977b4a71328a3f0dbab9501a7fa891152a27d2c6c153
4a41b28e0c4262da8dc1ea9ad5ccbe420bce02a9d2c735f702832627b37fbd7e
4b72fdb16626c119bc446032d252c2817632350272ce2cf9a42c05f8269e0226
4bf7b4335f93390740535b1e55da9296acbda0b1740ab5d0be17d75cfe32ebfe
4e0e15a2df00ae75a008bde49b32bea27b9e2a691cae2ac64026d0ec084676b0
51552d818ffd8653ccab1d4bfd9ac7c60fb65dd9ac97e462d452f997a8482c1a
51851a21c509338ed5929ff2697da8a2618c44ed6fc30f4b74afd6cf131dd5e8
55d2e75c4ec6be170bb0c72011bf5c9217fdbc7605302aa4e0412c2ecfa32f1a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69500b7f81a0fcb2fa2dd92441a2104044ce62a7853c3afa5ad14ba19da19eaa
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
6fec582f7449a559ec472c566fc0d2b8b56232ca39e908154151ff5be0c20378
721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea
72adba864c1f28dcc56a67cae4f207c6f0b71b0fe2db5854a64cd7d0a51e380d
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
772a939fe72b662d152060e58932d5a64a8eeb3ec32c39335da803ad4e5d4ca8
799475c02c555791b93b7787d5f0da11cad7374b59ca3d038214824d1e0fd672
79b8e3c4d9fa616b7cfebfa4b1e25db9d3c3305e3481b80c65026e0a50012a1c
79ee548a3586d8f51573e37af2b82d1dc12113b2382e88ecd8bb0832509137c6
832d935bca026e10db21a69b0ecb9e54e86bfeb1279a5c948f16ba7af4ac81df
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84480a62a33383f425926a34fbf56813315bdb549bf4be08f77a7fae27f80e13
85164b842e5da2a9a7604deee2ce23f64856b87918de6c498d51cb4ecd7f392b
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a66251362eb95238812127b4a545e8580c96b2c51c6294a1f84f2fad75c62ff
8bc39e9e059dcc0542cba0dcb785648490f8a89782431afbd1a8a232947c296c
8df50ec75fe166a045e17efbc05eb3c6a80b1741a2d19ab9c5939187ebc7cca6
8e0e32d5397aa481dc2937bc3f85678cb1b8e20ab4b8b308f9e9e05cb9e94d9a
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c
a0e733109c256cea7e363ace19723eb8aadd4a4033d14d6f920732e8076513f9
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
b9a2fb5de4876ceddf8048af881f4c11a0d83c4a48f7976345f643db6f92dcfc
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc199dcfb32aa0238edfa804736fe7036f0c83dee838dff320a31e0ae1238e15
c06abe472f68a8e0834b95ed549e0c6941918795c3d88359d96ac46175465db4
c1c172b34f11f844d3b7e0b1a9ea661a755080084eded24cf8d6b2f8708732df
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d0df1ce3b59fc3685e52d1daecb5be16c0726a560a109cc79e6bd544e6e5e3ff
d1999be904875845a4eae41a8c56f7aa670c01ec3239068df8ed8f40b9cc17a5
d3d326200ef7b37fb474ef414130412a8bd5063203513a284a25df4f942ee16f
d74630ec50153fcb2d6f288062e3615ebdb1ebd4ac6d0985e59bc5a5a1878dee
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d80174354d2096b3a4cefb95c49bb5bfab9e1d2acc1d4581fec7c3a8219524a2
da0a763cb88419837ee68bec4fde133a4646df0b7ef8de75b953ee09f39c4f76
da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df1983b30c27af1b34ff889366fabadf11ed220d6ba986092d9b848dd6e2b3a2
e330923f5f97be852cebc6ca35620dda1b73a1da7d10c8e4fceade79800dd932
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92c572fe48977061e02d1291df28e9764aff81ac9bcbbb15be6481a965ec94a
e9e30dccc8ac3d91e997eee228488bd5650602f3ce2734beadf6d21cbcc328ac
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34e3dd42302f7589f4c05d28e501d2ebf24d1585e83db4aba1b7443d0a7cf6f
f48ebd2372c6d901f56fa7bb12d57960094e8efdff9099ee7f5e10c06ac2e513
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd7633ed68e52ab673d67dd5e8832d43e73c0b5d9a80608fb13f07cf29b3d448
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3