Submitted URL: https://u26175440.ct.sendgrid.net/ls/click?upn=ccz1GUCklG4gPSpIlZBHj9bMkDd8swWuNh-2Bd9Qse4EAVGIYc2SwGWCdfiOeP-2FBSSU0cBs-2BUxK0CHg...
Effective URL: https://campaign.tifinwealth.com/invest/demo/offball
Submission: On August 11 via manual from US — Scanned from DE

Summary

This website contacted 28 IPs in 4 countries across 25 domains to perform 71 HTTP transactions. The main IP is 2606:2c40::c73c:67e4, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is campaign.tifinwealth.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 2nd 2022. Valid for: a year.
This is the only time campaign.tifinwealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.54 11377 (SENDGRID)
20 2606:2c40::c7... 209242 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 34.111.224.162 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 34.111.73.67 15169 (GOOGLE)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 20.120.124.64 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
71 28
Apex Domain
Subdomains
Transfer
20 tifinwealth.com
campaign.tifinwealth.com
247 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 547
m.clarity.ms — Cisco Umbrella Rank: 5494
c.clarity.ms — Cisco Umbrella Rank: 996
26 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
region1.google-analytics.com — Cisco Umbrella Rank: 2742
20 KB
5 hubspot.com
app.hubspot.com — Cisco Umbrella Rank: 5428
forms.hubspot.com — Cisco Umbrella Rank: 2845
track.hubspot.com — Cisco Umbrella Rank: 2017
3 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
www.linkedin.com — Cisco Umbrella Rank: 491
px4.ads.linkedin.com — Cisco Umbrella Rank: 5619
3 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 351
c.bing.com — Cisco Umbrella Rank: 195
12 KB
4 gstatic.com
fonts.gstatic.com
79 KB
4 chilipiper.com
js.na.chilipiper.com — Cisco Umbrella Rank: 292355
api.chilipiper.com — Cisco Umbrella Rank: 87971
api.na.chilipiper.com — Cisco Umbrella Rank: 283483
21 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
131 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
221 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
388 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 734
6 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3440
945 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5596
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
501 B
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4139
516 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
448 B
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3144
3 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 1934
16 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 1927
20 KB
1 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4461
25 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4527
21 KB
1 hubspotusercontent-na1.net
7088340.fs1.hubspotusercontent-na1.net
139 KB
1 sendgrid.net
u26175440.ct.sendgrid.net
255 B
71 25
Domain Requested by
20 campaign.tifinwealth.com campaign.tifinwealth.com
js.usemessages.com
4 fonts.gstatic.com fonts.googleapis.com
3 track.hubspot.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
campaign.tifinwealth.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com campaign.tifinwealth.com
www.googletagmanager.com
3 fonts.googleapis.com campaign.tifinwealth.com
2 c.clarity.ms 1 redirects
2 m.clarity.ms www.clarity.ms
2 www.facebook.com campaign.tifinwealth.com
2 api.na.chilipiper.com js.na.chilipiper.com
2 region1.google-analytics.com www.googletagmanager.com
2 px.ads.linkedin.com 2 redirects
2 www.clarity.ms campaign.tifinwealth.com
www.clarity.ms
2 snap.licdn.com www.googletagmanager.com
js.hsadspixel.net
1 api.hubapi.com js.hsadspixel.net
1 c.bing.com 1 redirects
1 www.google.de campaign.tifinwealth.com
1 www.google.com campaign.tifinwealth.com
1 forms.hsforms.com campaign.tifinwealth.com
1 stats.g.doubleclick.net www.google-analytics.com
1 forms.hubspot.com js.hscollectedforms.net
1 px4.ads.linkedin.com campaign.tifinwealth.com
1 www.linkedin.com 1 redirects
1 api.chilipiper.com js.na.chilipiper.com
1 js.hsadspixel.net campaign.tifinwealth.com
1 js.hs-banner.com campaign.tifinwealth.com
1 js.hs-analytics.net campaign.tifinwealth.com
1 js.hscollectedforms.net campaign.tifinwealth.com
1 js.usemessages.com campaign.tifinwealth.com
1 app.hubspot.com campaign.tifinwealth.com
1 7088340.fs1.hubspotusercontent-na1.net campaign.tifinwealth.com
1 js.na.chilipiper.com campaign.tifinwealth.com
1 u26175440.ct.sendgrid.net 1 redirects
71 35

This site contains links to these domains. Also see Links.

Domain
tifin.com
www.linkedin.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
campaign.tifinwealth.com
Cloudflare Inc ECC CA-3
2022-02-02 -
2023-02-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
chilipiper.com
GoGetSSL RSA DV CA
2022-01-10 -
2023-02-10
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
hubspotusercontent-na1.net
Cloudflare Inc ECC CA-3
2022-02-24 -
2023-02-23
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2022-03-08 -
2023-03-07
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-12 -
2023-06-12
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-05-21 -
2022-08-19
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2022-06-10 -
2022-12-10
6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-02-27 -
2023-02-27
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
www.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
www.google.de
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02
2022-06-07 -
2023-06-02
a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3
2022-05-07 -
2023-05-07
a year crt.sh

This page contains 1 frames:

Primary Page: https://campaign.tifinwealth.com/invest/demo/offball
Frame ID: 8B0B7F23652807CEC30B832791382EB1
Requests: 71 HTTP requests in this frame

Screenshot

Page Title

Request a TIFIN Invest Demo

Page URL History Show full URLs

  1. https://u26175440.ct.sendgrid.net/ls/click?upn=ccz1GUCklG4gPSpIlZBHj9bMkDd8swWuNh-2Bd9Qse4EAVGIYc2SwGWCdfiOeP-... HTTP 302
    https://campaign.tifinwealth.com/invest/demo/offball Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

97 %
HTTPS

80 %
IPv6

25
Domains

35
Subdomains

28
IPs

4
Countries

995 kB
Transfer

2605 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u26175440.ct.sendgrid.net/ls/click?upn=ccz1GUCklG4gPSpIlZBHj9bMkDd8swWuNh-2Bd9Qse4EAVGIYc2SwGWCdfiOeP-2FBSSU0cBs-2BUxK0CHgARBT0o3Eg-3D-3DhouQ_7tv0zAp-2BWDa2QBqS10IahhXyv6vp7ZQqJ-2F0Vuor3PKD-2B3wOaEW7kwz7-2Bxj4ZuqiTwhWGtU56WEi7hYeI-2FWoQWNM8rz-2BmtQENWqkZOKiGGrDV2YAxW5jB9nU4FJUnrVWU1gtyWPHxd7RCB2acYBTg4M0tN9UitR5xvQ4zsK-2BgvrtU2klfozb13ZvzbjbKf1cMY72fw9loJGx-2FQEwygwtIwDirq7HuJDyGotg0XlYq8zSZ2aeOvYHTLQ-2FqS4NCLdAl3U4TZQjMmmUzzAGzJw6ttQesMgtVQyLYNeFwz23nHmTVPk0tyImjEmUVDBrTC0QB3uE-2FxXnGHaWZYZjBz-2F1zEPGcxXeACPUwmYugM1i3voP-2F-2B8R6uR2f-2B80sZsjnSYXIR-2BDThpBxjKrERRZ0vEpxibJv03Jkh7suNNcw1HeyaB9WUOj9r2dxRCVBS-2FyBd4DfG-2Fp1NNTCAzZ0Eiy5muKhLlPUOvrWVCMbuVux3IvStMJDID7rM45Hds-2FthbnD9m00A4YMdWxUYl-2BBLvLCE1HNDCFJD888CfPIY3SiUNWN80Y2r0WJz1dEOKGshJUIWUFwrhqrPix3tuC5fAdo49ctTlAU7BtwfEYM-2FgVMgpzVcjlMGPhS8pLdHmQ0JCeS2w57DPnjfGCj1gha0W9Qac7OYhZhOviN5PlaT9H3V-2FwThDw37z7Q7xSxN3rGO97BDbaGGlc75RyjaMfkmaJsdpepRtdtappuZoIuDJHHkN4d142pdPEV1wmLRkUl-2B4rsSXWckuoXdAbukigFoiSubDch63Yahdv5vJqK2QDHpJSFXJouVdOccUISz8qXwye8KL0OaRo2ad-2Fqfai35pPbDigSfE9QmUorobHC4AeHIGmPbBBiitN-2BtwHPcD918-2FuURfJqpe3Lni1HR5kW4ZPmrbM4dW-2BMKrpgVmFqfZ88dLs3cpCHjWpT7Frf5spGfp7IyfXfmJD0eGwS8r4vKfAW52Fp5ksqzfBWCcccShN7UkiPQBQ-3D HTTP 302
    https://campaign.tifinwealth.com/invest/demo/offball Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3759388&time=1660236668206&url=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3759388%26time%3D1660236668206%26url%3Dhttps%253A%252F%252Fcampaign.tifinwealth.com%252Finvest%252Fdemo%252Foffball%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3759388&time=1660236668206&url=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3759388&time=1660236668206&url=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&liSync=true&e_ipv6=AQI458im1alF3wAAAYKN0SkLWJ0jnTJPYKWnY8hII1BFxvnQaQamz1lDLZYBpAoq3502whE1
Request Chain 60
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=AA3BA86E0FBD450FAED34C135192DDC6&RedC=c.clarity.ms&MXFR=0773ACD216F16C72329EBD2F12F1626D HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=AA3BA86E0FBD450FAED34C135192DDC6&MUID=17C24B33998A6CA3112C5ACE98E16D5B

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request offball
campaign.tifinwealth.com/invest/demo/
Redirect Chain
  • https://u26175440.ct.sendgrid.net/ls/click?upn=ccz1GUCklG4gPSpIlZBHj9bMkDd8swWuNh-2Bd9Qse4EAVGIYc2SwGWCdfiOeP-2FBSSU0cBs-2BUxK0CHgARBT0o3Eg-3D-3DhouQ_7tv0zAp-2BWDa2QBqS10IahhXyv6vp7ZQqJ-2F0Vuor3PKD...
  • https://campaign.tifinwealth.com/invest/demo/offball
36 KB
9 KB
Document
General
Full URL
https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / HubSpot
Resource Hash
de0cbec72bbbc315bc3299c92a6ccfdee0cfa9cc921308354d896de677c1e222
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
s-maxage=14400, max-age=0
cf-h2-pushed
</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>,</hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js>,</_hcms/forms/v2.js>
cf-ray
7392796f7aaa9bbf-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 11 Aug 2022 16:51:10 GMT
edge-cache-tag
CT-80135075982,P-7088340,CW-30798154865,E-30798117636,E-30798117637,E-30798183304,E-30798183315,E-30798201566,E-30798201569,E-66339896584,E-66340852506,RA-30798201522,RA-66344989791,PGS-ALL,SW-4,GC-64356213858,GC-66343995830
etag
W/"90a3096e0d17ee5841f5db7c45edfda1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Sun, 07 Aug 2022 05:04:51 GMT
link
</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyhHXO%2BKgKpuIEqrPE%2FuujvuhXwkq2uQm6QEeq2JXaaCO9%2B0CCt7Cn%2FaBIEEm4Jtz39gDQEiouRbzD3zkLMIxawWGplJ7f6jwOZUKWbPKpfaPwIam7Gq%2FXbYhZNobJJujbMAfHeT4cDwp2LgAhXjHNofJVGTSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-hs-cache-config
BrowserCache-5s-EdgeCache-180s
x-hs-cache-control
s-maxage=14400, max-age=0
x-hs-cf-cache-status
REVALIDATED
x-hs-combine-css
Disabled
x-hs-content-id
80135075982
x-hs-hub-id
7088340
x-hs-prerendered
Sun, 07 Aug 2022 05:04:51 GMT
x-powered-by
HubSpot

Redirect headers

Connection
keep-alive
Content-Length
75
Content-Type
text/html; charset=utf-8
Date
Thu, 11 Aug 2022 16:51:09 GMT
Location
https://campaign.tifinwealth.com/invest/demo/offball
Server
nginx
X-Robots-Tag
noindex, nofollow
project.js
campaign.tifinwealth.com/hs/hsstatic/cos-i18n/static-1.53/bundles/
1 KB
1 KB
Script
General
Full URL
https://campaign.tifinwealth.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14180517
x-amz-server-side-encryption
AES256
cf-ray
73927974cb599bbf-FRA
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJSf1X0XVMUd%2FS0aR00mYbfDjWC4gAxy8FMoJopmJOGHp2TK%2BpnLzND4itHXCAxUt6HyK9NVzqyaSlnku5aGQB3I%2BNRfCMzCvRWog96yKvOXf8cSOvs1FXB3uuHcCGlgFiwhfMcKT3Err1qkRLIX%2FFTr31JaAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
cache-control
public, max-age=31536000
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
lW4qF689P3Dc0HMw43ovy8wjZ74uhX_Wh4bq4rNr2huIwgx-yNd3Uw==
expires
Fri, 11 Aug 2023 16:51:10 GMT
index.js
campaign.tifinwealth.com/hs/hsstatic/HubspotToolsMenu/static-1.138/js/
10 KB
4 KB
Script
General
Full URL
https://campaign.tifinwealth.com/hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1215190
x-amz-server-side-encryption
AES256
cf-ray
73927974cb5b9bbf-FRA
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Wed, 27 Jul 2022 14:35:54 GMT
server
cloudflare
etag
W/"0d86ec7be24f2dff2308b8edf54c2f32"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9nXDoyyKJYAmPSWj307mKwQtU7py1B2slguoopk8EyON5io8nfRt%2BIoBXVQ75JR%2BgOeANoT3peAeE%2B7uToL4%2BY97xRxzgzbme6TlP3e6jsAeeX1Ayx9b5ATDSyhmYOv7qhs34dzaACJaAEwkMVwIVqejmV1ag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
k79.hN9WG526nViFF800Vr3DxQF_q.yo
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
HSb0vWYA6cup18rgH5ST0v0B7uXyg39Zyu6_fhWbspPcWqdgszRmdg==
expires
Fri, 11 Aug 2023 16:51:10 GMT
v2.js
campaign.tifinwealth.com/_hcms/forms/
585 KB
148 KB
Script
General
Full URL
https://campaign.tifinwealth.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f26b5633d0577a58588a9c912e7a04badd4df1667411df0266516dedb2a3b7e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
213
x-amz-server-side-encryption
AES256
cf-ray
73927974cb5c9bbf-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-FormsNext-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 26 Jul 2022 10:57:52 UTC
server
cloudflare
etag
W/"8cfc2a51250daf33edd2e1dda3f1654b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Mh2H2oboum9lIrA30KZZlM2HM%2BAfP4Dtx1zh%2F3SnF2keMUCBkOFlQ73swFIMNP21AtYT8gzyAlaa3WCDMHlTVB58UUBO8uNXdvWgntDxNWsUnX6hrOZN4157DVuLEfLgLgUY%2BbAX5IGWwHmaJ6cK9ssh1vOeA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
elWqSweed2C2dWtDipd3d9hhUaqI4uV.
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
H8VlTtWeRGdUC2N1iZcgmkHYLS1wIPFctEP5JgQZtwXxyj_Akfy5VA==
x-hs-target-asset
FormsNext/static-5.519/bundles/project_with_deps.js
jquery-1.7.1.js
campaign.tifinwealth.com/hs/hsstatic/jquery-libs/static-1.1/jquery/
92 KB
34 KB
Script
General
Full URL
https://campaign.tifinwealth.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14163438
cf-ray
73927974fbae9bbf-FRA
x-cache
Hit from cloudfront
content-encoding
br
last-modified
Tue, 25 Nov 2014 17:03:30 GMT
server
cloudflare
etag
W/"ddb84c1587287b2df08966081ef063bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wOf4ZQDT6%2F0uHOVZPZqAoEMPd48aFrCgnwTK17t6XAWAYdVfmzyAswd2tthrrASzWUnxJz4K3EmHyWB3CUkJtjwsHPfrFzIdkBg3jAckbwEBAsepwrYT82L%2Bbc%2BFcQJPBc1ydJ1tGg5RePv6eMSFClUS0cuVw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
null
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
i44cm0oGwhEhbb1Ts0RFB35EBFsTsnExeW87nuouoe1GM0_CQJ-O4Q==
expires
Fri, 11 Aug 2023 16:51:10 GMT
layout.min.css
campaign.tifinwealth.com/hs-fs/hub/7088340/hub_generated/template_assets/30798183304/1659518888791/Tifin_June2020/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://campaign.tifinwealth.com/hs-fs/hub/7088340/hub_generated/template_assets/30798183304/1659518888791/Tifin_June2020/css/layout.min.css
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
46894befc4fb3d5a36fc78b7ba545567ccb7ea45424a4c170358c092683b3358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1659518889857
date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-encoding
br
x-amz-request-id
1KXTSR78XFKAM7JW
x-amz-id-2
Y2PPcLvudtv6uR9M14srUA7P50+r2j0Bwz43MyAyC+h7p+xh1NljBb7WTBdt6mQIDWfDjGAnU90=
x-amz-replication-status
COMPLETED
last-modified
Wed, 03 Aug 2022 09:28:10 GMT
server
cloudflare
etag
W/"58923c0e251628aefad87f49dbc0112d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYY4ce9c2UH1LQ3V9k3WxrVyNYEKkMlb2xmkFsZ9iuI4%2FLoKg4VjXLOCNr20LKDhYDczh8Y%2FhVJvuUugr%2BYK5%2FK4U9iPJnL15%2Fz7qZEBFqoR%2FGsN7krefM3BphrfUQj4tqvdPTpBxE5MiBOwnn6RRu%2BRrMZfZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
uC.SREQdc6aYCS5YO5cnBrRLZwLvm5_0
cf-ray
73927974fbb19bbf-FRA
x-amz-cf-id
wfOmqcuJW3qmibOnUwatYLu_sn-5-MA1zThkQEbKnmsFo9Y70pM2_A==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
main.min.css
campaign.tifinwealth.com/hs-fs/hub/7088340/hub_generated/template_assets/30798117637/1659518891894/Tifin_June2020/css/
25 KB
7 KB
Stylesheet
General
Full URL
https://campaign.tifinwealth.com/hs-fs/hub/7088340/hub_generated/template_assets/30798117637/1659518891894/Tifin_June2020/css/main.min.css
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3524dc6627c7cf48c9af93af92ff0b074b6e1f4da8c060828ae9216997f8663
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1659518893178
date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 cea67f5ca1b497624430e599aa6b7c62.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2178
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-encoding
br
x-amz-request-id
1KXY95HK0ED28D94
x-amz-id-2
0RWIsDO44uU6fR+yhya/OCGlAL11e+l88bXYHBl+yBRrjb6dVEbmNM/eWfzj2YWXM0y1zjUFBmA=
x-amz-replication-status
COMPLETED
last-modified
Wed, 03 Aug 2022 09:28:14 GMT
server
cloudflare
etag
W/"3450974f17ad079eced95890bf025136"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fly1CkOFznN1JIe5DVHEi1HfAdqFJxcKjDfmfdvTp3AUkcCzPP8ar6lch6fvoWi1VtRvlvcNHIeqYMdgbm500MuQ2LOk9ficuSzB7JAuhYs9ZpjncNzevyrsW0lt0zgo7YjDWJEvdkEibkMs5RQ7Tldh7R1eCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
2TkdvMUyfbrCJ.dNiCzt0ZR0QJ0UNp8.
x-amz-cf-pop
IAD89-P1
cf-ray
73927974fbb39bbf-FRA
x-amz-cf-id
qa33QZ7KA0Apu9M9QDOYs1euqlFfY209EpvF5bXCGjZRiB46uWcZYQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
css
fonts.googleapis.com/
6 KB
777 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,700|Lato:300,400,700&display=swap
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
37ffbdd930d2a92273187473e6e4c722eb631a4dfcd6183e136ab405401631ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 16:51:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 11 Aug 2022 16:51:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Aug 2022 16:51:10 GMT
css2
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71ab148cfc90acf719758d5afa6afe0e131647522a2516616e494b7469235752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 16:45:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 11 Aug 2022 16:51:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Aug 2022 16:51:10 GMT
theme-overrides.min.css
campaign.tifinwealth.com/hs-fs/hub/7088340/hub_generated/template_assets/30798117636/1659518888049/Tifin_June2020/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://campaign.tifinwealth.com/hs-fs/hub/7088340/hub_generated/template_assets/30798117636/1659518888049/Tifin_June2020/css/theme-overrides.min.css
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0ede77734d17eaa515d0fe76320268ef3647c49b906a4e6a9e7bd2e79f1937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1659518888467
date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-encoding
br
x-amz-request-id
THR4TEV06H0C6ACY
x-amz-id-2
O2+kBty6NiexN/TmsHTiBh6qUtg/INQlgHDc3wqszUBJu0FjQpW4BnimtrSqtdlLFW39QZ+JIcU=
x-amz-replication-status
COMPLETED
last-modified
Wed, 03 Aug 2022 09:28:09 GMT
server
cloudflare
etag
W/"66b018085f0fb63dba1b4a7218dc57e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEYjLq3F%2Fb8R3uC3NVoPzcxa7VqPtIqTiwktiRMpaMRhO5Kjr2%2Bk%2BlU2yThKip2zKfo1PHRFa75Gv5hA1A6TFXSOWasmgI5UPjJoaqgG9wPEKKERef%2FnmdWLLNRpwMTpEucqGYSKB7g2eKn50M4W5q1h4UEOQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
CBQkVRRTi6Wc.IcA2VOL2TpvsMeoAaWI
cf-ray
73927974fbb59bbf-FRA
x-amz-cf-id
fLKeg-RGLnToUuBi9RZJvG3OsXhpjf4XrlASC9brTqMHrtHeFjfYxQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_30798154865_Banner.min.css
campaign.tifinwealth.com/hs-fs/hub/7088340/hub_generated/module_assets/30798154865/1645027258677/
2 KB
2 KB
Stylesheet
General
Full URL
https://campaign.tifinwealth.com/hs-fs/hub/7088340/hub_generated/module_assets/30798154865/1645027258677/module_30798154865_Banner.min.css
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d6b271e396f13ee91fdb0c18a2e05249f8a5800f7dc9dfddcb7abb1eca42be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1645027258677
date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 cea67f5ca1b497624430e599aa6b7c62.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-encoding
br
x-amz-request-id
1KXJTX6VTW8K2RDQ
x-amz-id-2
E4UOS4di2pZ1Li7x0h1FAwJmqJyZChsp7Ang01nG9C8VEYwy/RQOcoqlaqHNQA+dyskrAaQf+WI=
x-amz-replication-status
COMPLETED
last-modified
Wed, 16 Feb 2022 16:00:59 GMT
server
cloudflare
etag
W/"4aca85e4123f8524a8fef33ec58b7eed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liUmxexSQ%2B4D3bRHTEwJcTr0FGPrDIagP4WyY1HJ15W4xCdh7a1mXNnXSWL6v7jw416D8P0QLVQxVQ7C0T1siJ01S2dsd8uKLJ6vkQFnoiTaA47h%2BoJk6EKu05H%2BYy7ST6oCEE4NGtnB1eTTMYjtA1OtsQ3TgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
WsQoNRAA_Om8Ug7QN1OvMC3zd78kAgRI
cf-ray
73927974fbb69bbf-FRA
x-amz-cf-id
gCiHNDzN-G-74yvC2YGvbnPPS4KO2dLeHWIcFz1YSc0-abENsJs-rA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
css
fonts.googleapis.com/
2 KB
632 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Inter:regular&display=swap
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0370a4223069208a01c9a4c3f1ba1da1954f4bbad2ab3ec4467d29f7ff77a7b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 16:51:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 11 Aug 2022 16:51:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Aug 2022 16:51:10 GMT
TIFIN-Wealth-Logo-Black%20(2).png
campaign.tifinwealth.com/hs-fs/hubfs/
2 KB
3 KB
Image
General
Full URL
https://campaign.tifinwealth.com/hs-fs/hubfs/TIFIN-Wealth-Logo-Black%20(2).png?width=300&name=TIFIN-Wealth-Logo-Black%20(2).png
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
775f8f64121459469d70ff4d8f4e6d7758b6dac66d40823dfecce111e9e3aaca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 066fc17b108820c747336d8f45e8ea54.cloudfront.net (CloudFront)
vary
Accept, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
170770
cf-polished
origFmt=png, origSize=4585
edge-cache-tag
F-72835150154,P-7088340,FLS-ALL
cache-tag
F-72835150154,P-7088340,FLS-ALL
x-amz-storage-class
INTELLIGENT_TIERING
x-hs-https-only
worker
content-disposition
inline; filename="TIFIN-Wealth-Logo-Black%20(2).webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-length
1898
x-amz-server-side-encryption
AES256
last-modified
Sat, 06 Aug 2022 06:02:21 GMT
server
cloudflare
x-cache
RefreshHit from cloudfront
etag
"4ee9687c1615957e09be1922698bf69b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIg%2BfQfLRCC0TNnIQAE0%2BsblFNmG2qJp9SjOYiJ3gCNahk1InoV16ISClnybN30CiiYdy5MClgtTYe%2FIBYAzi%2Bnm2RpqmzSGjPx5Ta452f8WFAfaNDhZk2NhixjS9BVUcAZl%2BRQYUxGZBa0znsT1XCdukQKDJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-P1
accept-ranges
bytes
cf-ray
73927976eefc9bbf-FRA
x-amz-cf-id
CXmZlaVnoQO8JucwoOaUwnWaJT86nBhbw5jTOQgo-H_ZyL8m5iTpQQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
email.png
campaign.tifinwealth.com/hs-fs/hubfs/
526 B
1 KB
Image
General
Full URL
https://campaign.tifinwealth.com/hs-fs/hubfs/email.png?width=50&height=50&name=email.png
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
be8fbf15ea59c37c3f6ae6ad36dac45ec554552e583f6e111b638677049d16c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 5e1f849553b1d58615d0d8f7c044078e.cloudfront.net (CloudFront)
vary
Accept, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
70333
cf-polished
origFmt=png, origSize=1237
edge-cache-tag
F-66351737660,P-7088340,FLS-ALL
cache-tag
F-66351737660,P-7088340,FLS-ALL
x-amz-storage-class
INTELLIGENT_TIERING
x-hs-https-only
worker
content-disposition
inline; filename="email.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-length
526
x-amz-server-side-encryption
AES256
last-modified
Sat, 06 Aug 2022 01:05:32 GMT
server
cloudflare
x-cache
RefreshHit from cloudfront
etag
"8a74ee02873dbd49d667ff7a1550ba8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNcO%2BijMrk0q%2FtXZ%2FhyCzGj7qJsg4%2FdIU2ld6aUDMihjYrvt8SOsqlOkyp60H8Jrgnm%2F4QiQfyuWqRy4lOwFjCaiLVZYS5%2Bjq58tSz%2FsSdSA5slhAHLw3Ab9xA1hY%2Bd4SuJoJv1Ggcl3BvEjETnImYfOUwgWUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-P1
accept-ranges
bytes
cf-ray
73927976ff139bbf-FRA
x-amz-cf-id
xVNNuD2NGioawCi8xAakB0Tcalai-aS-rA8sllf1EwOXAWAAD1x--g==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
linkedin.png
campaign.tifinwealth.com/hs-fs/hubfs/
574 B
1 KB
Image
General
Full URL
https://campaign.tifinwealth.com/hs-fs/hubfs/linkedin.png?width=50&height=50&name=linkedin.png
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90fe26026a26e624ebfa21d01bd03ed7302f8ac1e0ee8365a9ca1800b098e85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
vary
Accept, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2177
cf-polished
origFmt=png, origSize=1318
edge-cache-tag
F-66351738025,P-7088340,FLS-ALL
cache-tag
F-66351738025,P-7088340,FLS-ALL
x-amz-storage-class
INTELLIGENT_TIERING
x-hs-https-only
worker
content-disposition
inline; filename="linkedin.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-length
574
x-amz-server-side-encryption
AES256
last-modified
Sat, 06 Aug 2022 06:02:21 GMT
server
cloudflare
x-cache
RefreshHit from cloudfront
etag
"6ab46d079ffb149a4d639f2af60d5ce3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoPwao79IQL9XgEPZyyKM6ygnpmVPY2%2F6Cd3MiE9Uw2nhxCx7y0OBnudyIq7tolfT7RjlIn0%2BUV6pvqiBJgup%2FD%2BbEmoXFhwhauhvbwq3DzbV%2Buls2DOqefOhOaqhHiebJbBYerOcdpylMR%2FO3z7ANQy3BJ9tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-P1
accept-ranges
bytes
cf-ray
73927976ff179bbf-FRA
x-amz-cf-id
42WCu6Jxt8wjUmHk9ju_bWFXiMhScln8cT4BGZgo0gce89ThWPDLlQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
twitter.png
campaign.tifinwealth.com/hs-fs/hubfs/
488 B
1 KB
Image
General
Full URL
https://campaign.tifinwealth.com/hs-fs/hubfs/twitter.png?width=50&height=50&name=twitter.png
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a515174166bbb2f1a418f3b82d1f744f0aa9a052e81b4af568165c86a2e4b7bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 a7a1b4c19abc42d237405ce4c4069f10.cloudfront.net (CloudFront)
vary
Accept, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
70333
cf-polished
origFmt=png, origSize=1341
edge-cache-tag
F-66351326024,P-7088340,FLS-ALL
cache-tag
F-66351326024,P-7088340,FLS-ALL
x-amz-storage-class
INTELLIGENT_TIERING
x-hs-https-only
worker
content-disposition
inline; filename="twitter.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-length
488
x-amz-server-side-encryption
AES256
last-modified
Sat, 06 Aug 2022 06:02:22 GMT
server
cloudflare
x-cache
RefreshHit from cloudfront
etag
"33f0f8ccaeefa46eca13fa5662de9e57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gv0dsijWNlI4Kr48inGThg4ltXH6fbEY9VGV%2FVaXhhKlLq498xNjiqRaYaEj6xRMHa7HZbuGr8odga%2F6HfZvpjipRvsCtTb253pSI%2BrpykvYw7RU7Wblhv0ZHlNoY1rJyL0OcI6bflx3DslPaJ%2FqeGg1wp98sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-P1
accept-ranges
bytes
cf-ray
73927976ff199bbf-FRA
x-amz-cf-id
iW5TmYT-z0iEYTpOihfGsiLGSDJZ5Z1LTZkpLAdRb3gJgAYgzb5epw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
facebook.png
campaign.tifinwealth.com/hs-fs/hubfs/
532 B
1 KB
Image
General
Full URL
https://campaign.tifinwealth.com/hs-fs/hubfs/facebook.png?width=50&height=50&name=facebook.png
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
061b143bf1f0f58a3c2ee6cf23b9c27741dfe86d3cd23786357fd1f5cf3936fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
vary
Accept, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
341816
cf-polished
origFmt=png, origSize=1496
edge-cache-tag
F-66351186198,P-7088340,FLS-ALL
cache-tag
F-66351186198,P-7088340,FLS-ALL
x-amz-storage-class
INTELLIGENT_TIERING
x-hs-https-only
worker
content-disposition
inline; filename="facebook.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-length
532
x-amz-server-side-encryption
AES256
last-modified
Sat, 06 Aug 2022 06:02:22 GMT
server
cloudflare
x-cache
RefreshHit from cloudfront
etag
"a8d8e682738d4bce6b6a8322f72ad6d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsFoJc6YqnMpWCoBxM28abqDzsVq3ObX%2FRkYa7AC7IQ5664d6B074SEfI2hqS2TaZr7s5XAroFmohcAid6V9YjxVq4cKBO%2BRGP9VoJx0PlsuH9E8wfPim2tqzm%2FYdrMd1i9Dyaq3yOO4HGcv2tj6RWL%2BkuA8Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-P1
accept-ranges
bytes
cf-ray
73927976ff1b9bbf-FRA
x-amz-cf-id
aluyduvBnDsS0aNqhXQ8m9fBDsKVGW6v1Ac4_T7WhzzFbf1ikbs7NQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
main.min.js
campaign.tifinwealth.com/hs-fs/hub/7088340/hub_generated/template_assets/30798201566/1659518889961/Tifin_June2020/js/
2 KB
1 KB
Script
General
Full URL
https://campaign.tifinwealth.com/hs-fs/hub/7088340/hub_generated/template_assets/30798201566/1659518889961/Tifin_June2020/js/main.min.js
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba598c6240c66462aa2341033c1de4799eab9f2dbe33793757c58f2c38337237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1659518890288
date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2177
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-encoding
br
x-amz-request-id
VVGSNKPW84TKB6PE
x-amz-id-2
F3c4EUG1a+31Hl8fHItixIrraLJCQXUzYNnQRVIGS3wGj6zDo6x0t+SV+XOGwE87oZVng3wzuX4=
x-amz-replication-status
COMPLETED
last-modified
Wed, 03 Aug 2022 09:28:11 GMT
server
cloudflare
etag
W/"1c850880816b744721836f0f66c40740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSCeGA3zbgG%2FyII%2FhCjTz4OC4A6zNRgxUP7STn57u5jxgmuMyZeWodTZIxgNaYOWHHp3KhvrjX%2BOgpCGuvkPeEpN3%2FYebViObxPqhseWlXFEZaQ602Lssr83HkmLQ%2FnE0gfkV2nPT%2F344b82IHKz0eE6oezvMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
An9aACkkz9SXS6HST1EwoL3M7tnB3tfq
x-amz-cf-pop
IAD89-P1
cf-ray
73927976be919bbf-FRA
x-amz-cf-id
Nxj2BE96JvDxRTapHFKdaVeTe27yz9PIKhxj6h5EPHkRLvPgbSGrTQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
7088340.js
campaign.tifinwealth.com/hs/scriptloader/
2 KB
1 KB
Script
General
Full URL
https://campaign.tifinwealth.com/hs/scriptloader/7088340.js?businessUnitId=356821
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b1b655a758f5f717fe35141af737335672c8047e57c90f82e5d501009ea18b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
0819e58e-6b0a-481e-b389-33705c01d67b
last-modified
Wed, 10 Aug 2022 21:18:56 GMT
server
cloudflare
x-trace
2B0AEE115104299729414C5EA27C6453396C311823000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlJopDrWNUJ922DptTS9H0iQ7MR2YO5wRkjUWupxVsVvP3TGzheUhTdlPNxt02RAvirfj8bia9Z0cB8fSBU7hxJusG0eYch2SHrGnhEoyoYWdVpJ6lCmWp0g1kD1JyWrDwRpkaxuTHcvR5UTg5oIkP9SIx9oNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://campaign.tifinwealth.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
73927976ff1c9bbf-FRA
expires
Thu, 11 Aug 2022 16:52:10 GMT
marketing.js
js.na.chilipiper.com/
53 KB
19 KB
Script
General
Full URL
https://js.na.chilipiper.com/marketing.js
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.224.162 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
162.224.111.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2094c2b2bda2c2927d2fdb1fa35a847ce18d8ea11a254313739ceacab8604bcf
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://www.facebook.com https://*.facebook.com https://*.marketo.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://*.clearbit.com https://chrome.google.com https://intercom-sheets.com https://nexus-long-poller-b.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://js.intercomcdn.com https://api-iam.intercom.io https://s3.amazonaws.com https://js.intercomcdn.com https://profiles.chilipiper.com https://profiles.chilipiper.team https://profiles.chilipiper.io https://profiles.chilipiper.cool https://js.intercomcdn.com https://api.chilipiper.team https://api.chilipiper.io https://api.chilipiper.cool https://api.na.chilipiper.com https://api.chilipiper.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://widget.intercom.io https://www.google-analytics.com https://sentry.io https://cdn.ravenjs.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://*.cloudfront.net wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.googleusercontent.com https://js.intercomcdn.com https://cdn.lr-ingest.io https://cdn.lr-ingest.io/logger.min.js https://*.ingest.sentry.io https://*.fullstory.com https://*.rollout.io 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' blob: data: https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://www.facebook.com https://*.facebook.com https://*.marketo.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://*.clearbit.com https://chrome.google.com https://intercom-sheets.com https://nexus-long-poller-b.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://js.intercomcdn.com https://api-iam.intercom.io https://s3.amazonaws.com https://js.intercomcdn.com https://profiles.chilipiper.com https://profiles.chilipiper.team https://profiles.chilipiper.io https://profiles.chilipiper.cool https://js.intercomcdn.com https://api.chilipiper.team https://api.chilipiper.io https://api.chilipiper.cool https://api.na.chilipiper.com https://api.chilipiper.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://widget.intercom.io https://www.google-analytics.com https://sentry.io https://cdn.ravenjs.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://*.cloudfront.net wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.googleusercontent.com https://js.intercomcdn.com https://cdn.lr-ingest.io https://cdn.lr-ingest.io/logger.min.js https://*.ingest.sentry.io https://*.fullstory.com https://*.rollout.io 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Tue, 09 Aug 2022 12:30:19 GMT
server
Google Frontend
date
Thu, 11 Aug 2022 16:51:10 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
etag
W/"62f2535b-d513"
content-security-policy
default-src 'self' blob: data: https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://www.facebook.com https://*.facebook.com https://*.marketo.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://*.clearbit.com https://chrome.google.com https://intercom-sheets.com https://nexus-long-poller-b.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://js.intercomcdn.com https://api-iam.intercom.io https://s3.amazonaws.com https://js.intercomcdn.com https://profiles.chilipiper.com https://profiles.chilipiper.team https://profiles.chilipiper.io https://profiles.chilipiper.cool https://js.intercomcdn.com https://api.chilipiper.team https://api.chilipiper.io https://api.chilipiper.cool https://api.na.chilipiper.com https://api.chilipiper.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://widget.intercom.io https://www.google-analytics.com https://sentry.io https://cdn.ravenjs.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://*.cloudfront.net wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.googleusercontent.com https://js.intercomcdn.com https://cdn.lr-ingest.io https://cdn.lr-ingest.io/logger.min.js https://*.ingest.sentry.io https://*.fullstory.com https://*.rollout.io 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com
x-content-security-policy
default-src 'self' blob: data: https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://www.facebook.com https://*.facebook.com https://*.marketo.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://*.clearbit.com https://chrome.google.com https://intercom-sheets.com https://nexus-long-poller-b.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://js.intercomcdn.com https://api-iam.intercom.io https://s3.amazonaws.com https://js.intercomcdn.com https://profiles.chilipiper.com https://profiles.chilipiper.team https://profiles.chilipiper.io https://profiles.chilipiper.cool https://js.intercomcdn.com https://api.chilipiper.team https://api.chilipiper.io https://api.chilipiper.cool https://api.na.chilipiper.com https://api.chilipiper.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://widget.intercom.io https://www.google-analytics.com https://sentry.io https://cdn.ravenjs.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://*.cloudfront.net wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.googleusercontent.com https://js.intercomcdn.com https://cdn.lr-ingest.io https://cdn.lr-ingest.io/logger.min.js https://*.ingest.sentry.io https://*.fullstory.com https://*.rollout.io 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com
gtm.js
www.googletagmanager.com/
228 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-52QMSZT
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7419f897a756e27102f4034fb859f437d722750282fdc13341fa68f4bd9ab5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79668
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 16:07:05 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Aug 2022 16:51:10 GMT
TIFIN%20Invest%20Banner%201600x500.png
campaign.tifinwealth.com/hubfs/
20 KB
21 KB
Image
General
Full URL
https://campaign.tifinwealth.com/hubfs/TIFIN%20Invest%20Banner%201600x500.png
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bbf78a1e410a61674f693294c3d61289e4e84f2b678a6832bbe69acf3374b96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-75537117536,P-7088340,FLS-ALL
age
70333
x-amz-server-side-encryption
AES256
edge-cache-tag
F-75537117536,P-7088340,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="TIFIN%20Invest%20Banner%201600x500.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
x-amz-request-id
VESAHQGT9QKGF2VD
cf-bgj
imgq:85,h2pri
etag
"06a9c52700a61ce856dc77f988a8200b"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
x-hs-https-only
worker
x-amz-meta-created-unix-time-millis
1654549482641
date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=48187
x-cache
RefreshHit from cloudfront
cache-tag
F-75537117536,P-7088340,FLS-ALL
x-amz-meta-index-tag
all
content-length
20344
x-amz-id-2
7k/d03ZHBYYF5YOsTEX3b6fXASYnLkhPsjMY8hgMHziXvP5FYjWyGfcOpmzCCpGjvQY9eJYQ7ZLVYknTfA56fA==
last-modified
Mon, 06 Jun 2022 21:04:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmT%2Be3CnD0W3cOPf3bWh3ijq7TmR0y43PPk9CMwI1B4r6No%2FU9DNOtmMz1rzwRwF8XgIA0kmyCTec5li02mNKpnvjLfgTkaVE%2Fy6wgZHJVKkRrN4ShZV30AFfdSO8HYiRi4hHlZqy1qeqj70ogQ8c9QINfjJNA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4DXX3xSiB0mSWYCZC5GVpbIkdhlu_A_E
accept-ranges
bytes
cf-ray
739279770f2b9bbf-FRA
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-cf-id
qfj6yCzD9RBp4jx8Am3JtwHODYAy2SKrTB6jgaZHL474J8FsLP5WZw==
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Lato:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://campaign.tifinwealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:12:19 GMT
x-content-type-options
nosniff
age
171531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 17:12:19 GMT
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v12/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://campaign.tifinwealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:46:10 GMT
x-content-type-options
nosniff
age
126300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:02:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 05:46:10 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/
16 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://campaign.tifinwealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 19:06:05 GMT
x-content-type-options
nosniff
age
251105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16720
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 19:06:05 GMT
uncode-icons.woff2
7088340.fs1.hubspotusercontent-na1.net/hubfs/7088340/Tifin_June2020/Fonts/
138 KB
139 KB
Font
General
Full URL
https://7088340.fs1.hubspotusercontent-na1.net/hubfs/7088340/Tifin_June2020/Fonts/uncode-icons.woff2
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/hs-fs/hub/7088340/hub_generated/template_assets/30798117637/1659518891894/Tifin_June2020/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
408a85a7265a81c75209ab66f1b639d2b73631c362cbf1d2dc3bad6ade2ec706

Request headers

Referer
https://campaign.tifinwealth.com/
Origin
https://campaign.tifinwealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-30850398426,FD-30850118031,P-7088340,FLS-ALL
age
71123
x-amz-server-side-encryption
AES256
cf-ray
739279778a759bbe-FRA
edge-cache-tag
F-30850398426,FD-30850118031,P-7088340,FLS-ALL
cache-tag
F-30850398426,FD-30850118031,P-7088340,FLS-ALL
x-amz-meta-index-tag
all
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
x-amz-request-id
JA82N6MAMC23109P
x-amz-id-2
scsKLLMBmCrnSjWXw7XEYsW7fPKCJjiyzIurapT+8HjWHQCNzCNpG1aYtvwGAwziEneqLL17y3Y=
accept-ranges
bytes
last-modified
Wed, 17 Jun 2020 10:01:13 GMT
server
cloudflare
etag
"1a27ef66e36d27322485d1aa8082e979"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
g06FLSG6vGABREXDq_qO5SziJwiVy7B3
x-amz-cf-pop
FRA56-C1
content-length
140872
x-robots-tag
all
x-amz-cf-id
4Ykjtrc7icyFzQ3rCtGEkxMiwKat0uRTvcq-9Z2mofkVs5z4gcx5XA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
json
campaign.tifinwealth.com/_hcms/forms//embed/v3/form/7088340/d7cb4ad7-e2d5-45eb-b40c-ce67dcef1f6e/
22 KB
5 KB
XHR
General
Full URL
https://campaign.tifinwealth.com/_hcms/forms//embed/v3/form/7088340/d7cb4ad7-e2d5-45eb-b40c-ce67dcef1f6e/json?hutk=
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f97b5cacb96b8cdf7acdd28aa019264135002d949e4aa951677751e7ba70f61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/javascript
Referer
https://campaign.tifinwealth.com/invest/demo/offball
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-origin-hublet
na1
date
Thu, 11 Aug 2022 16:51:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
85e7b769-e48a-4126-af07-0f8f6df9bbf1
cf-ray
739279776fa89bbf-FRA
access-control-allow-methods
OPTIONS, GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
x-trace
2BC71509A4136AA948748C4D678063D1E5B4650329000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPvFt%2F1EsYjyOd%2FLyh5BVmqIQ4BFGQKrs2wxaEPV%2BuCqsRL7M8EYzSIuCO%2BZAIzkknDC%2BW0A5Jow8zEAa3CRRnkErNaYMdYvH4o2FBASs8p%2BYzGC5%2BUhYTPtijXq2L1rexmeYG5FCGm67qDJ5JbbaLSZ407hNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
access-control-allow-headers
*
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/
0
758 B
Script
General
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=7088340&callback=jsonpHandler
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode
false
server
cloudflare
x-hubspot-correlation-id
52714d63-292f-4ea1-a72a-26563e78adc2
x-trace
2B7488491D5A7B346A772A13AB44791D09E61A33BB000000000000000000
date
Thu, 11 Aug 2022 16:51:10 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
cf-cache-status
DYNAMIC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=73927977a9a45b6e&resource=unknown"}]}
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
73927977a9a45b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
conversations-embed.js
js.usemessages.com/
73 KB
21 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/hs/scriptloader/7088340.js?businessUnitId=356821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c09332326d7e70e0623cd6bd5b3b5bf25ed4f55f92f7b90291ebe4cc9ce9130d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 470d4277236d0557f3e42c6bfe9dac78.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
493
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10527/bundles/project.js&cfRay=73926d6ab8ea6909-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Wed, 10 Aug 2022 02:50:06 UTC
server
cloudflare
etag
W/"a2bf181c4425a795ee88f3f230bb1967"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
c5qrTiV6vDUhLMyUOB33g.CfXJNifE8r
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
739279789ebc6973-FRA
x-amz-cf-id
vtLvlIvEwlT8Bo3iuA9r__GxHkXo2NDDpVhta3D8PkMtx7KUW6MUPg==
x-hs-target-asset
conversations-embed/static-1.10527/bundles/project.js
collectedforms.js
js.hscollectedforms.net/
72 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/hs/scriptloader/7088340.js?businessUnitId=356821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088

Request headers

Referer
https://campaign.tifinwealth.com/invest/demo/offball
Origin
https://campaign.tifinwealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 e418fd5667de46c635f0321ea814c2e0.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
72631
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.285/bundles/project.js&cfRay=738b8c3d49ad9055-IAD
x-cache
Miss from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
739279789ecb903c-FRA
last-modified
Mon, 18 Jul 2022 02:17:32 UTC
server
cloudflare
etag
W/"877e5f54a66a69786dec54038d0864c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
gdKWpz_yvObw8s97wY_QgOhrdmJzIElp
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
JQcuc9Bm59cZk03hd2UkjohZb7DdvWHSPyzvErI--q75cywhATt9yw==
x-hs-target-asset
collected-forms-embed-js/static-1.285/bundles/project.js
7088340.js
js.hs-analytics.net/analytics/1660236600000/
62 KB
20 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1660236600000/7088340.js
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/hs/scriptloader/7088340.js?businessUnitId=356821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f76aacb110ac89c36935a5bcd14b6a9cf665777399a67c2d99e0978b714febd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
2KKVWPV9NSCJ2774
x-amz-server-side-encryption
AES256
cf-ray
7392797898bc90f4-FRA
x-amz-id-2
J5nYU4sY3er6DB7Zsh9YK39CY9602ekC11jY8S/RSCZbiFMurhvITYMLz6JwDdPXcsLxUR4hHCk=
last-modified
Tue, 26 Jul 2022 15:10:59 GMT
server
cloudflare
etag
W/"71c7694825bf485c4ee2ee7fa10781b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Thu, 11 Aug 2022 16:56:11 GMT
356821.js
js.hs-banner.com/7088340/
60 KB
16 KB
Script
General
Full URL
https://js.hs-banner.com/7088340/356821.js
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/hs/scriptloader/7088340.js?businessUnitId=356821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c378f7bbc49aceb3b5c2e42d6b5c2749c00634aea30b458b597a675d8d2dc722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
FQCHSB8QXDK9V5R0
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
dGCf0y5wB3RHc+5yz+W1Drb2AhY4IZmtulrZqcC28LsbD1iKzOsNQ7iD10jE1+HJpCBilrTAXNg=
timing-allow-origin
*
last-modified
Wed, 27 Jul 2022 22:00:40 GMT
server
cloudflare
etag
W/"86f6f434466b55a54777a94d33326bba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
6gn81cqbvApPZO.2l7zAukz8FCuXcTcd
access-control-allow-origin
https://campaign.tifinwealth.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
739279789f6a5b62-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 11 Aug 2022 16:56:11 GMT
fb.js
js.hsadspixel.net/
5 KB
3 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/hs/scriptloader/7088340.js?businessUnitId=356821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea2ffede896a8727d9691452b1314e64ac7d2932896e89920599392ba33dd6f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
via
1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
498
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.290/bundles/pixels-release.js&cfRay=73926d4bbc349241-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Wed, 10 Aug 2022 01:59:54 UTC
server
cloudflare
etag
W/"4f0b2f5f5adcb58be2f46e95ab35e280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
.CBGOpqVu8zaE1sKV5DacDTNZHwT9f6j
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
739279788bfbbb5b-FRA
x-amz-cf-id
iRaH0J0ayKn3zKkQtnKxB6fpA48v9PqQVJVooNvvwKsGHYNM9wYI_Q==
x-hs-target-asset
adsscriptloaderstatic/static-1.290/bundles/pixels-release.js
js
www.googletagmanager.com/gtag/
197 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QVBLEQGM0C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52QMSZT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a75055593da8f0aa01527c09b5fe67292443fc0965f0296a7bef30efe3bd837
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72326
x-xss-protection
0
expires
Thu, 11 Aug 2022 16:51:10 GMT
js
www.googletagmanager.com/gtag/
200 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-40GL4R1GJB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52QMSZT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94d876abbaf74de710d5f66c09af9b54c0a063d753f0575095d2442c23c6bfac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73109
x-xss-protection
0
expires
Thu, 11 Aug 2022 16:51:10 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52QMSZT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6550
date
Thu, 11 Aug 2022 15:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 11 Aug 2022 17:02:00 GMT
fbevents.js
connect.facebook.net/en_US/
100 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52QMSZT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26506
x-xss-protection
0
pragma
public
x-fb-debug
8rJ/yNe3Jlz/eZYws4wtgq7/RG2O/kLqSa2eH2zV+MMP1k9Ck/UTnDn1aJGR0B5FmzFZ8dboZAZ37njAO4eFiQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 11 Aug 2022 16:51:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52QMSZT
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 23:25:22 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=75677
accept-ranges
bytes
content-length
3085
bat.js
bat.bing.com/
38 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52QMSZT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2E1B1644C3FB44868153EC6BDE546E42 Ref B: FRAEDGE1420 Ref C: 2022-08-11T16:51:10Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Thu, 11 Aug 2022 16:51:10 GMT
accept-ranges
bytes
content-length
11367
cyh1mk3wfb
www.clarity.ms/tag/
2 KB
2 KB
Script
General
Full URL
https://www.clarity.ms/tag/cyh1mk3wfb?ref=gtm2
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
527d854fcb583ce866576bca5829c644d8e5b593e9822025124390e42500246f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
x-powered-by
ASP.NET
x-azure-ref
0fjP1YgAAAAD1Jl8MWHFaRrCnHIp2R8OwVklFRURHRTA3MTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Lato:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://campaign.tifinwealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:08:09 GMT
x-content-type-options
nosniff
age
171781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 17:08:09 GMT
tifinwealth
api.chilipiper.com/api/v1/match-cluster/
22 B
680 B
Fetch
General
Full URL
https://api.chilipiper.com/api/v1/match-cluster/tifinwealth
Requested by
Host: js.na.chilipiper.com
URL: https://js.na.chilipiper.com/marketing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.73.67 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
67.73.111.34.bc.googleusercontent.com
Software
/
Resource Hash
cb9a982e86da64af618323f4f17a7c13f87fec280d8d1b23b2a9bf946ff15bbb
Security Headers
Name Value
Content-Security-Policy default-src https:; report-uri /api/v1/reporting/browser
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src https:; report-uri /api/v1/reporting/browser
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https:; report-uri /api/v1/reporting/browser
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
access-control-allow-origin
https://campaign.tifinwealth.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options
deny
date
Thu, 11 Aug 2022 16:51:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
*
content-type
application/json
via
1.1 google
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin,Cookie,Authorization,x-cluster-session
x-content-security-policy
default-src https:; report-uri /api/v1/reporting/browser
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3759388&time=1660236668206&url=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3759388%26time%3D1660236668206%26url%3Dhttps%253A%252F%252Fcampaign.tifinwealth.c...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3759388&time=1660236668206&url=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3759388&time=1660236668206&url=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&liSync=true&e_ipv6=AQI458im1alF3wAAAYKN0SkLWJ0jnT...
0
266 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3759388&time=1660236668206&url=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&liSync=true&e_ipv6=AQI458im1alF3wAAAYKN0SkLWJ0jnTJPYKWnY8hII1BFxvnQaQamz1lDLZYBpAoq3502whE1
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 41BE74E7282C49E49D03D84807E9728B Ref B: FRAEDGE1207 Ref C: 2022-08-11T16:51:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXl+fkKuy+YEsHn06hm5w==
x-li-fabric
prod-lva1

Redirect headers

date
Thu, 11 Aug 2022 16:51:10 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3CA9584097C54244A3721CF884340A17 Ref B: FRAEDGE1416 Ref C: 2022-08-11T16:51:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3759388&time=1660236668206&url=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&liSync=true&e_ipv6=AQI458im1alF3wAAAYKN0SkLWJ0jnTJPYKWnY8hII1BFxvnQaQamz1lDLZYBpAoq3502whE1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXl+fkH9SsHbNZMoEI+CQ==
widget
campaign.tifinwealth.com/_hcms/livechat/
286 B
1 KB
XHR
General
Full URL
https://campaign.tifinwealth.com/_hcms/livechat/widget?portalId=7088340&conversations-embed=static-1.10527&mobile=false&messagesUtk=f083aa7a59494bd785b53dd680b911a6&traceId=f083aa7a59494bd785b53dd680b911a6
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b07e225ec704e0bf306a89c5b3e12a06aa5f3a81fd6b498f6c90ca531bb802d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer
https://campaign.tifinwealth.com/invest/demo/offball
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://campaign.tifinwealth.com/invest/demo/offball

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
97767717-7edb-47c8-ae10-1302db3125c5
server
cloudflare
x-trace
2BD139630961AC31CDBFE00A66BF2978F30BE1D2F2000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ng5WSj2LCldEGdBq0E0lnzCu2QUZcNUrbdbxDCeHHrYG0RIVHaPRAYQmoQJMlXr4alREDUzQ93C%2BREoWjyfnnHTszVTE3ww0lxQ7fqzrK44jDjdCFCK7vila%2BwI3HTSdrBlYELZPqziovYGnVwuGbBxkS7Gmeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
739279795a889bbf-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
identity.js
connect.facebook.net/signals/plugins/
64 KB
20 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.73
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
Ckv9+MOLHo7oYZIOK26iTcRupF95X7wvitXdFrzDUqyFODyAr0helui8lTEu/jjM4kjQxtUyhLBZinBK67iGXA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 11 Aug 2022 16:51:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1417258402037482
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1417258402037482?v=2.9.73&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a4d27c4094e50a5bbbd56e6ae85f1beaff4a227624a7d44f2157c08e36ae74bc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
lAAI6cP+sfcq5sP1fi/GtQiWtywwUawYtWl6fYwIDA9q0Z9H4Ym0712y/iE6Qk+2+cWsDOkZ80sWT0jj7LPpeg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 11 Aug 2022 16:51:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1660236671076
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
json
forms.hubspot.com/collected-forms/v1/config/
115 B
1 KB
XHR
General
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=7088340&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c8e58eb16545592e89ccc8afe41dd7f13bf98d1f67b6f3e8328f3c0f302a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://campaign.tifinwealth.com/invest/demo/offball
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
5de84481-d660-4246-a414-f0f0a00d5b10
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZSGe61udFsTWSWTXcsT4jcBfou2L96ftV9CcAVyXePNe7JUySeTq%2BwVIE4GSGvOWBuLgN96tDiVKw%2FAwhTm8U6sy4iyfuNH5OkOzARsmHiXwPNz0f%2BmBYgjiKArr2ldqW9wucIFwM3Vj3ivDwwC"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://campaign.tifinwealth.com
x-robots-tag
none
access-control-allow-credentials
false
cf-ray
73927979cbef9208-FRA
access-control-allow-headers
*
collect
region1.google-analytics.com/g/
0
353 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-40GL4R1GJB&gtm=2oe880&_p=320380522&gcs=G100&cid=1151742588.1660236668&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660236668&sct=1&seg=0&dl=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&dt=Request%20a%20TIFIN%20Invest%20Demo&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-40GL4R1GJB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 16:51:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://campaign.tifinwealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
137038800.js
bat.bing.com/p/action/
0
118 B
Script
General
Full URL
https://bat.bing.com/p/action/137038800.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B2701BFFD8CC467682E4C9F3141DC049 Ref B: FRAEDGE1420 Ref C: 2022-08-11T16:51:10Z
date
Thu, 11 Aug 2022 16:51:11 GMT
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
174 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=137038800&tm=gtm002&Ver=2&mid=e956422b-beee-4fff-b662-4d55af1dae9e&sid=cc0f9d70199511eda198f93b0939d67b&vid=cc0fb360199511eda1be4326dce3bb0b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Request%20a%20TIFIN%20Invest%20Demo&p=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&r=&lt=1781&evt=pageLoad&sv=1&rn=503844
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D27C76A4344546099971F762D9164E89 Ref B: FRAEDGE1420 Ref C: 2022-08-11T16:51:10Z
date
Thu, 11 Aug 2022 16:51:11 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QVBLEQGM0C&gtm=2oe880&_p=320380522&gcs=G100&cid=1151742588.1660236668&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660236668&sct=1&seg=0&dl=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&dt=Request%20a%20TIFIN%20Invest%20Demo&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVBLEQGM0C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 16:51:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://campaign.tifinwealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=320380522&t=pageview&_s=1&dl=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&ul=en-us&de=UTF-8&dt=Request%20a%20TIFIN%20Invest%20Demo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1283337397&gjid=955897762&cid=1151742588.1660236668&tid=UA-217783378-1&_gid=788977498.1660236668&_r=1&gtm=2wg88052QMSZT&z=430331474
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://campaign.tifinwealth.com/invest/demo/offball
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 16:51:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://campaign.tifinwealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus-f/s/0.6.37/
53 KB
23 KB
Script
General
Full URL
https://www.clarity.ms/eus-f/s/0.6.37/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cyh1mk3wfb?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:10 GMT
content-encoding
br
etag
"1d8aa4ff65ff896"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0fzP1YgAAAACJgd0Pdgb2QJxGf/P+QdKAVklFRURHRTA3MTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges
bytes
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
inbound_router_offball
api.na.chilipiper.com/marketing/inbound-router/enabled/tifinwealth/
15 B
511 B
Fetch
General
Full URL
https://api.na.chilipiper.com/marketing/inbound-router/enabled/tifinwealth/inbound_router_offball
Requested by
Host: js.na.chilipiper.com
URL: https://js.na.chilipiper.com/marketing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.224.162 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
162.224.111.34.bc.googleusercontent.com
Software
/
Resource Hash
bbd02bf9a14d02d41f6b78dd36c79838d910f5a22937722109bf0035254b62f8
Security Headers
Name Value
Content-Security-Policy default-src https:; report-uri /api/v1/reporting/browser
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src https:; report-uri /api/v1/reporting/browser
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https:; report-uri /api/v1/reporting/browser
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
access-control-allow-origin
https://campaign.tifinwealth.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options
deny
date
Thu, 11 Aug 2022 16:51:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
*
content-type
application/json
via
1.1 google
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin,Cookie,Authorization,x-cluster-session
x-content-security-policy
default-src https:; report-uri /api/v1/reporting/browser
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1417258402037482&ev=PageView&dl=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&rl=&if=false&ts=1660236668445&sw=1600&sh=1200&v=2.9.73&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1660236668444.2107477051&it=1660236668227&coo=false&tm=1&rqm=GET
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 11 Aug 2022 16:51:11 GMT
collect
stats.g.doubleclick.net/j/
4 B
448 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-217783378-1&cid=1151742588.1660236668&jid=1283337397&gjid=955897762&_gid=788977498.1660236668&_u=YAhAAEAAAAAAAC~&z=1414922561
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://campaign.tifinwealth.com/invest/demo/offball
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 11 Aug 2022 16:51:11 GMT
content-type
text/plain
access-control-allow-origin
https://campaign.tifinwealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
counters.gif
forms.hsforms.com/embed/v3/
35 B
516 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
cbd17540-1215-4912-aa60-5eaaae77f825
cf-ray
7392797b0c1168fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
server
cloudflare
x-trace
2B690426337EBED9021AF837F8A074384CD6F774E2000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
inbound_router_offball
api.na.chilipiper.com/marketing/inbound-router/redirect/tifinwealth/
171 B
162 B
Fetch
General
Full URL
https://api.na.chilipiper.com/marketing/inbound-router/redirect/tifinwealth/inbound_router_offball
Requested by
Host: js.na.chilipiper.com
URL: https://js.na.chilipiper.com/marketing.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.224.162 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
162.224.111.34.bc.googleusercontent.com
Software
/
Resource Hash
c4ae5daa54b09ef07b8a8a676b02c4d26742a3fe7842a91a70f3096eeceaba2f
Security Headers
Name Value
Content-Security-Policy default-src https:; report-uri /api/v1/reporting/browser
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src https:; report-uri /api/v1/reporting/browser
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https:; report-uri /api/v1/reporting/browser
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
access-control-allow-origin
https://campaign.tifinwealth.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options
deny
date
Thu, 11 Aug 2022 16:51:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
*
content-type
application/json
via
1.1 google
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin,Cookie,Authorization,x-cluster-session
x-content-security-policy
default-src https:; report-uri /api/v1/reporting/browser
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-217783378-1&cid=1151742588.1660236668&jid=1283337397&_u=YAhAAEAAAAAAAC~&z=1352961655
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 16:51:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-217783378-1&cid=1151742588.1660236668&jid=1283337397&_u=YAhAAEAAAAAAAC~&z=1352961655
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 16:51:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
m.clarity.ms/
0
181 B
XHR
General
Full URL
https://m.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-f/s/0.6.37/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.124.64 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://campaign.tifinwealth.com/invest/demo/offball
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://campaign.tifinwealth.com
date
Thu, 11 Aug 2022 16:51:10 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=AA3BA86E0FBD450FAED34C135192DDC6&RedC=c.clarity.ms&MXFR=0773ACD216F16C72329EBD2F12F1626D
  • https://c.clarity.ms/c.gif?CtsSyncId=AA3BA86E0FBD450FAED34C135192DDC6&MUID=17C24B33998A6CA3112C5ACE98E16D5B
42 B
369 B
Image
General
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=AA3BA86E0FBD450FAED34C135192DDC6&MUID=17C24B33998A6CA3112C5ACE98E16D5B
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 16:51:10 GMT
last-modified
Thu, 28 Jul 2022 20:41:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"82531c78c2a2d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 11 Aug 2022 16:51:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2B8B9036853D4253BD5DD297E3010684 Ref B: FRAEDGE1420 Ref C: 2022-08-11T16:51:11Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=AA3BA86E0FBD450FAED34C135192DDC6&MUID=17C24B33998A6CA3112C5ACE98E16D5B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/
170 B
945 B
XHR
General
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7088340
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb0f8943615fc3c8cd5c3ac2063d07d769d4b43958caa91114329ed664164e7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
25d1f904-f3b2-4708-b082-694d74164684
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B70ABDB96BF496DAB4798F05EDA7A70AC3E54142B000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NG%2F%2FH00JYD7dUdWE46F68NK5Rp4344tHAbfHHC1MoGEF1wlrkzfoK67mjYcINT1m0GNDbrMO%2FBmMjGkTy86qPrf8GD7B80WXZWPl%2FZxvroHf03jsLGg7mFXKiuRzzuBIhLW2FPNFcNMIY9SZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://campaign.tifinwealth.com
access-control-allow-credentials
false
cf-ray
7392797d3ba16987-FRA
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/
45 B
363 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=d7cb4ad7-e2d5-45eb-b40c-ce67dcef1f6e&fci=56f08f57-2327-42cf-be0b-277cfa8997d7&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=51757497&v=1.1&a=7088340&pi=80135075982&ct=landing-page&ccu=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&cpi=80135075982&lpi=80135075982&lvi=80135075982&lvc=en&pu=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&t=Request+a+TIFIN+Invest+Demo&cts=1660236668805&vi=8113b06d22e05d85cced836535da0602&nc=true&u=264881424.8113b06d22e05d85cced836535da0602.1660236668797.1660236668797.1660236668797.1&b=264881424.1.1660236668797&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
87346f2d-3b28-420b-b0bf-14d972534605
cf-ray
7392797d2e415b6e-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTJVZRSSZi5QhFgoH3XJibp%2BKK7syN8Jm%2FXwM4FQf%2Bh6G5NGuAVurxpilPg%2FwhwH3nNYkGsFoNqNYC5FDStE4qs6%2BAg6fcveas%2FSUJAQr8WrOPxUqreaETvzpJvVl613J1AQXIPAm6c%2B64Peq5W8"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
358 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=d7cb4ad7-e2d5-45eb-b40c-ce67dcef1f6e&fci=56f08f57-2327-42cf-be0b-277cfa8997d7&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=51757497&v=1.1&a=7088340&pi=80135075982&ct=landing-page&ccu=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&cpi=80135075982&lpi=80135075982&lvi=80135075982&lvc=en&pu=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&t=Request+a+TIFIN+Invest+Demo&cts=1660236668811&vi=8113b06d22e05d85cced836535da0602&nc=true&u=264881424.8113b06d22e05d85cced836535da0602.1660236668797.1660236668797.1660236668797.1&b=264881424.1.1660236668797&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
3653524d-4c80-4c30-b2ba-84831bc99797
cf-ray
7392797d2e435b6e-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDAGH4KrmwXuVx7KooBtbXQ5bxX7IVush1x4wJc6AF8BYdejo%2F%2BKUUED9ZbKIWr9yDywh2OKtxtwlu6HySEOXccDgkL3x0nltLVuIl%2BDzq0AHj411pTjbAY47nQ0%2FFL3q1Pl0t1nl5lzN7GYiKyR"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
522 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=51757497&v=1.1&a=7088340&pi=80135075982&ct=landing-page&ccu=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&cpi=80135075982&lpi=80135075982&lvi=80135075982&lvc=en&pu=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&t=Request+a+TIFIN+Invest+Demo&cts=1660236668812&vi=8113b06d22e05d85cced836535da0602&nc=true&u=264881424.8113b06d22e05d85cced836535da0602.1660236668797.1660236668797.1660236668797.1&b=264881424.1.1660236668797&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
7d3b27b4-c902-4e11-b7c4-936c4c0fd9e6
cf-ray
7392797d2e485b6e-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjQGl6PRDygMb1ChhWrjrf6U58VpV2vfHfXEtlnHSQUpnDAUCTkQc%2BS5NY0FogYneHjqjMchUpYEy9FFkEtKUJ6P3UpQCMCwMhObqu2cUzAIpib9IqzsqXtOXaVvS0LIXFfFHe57Gu8pzT4Qatrd"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1417258402037482&ev=Microdata&dl=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&rl=&if=false&ts=1660236668955&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Request%20a%20TIFIN%20Invest%20Demo%22%2C%22meta%3Adescription%22%3A%22Go%20From%20Prospect%20to%20Proposal%20in%20Minutes%20with%20TIFIN%20Invest.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Go%20From%20Prospect%20to%20Proposal%20in%20Minutes%20with%20TIFIN%20Invest.%22%2C%22og%3Atitle%22%3A%22Request%20a%20TIFIN%20Invest%20Demo%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.73&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1660236668444.2107477051&it=1660236668227&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 11 Aug 2022 16:51:11 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:51:11 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 23:25:22 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=75676
accept-ranges
bytes
content-length
3085
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=320380522&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcampaign.tifinwealth.com%2Finvest%2Fdemo%2Foffball&ul=en-us&de=UTF-8&dt=Request%20a%20TIFIN%20Invest%20Demo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1hyxeki&_u=aDhAAEABAAAAAC~&jid=&gjid=&cid=1151742588.1660236668&tid=UA-217783378-1&_gid=788977498.1660236668&gtm=2wg88052QMSZT&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fcyh1mk3wfb%2F14yfn7d%2F1hyxeki&z=1666505910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.tifinwealth.com/invest/demo/offball
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 20:03:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74841
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
m.clarity.ms/
0
48 B
XHR
General
Full URL
https://m.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-f/s/0.6.37/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.124.64 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://campaign.tifinwealth.com/invest/demo/offball
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://campaign.tifinwealth.com
date
Thu, 11 Aug 2022 16:51:11 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
perf
campaign.tifinwealth.com/_hcms/
2 B
457 B
XHR
General
Full URL
https://campaign.tifinwealth.com/_hcms/perf
Requested by
Host: campaign.tifinwealth.com
URL: https://campaign.tifinwealth.com/invest/demo/offball
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://campaign.tifinwealth.com/invest/demo/offball
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 11 Aug 2022 16:51:14 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
00ae132c-4ecc-4700-8742-f26abe9b5b08
x-hs-https-only
worker
content-length
2
server
cloudflare
x-trace
2BF294225F2A9C55CF6690415A7A5AC0F638737083000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMrhfXr%2FPlkxa7DPy0xoESfRSSC87t%2F%2FxqHzLKDs9wCVImvaVZsyAjHef65BX%2FYT728oiZQxn15UokatPt35lYiMa%2F65WJn6dAjXbKoLRI%2FPREfDUI7EadNqnSO9GPMGWe1r%2FCAC1zR%2F%2FlLmDu%2Fn7DmCPJ%2FZwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-robots-tag
none
access-control-allow-credentials
false
cf-ray
7392798f9e0c9bbf-FRA

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| hsjQuery object| _hsp function| hsLoadGtm boolean| useGoogleConsentMode function| gtag object| dataLayer boolean| _hsGtmLoadOnce boolean| _hsGoogleConsentRunOnce object| jQuery17104904951547142067 object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwestPatched function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| options object| HSFR object| _hsq function| q object| ChiliPiper function| jsonpHandler object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids string| _linkedin_data_partner_id function| clarity function| parcelRequire9fc0 object| regeneratorRuntime boolean| PIXELS_RAN object| __hsCollectedFormsDebug function| lintrk boolean| _already_called_lintrk boolean| hubspot_live_messages_running object| HubSpotConversations function| UET function| UET_init function| UET_push function| onYouTubeIframeAPIReady object| gaGlobal object| ueto_de804cfbd7 object| uetq object| gaplugins object| gaData boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| _linkedin_data_partner_ids

32 Cookies

Domain/Path Name / Value
.campaign.tifinwealth.com/ Name: __cfruid
Value: 4332493384134cdf584bd2d1dfd97c5d8a6549e0-1660236670
.campaign.tifinwealth.com/ Name: __cf_bm
Value: YSFX25_1rZNUi4zwZTYM58isAEAFu0aC1vCwgFULlaQ-1660236670-0-Aeik1ULHZLEaUKQHYbN2SF2PLXQwUmRWX+erRdXm/MIRswlaO7hpYIG9mC5u56w9IlNcQafSa1oOrhhRSF8AnPU=
.tifinwealth.com/ Name: _gcl_au
Value: 1.1.1896842294.1660236668
.hubspot.com/ Name: __cf_bm
Value: ANWeGZJMRd_P77ZzIeK_T8LcMlopaD9K7RzfX5g4r2Q-1660236670-0-Aa8Lq5RR1hGdt6kdgLB+Lyn6iOdTU1ZYf6Lz3rm2JEDIBk0iewttJb5jlJOP1tbvR4HsX6aJJnSMpdSNyJk54E0=
.bing.com/ Name: MUID
Value: 17C24B33998A6CA3112C5ACE98E16D5B
.tifinwealth.com/ Name: _uetsid
Value: cc0f9d70199511eda198f93b0939d67b
.tifinwealth.com/ Name: _uetvid
Value: cc0fb360199511eda1be4326dce3bb0b
www.clarity.ms/ Name: CLID
Value: bab956ab332447ec8d6727fc0ec8dab2.20220811.20230811
.tifinwealth.com/ Name: _ga
Value: GA1.2.1151742588.1660236668
.tifinwealth.com/ Name: _gid
Value: GA1.2.788977498.1660236668
.tifinwealth.com/ Name: _gat_UA-217783378-1
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQK_UByOZ-798gAAAYKN0Sgdq1AW2p3irhdAWxMPeT_BNv6gc5giTBg1mlUZQmpiSe0f2M-RD6sznA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKQX-2IluiD2AAAAYKN0Sge5-6dUfFf8k5IWlOuvzmlTOPBSBKZCgRw3pEjcuwBZIEpUBy8sy26z3FphDKOhg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b536c94b-f2aa-48c4-82ec-70877eb640fe"
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2350:u=1:x=1:i=1660236671:t=1660323071:v=2:sig=AQHnDTVapsN5cm5ZNP8E8pn2DbH9gEWR"
.tifinwealth.com/ Name: _fbp
Value: fb.1.1660236668444.2107477051
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220811165111819aee68-f50b-4d72-859e-7c0bb8c17946AQH2C8z3VStkslp4gzj6qIsIv7pQ4CfM"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjAyMzY2NzE7MjswMjELihrwSjPm2yMKzAo3eW+GlzBEj4TrzIKs8YJ3C18UPw==
.tifinwealth.com/ Name: _clck
Value: 14yfn7d|1|f3x|0
.tifinwealth.com/ Name: _ga_40GL4R1GJB
Value: GS1.1.1660236668.1.0.1660236668.0
.tifinwealth.com/ Name: _ga_QVBLEQGM0C
Value: GS1.1.1660236668.1.0.1660236668.0
.tifinwealth.com/ Name: __hstc
Value: 264881424.8113b06d22e05d85cced836535da0602.1660236668797.1660236668797.1660236668797.1
.tifinwealth.com/ Name: hubspotutk
Value: 8113b06d22e05d85cced836535da0602
.tifinwealth.com/ Name: __hssrc
Value: 1
.tifinwealth.com/ Name: __hssc
Value: 264881424.1.1660236668797
.c.bing.com/ Name: SRM_B
Value: 17C24B33998A6CA3112C5ACE98E16D5B
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 17C24B33998A6CA3112C5ACE98E16D5B
.c.clarity.ms/ Name: ANONCHK
Value: 0
.tifinwealth.com/ Name: _clsk
Value: 1hyxeki|1660236668994|1|1|m.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7088340.fs1.hubspotusercontent-na1.net
api.chilipiper.com
api.hubapi.com
api.na.chilipiper.com
app.hubspot.com
bat.bing.com
c.bing.com
c.clarity.ms
campaign.tifinwealth.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.na.chilipiper.com
js.usemessages.com
m.clarity.ms
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
stats.g.doubleclick.net
track.hubspot.com
u26175440.ct.sendgrid.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.107.42.14
167.89.115.54
20.120.124.64
20.234.93.27
2001:4860:4802:32::36
2606:2c40::c73c:67e4
2606:4700:4400::6812:2128
2606:4700:4400::6812:21ab
2606:4700::6810:5605
2606:4700::6811:44b0
2606:4700::6811:73b0
2606:4700::6811:7fab
2606:4700::6811:cbcc
2606:4700::6811:eccc
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:27::cafe:1375
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:803::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c1b::9a
2a02:26f0:3500:16::215:149b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.111.224.162
34.111.73.67
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
0370a4223069208a01c9a4c3f1ba1da1954f4bbad2ab3ec4467d29f7ff77a7b0
061b143bf1f0f58a3c2ee6cf23b9c27741dfe86d3cd23786357fd1f5cf3936fd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11c8e58eb16545592e89ccc8afe41dd7f13bf98d1f67b6f3e8328f3c0f302a10
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
2094c2b2bda2c2927d2fdb1fa35a847ce18d8ea11a254313739ceacab8604bcf
22d6b271e396f13ee91fdb0c18a2e05249f8a5800f7dc9dfddcb7abb1eca42be
2b1b655a758f5f717fe35141af737335672c8047e57c90f82e5d501009ea18b2
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
37ffbdd930d2a92273187473e6e4c722eb631a4dfcd6183e136ab405401631ab
3a75055593da8f0aa01527c09b5fe67292443fc0965f0296a7bef30efe3bd837
3f76aacb110ac89c36935a5bcd14b6a9cf665777399a67c2d99e0978b714febd
408a85a7265a81c75209ab66f1b639d2b73631c362cbf1d2dc3bad6ade2ec706
46894befc4fb3d5a36fc78b7ba545567ccb7ea45424a4c170358c092683b3358
527d854fcb583ce866576bca5829c644d8e5b593e9822025124390e42500246f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f97b5cacb96b8cdf7acdd28aa019264135002d949e4aa951677751e7ba70f61
71ab148cfc90acf719758d5afa6afe0e131647522a2516616e494b7469235752
775f8f64121459469d70ff4d8f4e6d7758b6dac66d40823dfecce111e9e3aaca
7a0ede77734d17eaa515d0fe76320268ef3647c49b906a4e6a9e7bd2e79f1937
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
94d876abbaf74de710d5f66c09af9b54c0a063d753f0575095d2442c23c6bfac
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f
9bbf78a1e410a61674f693294c3d61289e4e84f2b678a6832bbe69acf3374b96
9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4d27c4094e50a5bbbd56e6ae85f1beaff4a227624a7d44f2157c08e36ae74bc
a515174166bbb2f1a418f3b82d1f744f0aa9a052e81b4af568165c86a2e4b7bb
b07e225ec704e0bf306a89c5b3e12a06aa5f3a81fd6b498f6c90ca531bb802d2
ba598c6240c66462aa2341033c1de4799eab9f2dbe33793757c58f2c38337237
bbd02bf9a14d02d41f6b78dd36c79838d910f5a22937722109bf0035254b62f8
be8fbf15ea59c37c3f6ae6ad36dac45ec554552e583f6e111b638677049d16c3
c09332326d7e70e0623cd6bd5b3b5bf25ed4f55f92f7b90291ebe4cc9ce9130d
c3524dc6627c7cf48c9af93af92ff0b074b6e1f4da8c060828ae9216997f8663
c378f7bbc49aceb3b5c2e42d6b5c2749c00634aea30b458b597a675d8d2dc722
c4ae5daa54b09ef07b8a8a676b02c4d26742a3fe7842a91a70f3096eeceaba2f
c7419f897a756e27102f4034fb859f437d722750282fdc13341fa68f4bd9ab5b
cb0f8943615fc3c8cd5c3ac2063d07d769d4b43958caa91114329ed664164e7e
cb9a982e86da64af618323f4f17a7c13f87fec280d8d1b23b2a9bf946ff15bbb
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de0cbec72bbbc315bc3299c92a6ccfdee0cfa9cc921308354d896de677c1e222
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
ea2ffede896a8727d9691452b1314e64ac7d2932896e89920599392ba33dd6f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26b5633d0577a58588a9c912e7a04badd4df1667411df0266516dedb2a3b7e5
f90fe26026a26e624ebfa21d01bd03ed7302f8ac1e0ee8365a9ca1800b098e85