security.hafenfinancialpresents.com Open in urlscan Pro
35.202.21.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://security.hafenfinancialpresents.com/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On December 01 via api (December 1st 2023, 10:48:29 am UTC) from IT — Scanned from IT

Summary HTTP 106 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 23 domains to perform 106 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is security.hafenfinancialpresents.com.
TLS certificate: Issued by R3 on November 30th 2023. Valid for: 3 months.

This is the only time security.hafenfinancialpresents.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
7	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.155.139.94 18.155.139.94	16509 (AMAZON-02) (AMAZON-02)
2	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	65.9.66.4 65.9.66.4	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.155.153.28 18.155.153.28	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
3	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.7.16 108.138.7.16	16509 (AMAZON-02) (AMAZON-02)
1	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	65.9.66.29 65.9.66.29	16509 (AMAZON-02) (AMAZON-02)
1 4	2600:9000:264... 2600:9000:2644:3e00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:bf61:ba9a:8199:2b0f	16509 (AMAZON-02) (AMAZON-02)
106	29

4 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

security.hafenfinancialpresents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
advisorsdigitaledgeseminars.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
advisorsdigitaledge.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.139.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-139-94.ham50.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 65.9.66.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-4.fra56.r.cloudfront.net

widget.surveymonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod.smassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.surveymonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.smassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.153.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-28.ham50.r.cloudfront.net

www.surveymonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-16.fra56.r.cloudfront.net

cdn.signalfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-29.fra56.r.cloudfront.net

prod.smassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2644:3e00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:bf61:ba9a:8199:2b0f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	smassets.net prod.smassets.net — Cisco Umbrella Rank: 17733 cdn.smassets.net — Cisco Umbrella Rank: 18095	2 MB
14	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 48	291 KB
14	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340 maps.googleapis.com — Cisco Umbrella Rank: 357	524 KB
8	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3473 i.vimeocdn.com — Cisco Umbrella Rank: 3277 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3477	349 KB
8	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 39917	4 KB
8	gstatic.com fonts.gstatic.com maps.gstatic.com www.gstatic.com	206 KB
7	center.io js.center.io — Cisco Umbrella Rank: 48396	28 KB
5	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3061 d.adroll.com — Cisco Umbrella Rank: 1380	27 KB
5	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 45323	136 KB
4	surveymonkey.com widget.surveymonkey.com — Cisco Umbrella Rank: 46310 www.surveymonkey.com — Cisco Umbrella Rank: 16290 secure.surveymonkey.com — Cisco Umbrella Rank: 20048	27 KB
3	lpages.co advisorsdigitaledgeseminars.lpages.co advisorsdigitaledge.lpages.co	119 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	google.com 1 redirects maps.google.com — Cisco Umbrella Rank: 2444 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1911 vimeo.com — Cisco Umbrella Rank: 1819	11 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
1	signalfx.com cdn.signalfx.com — Cisco Umbrella Rank: 14174 rum-ingest.us1.signalfx.com Failed	41 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988	7 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 10163	756 B
1	cloudfront.net d10lpsik1i8c69.cloudfront.net	3 KB
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 57016	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	64 KB
1	hafenfinancialpresents.com security.hafenfinancialpresents.com	25 KB
106	23

	Domain	Requested by
14	lh3.googleusercontent.com	security.hafenfinancialpresents.com advisorsdigitaledgeseminars.lpages.co advisorsdigitaledge.lpages.co
13	prod.smassets.net	security.hafenfinancialpresents.com www.surveymonkey.com prod.smassets.net
9	maps.googleapis.com	www.google.com maps.googleapis.com security.hafenfinancialpresents.com
8	api.leadpages.io	js.center.io static.leadpages.net
7	js.center.io	security.hafenfinancialpresents.com js.center.io advisorsdigitaledgeseminars.lpages.co advisorsdigitaledge.lpages.co
5	static.leadpages.net	security.hafenfinancialpresents.com static.leadpages.net advisorsdigitaledgeseminars.lpages.co
4	s.adroll.com	1 redirects security.hafenfinancialpresents.com s.adroll.com
4	f.vimeocdn.com	player.vimeo.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	security.hafenfinancialpresents.com advisorsdigitaledgeseminars.lpages.co advisorsdigitaledge.lpages.co
3	www.gstatic.com	f.vimeocdn.com www.gstatic.com
3	i.vimeocdn.com	player.vimeo.com
2	cdn.smassets.net	www.surveymonkey.com cdn.smassets.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	advisorsdigitaledgeseminars.lpages.co	static.leadpages.net
2	widget.surveymonkey.com	security.hafenfinancialpresents.com widget.surveymonkey.com
2	connect.facebook.net	security.hafenfinancialpresents.com connect.facebook.net
1	d.adroll.com	s.adroll.com
1	vimeo.com	f.vimeocdn.com
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	cdn.signalfx.com	www.surveymonkey.com
1	secure.surveymonkey.com	www.surveymonkey.com
1	maps.gstatic.com	www.google.com
1	maxcdn.bootstrapcdn.com	advisorsdigitaledge.lpages.co
1	www.surveymonkey.com	ajax.googleapis.com
1	www.facebook.com	security.hafenfinancialpresents.com
1	ajax.googleapis.com	widget.surveymonkey.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	advisorsdigitaledge.lpages.co	static.leadpages.net
1	www.google.com	security.hafenfinancialpresents.com
1	maps.google.com	1 redirects
1	player.vimeo.com	security.hafenfinancialpresents.com
1	d10lpsik1i8c69.cloudfront.net	security.hafenfinancialpresents.com
1	embed.lpcontent.net	security.hafenfinancialpresents.com
1	www.googletagmanager.com	security.hafenfinancialpresents.com
1	security.hafenfinancialpresents.com
0	rum-ingest.us1.signalfx.com Failed	cdn.signalfx.com
106	37

This site contains links to these domains. Also see Links.

Domain
www.surveymonkey.com
hafenfinancial.com
www.enable-javascript.net

Subject Issuer	Validity	Valid
security.hafenfinancialpresents.com R3	`2023-11-30` - `2024-02-28`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2023-10-16` - `2024-01-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
embed.lpcontent.net GTS CA 1D4	`2023-12-01` - `2024-02-29`	3 months	crt.sh
js.center.io GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-09` - `2023-12-08`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
surveymonkey.com Amazon RSA 2048 M03	`2023-11-16` - `2024-12-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.lpages.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.leadpages.io R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
*.signalfx.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-16` - `2024-11-15`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-11-03` - `2024-02-01`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://security.hafenfinancialpresents.com/
Frame ID: 3421C209EC5B5DA1415695343D8E0B1E
Requests: 41 HTTP requests in this frame

Frame: https://player.vimeo.com/video/268663823
Frame ID: 1A6C799B8579A2B44712B8DD1F2AB051
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sHafen+Financial,+1626+A.+Plaza+Way,+Walla+Walla,+WA!6i13
Frame ID: 1A3605135FD6B519DF1EAEAE7635A394
Requests: 12 HTTP requests in this frame

Frame: https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/yK4VpcaC9xtkJYF2GXos2h/
Frame ID: D691632EDA6742C1990E4E26E85D57E1
Requests: 6 HTTP requests in this frame

Frame: https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/fbrGnLofZFAproQLZkbXwU/
Frame ID: 73348E1BF0BDA77014761BA0E0FD6B47
Requests: 6 HTTP requests in this frame

Frame: https://advisorsdigitaledge.lpages.co/serve-leadbox/rPB5y8nMhphtwVFSVr6RnJ/
Frame ID: 4AD3782411371F9B581CDE54D139E6CA
Requests: 6 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 1BF93D364BDE264FC5189B28C66788F7
Requests: 1 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
Frame ID: 6CA83BE6699DF732AD13DE038B2F58A3
Requests: 2 HTTP requests in this frame

Frame: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1
Frame ID: B0CFE3F8F0333B1F2CEA84B880B5C91F
Requests: 18 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 86D7E4279CA3A67A43FB80A7D1980003
Requests: 1 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: EBA6757CFAF8C54C256EA68001A2CAA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Social Security OnDemand Seminar

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

106
Requests

98 %
HTTPS

55 %
IPv6

23
Domains

37
Subdomains

29
IPs

4
Countries

3601 kB
Transfer

13153 kB
Size

16
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.surveymonkey.com/?ut_source=powered_by&ut_source2=new_website_collector
Title: powered by

Search URL Search Domain Scan URL

URL: https://hafenfinancial.com/
Title: www.HafenFinancial.com

Search URL Search Domain Scan URL

URL: https://www.enable-javascript.net/
Title: activage javascript

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://maps.google.com/maps?q=Hafen%20Financial%2C%201626%20A.%20Plaza%20Way%2C%20Walla%20Walla%2C%20WA%20&t=&z=13&ie=UTF8&iwloc=&output=embed HTTP 301
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sHafen+Financial,+1626+A.+Plaza+Way,+Walla+Walla,+WA!6i13

Request Chain 98

https://s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

106 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
security.hafenfinancialpresents.com/ 126 KB
25 KB 722ms
314ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

ca88bc8a2e624938a13db01285aa7006eb6fbb0c3f3ce2b0675512cb1a05a65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Fri, 01 Dec 2023 10:48:23 GMT
etag: W/"53140f6b6aba3ffbec440431c0ca334a"
last-modified: Tue, 04 Apr 2023 19:33:07 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 81ms
19ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:26:01 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 1534942
etag: "CffC8Q"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 048c7f83dd5bf9a002c70df9efe81ada
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Tue, 12 Nov 2024 16:26:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 141ms
60ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

757b52cddbf665cd40625461e49d89b01fbce69169bcf95389fe72e1217db4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 10:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 10:48:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 10:48:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 202ms
60ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134632641-27

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6cd8301ed4af18dd47b1a1055afec71618f8bdbd565a1a370c138ae3a3608696

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64941
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 10:48:23 GMT

GET
H2 200 _5BTHKFG2KUMbjOvZI_BmdL5pm5-R6XMmgwk2eE0Hkt8cax8XrGeGtQd2lWNIb1uGz0ShnuIAo53B8F69i2vIg=s0
lh3.googleusercontent.com/ 4 KB
4 KB 244ms
175ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_5BTHKFG2KUMbjOvZI_BmdL5pm5-R6XMmgwk2eE0Hkt8cax8XrGeGtQd2lWNIb1uGz0ShnuIAo53B8F69i2vIg=s0

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

272e00782301eec87d4a03f8705bae38c491c5b42a7caaf813dcf54057353110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4194
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:23 GMT

GET
H2 200 embed.js Show response
static.leadpages.net/leadboxes/current/ 42 KB
15 KB 22ms
22ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/leadboxes/current/embed.js
Requested by: Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:45:29 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 174
etag: "oHgkWw"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: f35b7917276e5014556d3b5b1172b130
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Fri, 01 Dec 2023 10:50:29 GMT

GET
H2 200 BafnXOeqO0EdEE2_k6XEeiH189HhT-_TwXDJDHBXmx8_8ShRnEJ8WgToDXLNDPOtSn09kRl2SWPwwbT90Mp5gQ=w16
lh3.googleusercontent.com/ 4 KB
4 KB 261ms
192ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/BafnXOeqO0EdEE2_k6XEeiH189HhT-_TwXDJDHBXmx8_8ShRnEJ8WgToDXLNDPOtSn09kRl2SWPwwbT90Mp5gQ=w16

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f350c47965ef51cede092ae85337ea29db6abc554cf9c85d681e08d36583b04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3782
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:23 GMT

GET
H2 200 SL1-r6vCXmRvMnOzznc2lIvMvD0WPB0XaCi2T_STJ0lfgPvJqrL8_paNPcDqLozMQpyi9-gZyemcXtO_lxnhCA=w16
lh3.googleusercontent.com/ 675 B
768 B 377ms
376ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/SL1-r6vCXmRvMnOzznc2lIvMvD0WPB0XaCi2T_STJ0lfgPvJqrL8_paNPcDqLozMQpyi9-gZyemcXtO_lxnhCA=w16

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

916d8c34d4eb25b28a6418328131ee9473400214a5660cb1f385674851f12c64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 675
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:23 GMT

GET
H2 200 -2GCuOKSXYnLZfzQP2J1KFHvtzk19Dncl16-9xLr_adwQ6w_9FI77f4fIWrlxrdpmpa2lu1l-sgcZB2mQIIp=w16
lh3.googleusercontent.com/ 790 B
852 B 426ms
425ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-2GCuOKSXYnLZfzQP2J1KFHvtzk19Dncl16-9xLr_adwQ6w_9FI77f4fIWrlxrdpmpa2lu1l-sgcZB2mQIIp=w16

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3a9cc98e6d1897ee8ed2860fea20646e9532d3ed5ce0eb51c8af481036e3f247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 790
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:23 GMT

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 78ms
22ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:46:34 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 109
etag: "oHgkWw"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 2c50a065b84ffa753018c0317f9275dd
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Fri, 01 Dec 2023 10:51:34 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 142ms
42ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:47:42 GMT
content-encoding: gzip
server: Google Frontend
age: 41
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 83bf93e97dc187be504cb274f67532d7
cache-control: public, max-age=300
content-length: 5417
expires: Fri, 01 Dec 2023 10:52:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 89ms
30ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 10:48:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: DXvmcRbtqyW3mASQh2yVUbZeWEFBy10PBNxlMl7HrWP9YgRb90EomwVjtf+zgL9V+tY0YhYB3Px8P8CZ2GKfRg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 161ms
51ms Script
application/javascript 18.155.139.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.139.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-139-94.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 09:59:43 GMT
content-encoding: gzip
via: 1.1 047bd08beb708919e51605064d34f6ec.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-P1
age: 2960
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: _Rhnh9X-X4hLHH73X8MeuQmHd3rbLI6qyf5ngbwDFvzC_8Oo1AMchw==

GET
H/1.1 200
OK 268663823 Show response
player.vimeo.com/video/ Frame 1A6C 20 KB
10 KB 771ms
723ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/268663823

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b551513433d2a4de242352a0e445c1b83010c0bf63b3c9a91c96cf2f89e92769

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security.hafenfinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 82eac1eb2efb0e29-MXP
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Dec 2023 10:48:24 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-mxp6970-MXP
X-Timer: S1701427704.566625,VS0,VE666
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-d998c86cf-dp8gk
x-content-type-options: nosniff
x-host: player-backend-d998c86cf-dp8gk
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H2 200 tRaiETqnLgj758hTBazgd7_2Bnfk9H0eE_2F7b7WozAVYG33Nl4v6KhbA0Uz8a8ksFlC.js Show response
widget.surveymonkey.com/collect/website/js/ 58 KB
14 KB 198ms
70ms Script
application/javascript 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd7_2Bnfk9H0eE_2F7b7WozAVYG33Nl4v6KhbA0Uz8a8ksFlC.js

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

0508bee3bd0ea33e595d096522a5c0b157f5fb496d2f2f443a7cd22291218980

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://secure.surveymonkey.com 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:05:35 GMT
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://secure.surveymonkey.com 'self';
x-content-type-options: nosniff
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 45768
x-cache: Hit from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
sm-request-id: d9S1ECA962jxfIsCpanjD36RSvRgy7KkfQT8kQyix08Hp2jQkVU89A==
x-xss-protection: 1;mode=block
server: nginx
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Server-Timing
x-amz-cf-id: 8ScZ2OFjDyv2pbP1munAgfxjQBRZL1Hz065c8r-DmoiNC0eu-oDr6A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

embed Show response
www.google.com/maps/ Frame 1A36
Redirect Chain

https://maps.google.com/maps?q=Hafen%20Financial%2C%201626%20A.%20Plaza%20Way%2C%20Walla%20Walla%2C%20WA%20&t=&z=13&ie=UTF8&iwloc=&output=embed
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sHafen+Financial,+1626+A.+Plaza+Way,+Walla+Walla,+WA!6i13

3 KB
2 KB

479ms
402ms

Document
text/html

2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sHafen+Financial,+1626+A.+Plaza+Way,+Walla+Walla,+WA!6i13

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

86b8415bd8fe2705c92ff8007d544f7b56241add0d0e23ba2b3dfc49a7f10c33

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-iFVbwD6NecKo_H75Ii_nXA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security.hafenfinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1296
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-iFVbwD6NecKo_H75Ii_nXA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 10:48:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 01 Dec 2023 10:48:23 GMT
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sHafen+Financial,+1626+A.+Plaza+Way,+Walla+Walla,+WA!6i13
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w16
lh3.googleusercontent.com/ 1 KB
1 KB 355ms
355ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w16

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cad509336f8eb04dfaf47fc91cc88c8d1a1646f2f4f9c2c0ca79ee1dd05d45e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1144
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:23 GMT

GET
H2 200 2sHRaUCIRMMdnR4ODsGma1t81PW8gHDQB_ohEZNEuyLVmFDf2skXgtTlL9WzKYeKO1-fPgA5NvjedId7BXblwQ=w16
lh3.googleusercontent.com/ 380 B
451 B 397ms
397ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/2sHRaUCIRMMdnR4ODsGma1t81PW8gHDQB_ohEZNEuyLVmFDf2skXgtTlL9WzKYeKO1-fPgA5NvjedId7BXblwQ=w16

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

decdf198c825c817443bd2299df3947f0e64a5faf578c11819208c204b73ac71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 380
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:23 GMT

GET
H2 200 oY4pObgXizsVJFYW6otJPzxqi5lG3cnDFr53elk_LPzXpkw1Y2Actkd0wS0zdkbW7wwyyNZyHWuIx9NIIHYS=w16
lh3.googleusercontent.com/ 335 B
397 B 320ms
320ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/oY4pObgXizsVJFYW6otJPzxqi5lG3cnDFr53elk_LPzXpkw1Y2Actkd0wS0zdkbW7wwyyNZyHWuIx9NIIHYS=w16

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e532a65de40f24689fd0bb8ca1bd8ddd401bdfb0c6987bcbf1ef2fae1e9dcd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:23 GMT

GET
H3 200 fa-solid-900.woff2
static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/ 78 KB
78 KB 64ms
22ms Font
font/woff2 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Origin: https://security.hafenfinancialpresents.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:11:23 GMT
via: 1.1 google
server: Google Frontend
age: 1931820
etag: "-Aynvg"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: 3b6cc8354575f455c818dcaf32f30d89
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80148
expires: Fri, 08 Nov 2024 02:11:23 GMT

GET
H2 200 / Show response
advisorsdigitaledgeseminars.lpages.co/serve-leadbox/yK4VpcaC9xtkJYF2GXos2h/ Frame D691 178 KB
39 KB 659ms
315ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/yK4VpcaC9xtkJYF2GXos2h/

Requested by

Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

a5e2530942e8be1dcb92a1c4aa1b1ddb2119db9e88bbbe116d365694985b2a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://security.hafenfinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Fri, 01 Dec 2023 10:48:23 GMT
etag: W/"8a9969fcde86bdd1ef197f368e839766"
last-modified: Tue, 04 Apr 2023 19:33:25 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 / Show response
advisorsdigitaledgeseminars.lpages.co/serve-leadbox/fbrGnLofZFAproQLZkbXwU/ Frame 7334 177 KB
39 KB 818ms
474ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/fbrGnLofZFAproQLZkbXwU/

Requested by

Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

bd7bb9315ae993385eafe280b9ab47c677c99cb0a216229044bd5dd42305b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://security.hafenfinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Fri, 01 Dec 2023 10:48:23 GMT
etag: W/"db59efecf25cd91406c81f16191f4ac6"
last-modified: Tue, 04 Apr 2023 19:33:10 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 / Show response
advisorsdigitaledge.lpages.co/serve-leadbox/rPB5y8nMhphtwVFSVr6RnJ/ Frame 4AD3 172 KB
42 KB 691ms
322ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://advisorsdigitaledge.lpages.co/serve-leadbox/rPB5y8nMhphtwVFSVr6RnJ/

Requested by

Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

4c586068701f20d46efcd90896d317fa49fc4a7f6c9e35ed42f9c79aa91f2c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://security.hafenfinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Fri, 01 Dec 2023 10:48:23 GMT
etag: W/"d9c91d9e0666449bc9671bc1e53fff00"
last-modified: Fri, 23 Jul 2021 14:06:58 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w1600
lh3.googleusercontent.com/ 55 KB
55 KB 418ms
417ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w1600

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0a57ed751b6fed5edb4970e00fd96d001170bca7761f4b3e6cb9db4b5088c4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56395
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:23 GMT

GET
H2 200 2sHRaUCIRMMdnR4ODsGma1t81PW8gHDQB_ohEZNEuyLVmFDf2skXgtTlL9WzKYeKO1-fPgA5NvjedId7BXblwQ=w1600
lh3.googleusercontent.com/ 16 KB
16 KB 409ms
409ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/2sHRaUCIRMMdnR4ODsGma1t81PW8gHDQB_ohEZNEuyLVmFDf2skXgtTlL9WzKYeKO1-fPgA5NvjedId7BXblwQ=w1600

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69725467e06f9514310e27cfd18f2c04e857c1acde2cf67ab91971d5bb765622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16138
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 115ms
47ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://security.hafenfinancialpresents.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 566561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 21:25:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 120ms
53ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://security.hafenfinancialpresents.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:50:19 GMT
x-content-type-options: nosniff
age: 568684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 20:50:19 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 37 KB
37 KB 182ms
116ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://security.hafenfinancialpresents.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:57:20 GMT
x-content-type-options: nosniff
age: 564663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37964
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:43:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 21:57:20 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 156ms
90ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://security.hafenfinancialpresents.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:18:14 GMT
x-content-type-options: nosniff
age: 59409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:18:14 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 1BF9 4 KB
2 KB 44ms
44ms Document
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://security.hafenfinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 207
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Fri, 01 Dec 2023 10:44:56 GMT
etag: "OMWYXg"
expires: Fri, 01 Dec 2023 10:49:56 GMT
server: Google Frontend
x-cloud-trace-context: dcf1b3146123f8686cf66879f169f3d6

GET
H2 200 1100035103528503 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 197ms
197ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1100035103528503?v=2.9.138&r=stable&domain=security.hafenfinancialpresents.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25f032e92c1ba144f58964555f8b879ed9d50b63c703a0d443d4722f77f648db

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 10:48:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: TAHNuW/dclIjkUfufOjL/SoVLd6GXM/ZnW6qcCFdPX6394iYyw2FO7spqWzZTtIlK4sS0NyMZDKPqAa8De8IyQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 128 B
756 B 506ms
442ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fsecurity.hafenfinancialpresents.com%2F&s=142977

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c610485b34da42edfe3dd95de3cd150158393e71403e357d8d6454b3e30b435

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://security.hafenfinancialpresents.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9OIWW42pSRtDO6s%2Fq1BY9zc6%2Bu5R5kIw0HTmCy6fqu1GYY5EiP%2F36d7tMOVvtA53L1Od5Nxi6dzZq0gOYF3Bp6dQ1zMh7x%2FB6l7pEV8VbhCGTdjsNklbVMzSYj8CfwmjiseLe0Q4ao0tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 82eac1ec5b565a3d-MXP
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 BafnXOeqO0EdEE2_k6XEeiH189HhT-_TwXDJDHBXmx8_8ShRnEJ8WgToDXLNDPOtSn09kRl2SWPwwbT90Mp5gQ=w504
lh3.googleusercontent.com/ 41 KB
41 KB 338ms
338ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/BafnXOeqO0EdEE2_k6XEeiH189HhT-_TwXDJDHBXmx8_8ShRnEJ8WgToDXLNDPOtSn09kRl2SWPwwbT90Mp5gQ=w504

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2afce6a1367ba94e04980e549a5c71fe5cbb32b8e02fa5b4a5dce410dd5a44ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42334
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:23 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
698 B 519ms
177ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=k2cTAAd9qsib7e44aGLHBR&v=&e=&st=&lc=en-US&pid=ho4XDowT9fQA6GX9VULGMS-default-prop&uid=PfQUY2pPZohVx5yVP27tKS&sid=WzdutbmJKVkyPfjpdYMTrF&cid=lp-k2cTAAd9qsib7e44aGLHBR&uri=https%3A%2F%2Fsecurity.hafenfinancialpresents.com%2F&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 10:48:24 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://security.hafenfinancialpresents.com
X-Forwarded-For: 192.145.127.217
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 04vc7nnim3g08dj84a5g

GET
H2 200 jquery.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 6CA8 276 KB
277 KB 126ms
46ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js

Requested by

Host: widget.surveymonkey.com
URL: https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd7_2Bnfk9H0eE_2F7b7WozAVYG33Nl4v6KhbA0Uz8a8ksFlC.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:11:38 GMT
x-content-type-options: nosniff
age: 567405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 282766
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 21:11:38 GMT

GET
H2 200 cookie.js Show response
widget.surveymonkey.com/collect/website/js/ Frame 6CA8 23 B
894 B 63ms
62ms Script
application/javascript 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.surveymonkey.com/collect/website/js/cookie.js?_=1701427703696

Requested by

Host: widget.surveymonkey.com
URL: https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd7_2Bnfk9H0eE_2F7b7WozAVYG33Nl4v6KhbA0Uz8a8ksFlC.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

69f31566d58ee19706a2f8e1ba4f1df5152d2112b2e3da32bea647b846d4409d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://secure.surveymonkey.com 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 01:21:11 GMT
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://secure.surveymonkey.com 'self';
x-content-type-options: nosniff
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 206832
x-cache: Hit from cloudfront
sm-request-id: CKJ5ZwLpeVaW--oLOVQNIQMui0Gdey_fvMhfktGeslbm7RkRmnM2lg==
content-length: 23
x-xss-protection: 1;mode=block
server: nginx
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Server-Timing
x-amz-cf-id: vKaGVsdMIJxa6t8PeftqyCXAUVZ9CFqM9AnlV77vRYbEThOsy9HDwA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
45ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134632641-27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 09:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3525
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 11:49:38 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 113ms
39ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1100035103528503&ev=PageView&dl=https%3A%2F%2Fsecurity.hafenfinancialpresents.com%2F&rl=&if=false&ts=1701427703876&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701427703875.1151233998&ler=empty&it=1701427703659&coo=false&rqm=GET

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Dec 2023 10:48:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 SL1-r6vCXmRvMnOzznc2lIvMvD0WPB0XaCi2T_STJ0lfgPvJqrL8_paNPcDqLozMQpyi9-gZyemcXtO_lxnhCA=w515
lh3.googleusercontent.com/ 158 KB
158 KB 427ms
427ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/SL1-r6vCXmRvMnOzznc2lIvMvD0WPB0XaCi2T_STJ0lfgPvJqrL8_paNPcDqLozMQpyi9-gZyemcXtO_lxnhCA=w515

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bfd5b35c6d64341d5bbbc9cb45b5c98c5e279fabb5f8f44373990c6fd5395cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162100
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:24 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
219 B 55ms
55ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=781437933&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity.hafenfinancialpresents.com%2F&ul=en-us&de=UTF-8&dt=Social%20Security%20OnDemand%20Seminar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2139737189&gjid=822531264&cid=994841370.1701427704&tid=UA-134632641-27&_gid=1664352563.1701427704&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1387200422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security.hafenfinancialpresents.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://security.hafenfinancialpresents.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ZCHSW3F Show response
www.surveymonkey.com/r/ Frame B0CF 19 KB
7 KB 564ms
388ms Document
text/html 18.155.153.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.155.153.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-153-28.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

0526bb9ba9c876d6ce679e94fa6451a58d2adab3f518ba14f1d43108986acb81

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://resources.monkeytest1.com 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://security.hafenfinancialpresents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Access-Control-Expose-Headers: Server-Timing
Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://resources.monkeytest1.com 'self';
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Dec 2023 10:48:24 GMT
Referrer-Policy: strict-origin-when-cross-origin
RexR-Request: current:b62f52ecacb2c6c3e27974068d7f63a2:1701427704.446:132
SL_notranslate: 1
SM-Request-ID: 5Mxn776pE3wzd5DxhysskuTFpQYVaWWw1xuc8MZjz0Fl3Z9U3CBJPQ==
Server: nginx
Server-Timing: traceparent;desc="00-2b6569eb514a7e4d95248d9c911d86c2-8deb7dfbcf0f9525-01"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
Via: 1.1 aa5dfacfc06699e0f0625f72154bba68.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 5Mxn776pE3wzd5DxhysskuTFpQYVaWWw1xuc8MZjz0Fl3Z9U3CBJPQ==
X-Amz-Cf-Pop: HAM50-P2
X-Cache: Miss from cloudfront
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache

GET
H2 200 sm-logo-grey-145x30.png
prod.smassets.net/assets/responseweb/responseweb/1.0.0/assets/images/website/ 3 KB
4 KB 76ms
64ms Image
image/png 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.smassets.net/assets/responseweb/responseweb/1.0.0/assets/images/website/sm-logo-grey-145x30.png

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bea4b6b838fce3abb195561547175c783c84308e3221c12aa48fa590e8234e26

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: IipWs7ftcuu4PDLjIC6Stmftifa1tKR1
date: Fri, 01 Dec 2023 02:57:37 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 1ZQ12RVJGGCTHB5A
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 28248
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 2816
x-amz-id-2: cXw/m6g1DOfq7PFwjqNlQsXTfWToakleHcHGiNg04SY9I0Em6gGt6StZguvex8ud2xMGmhvyDqI=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 Nov 2023 18:45:09 GMT
server: AmazonS3
etag: "82e8b3760acb8446722b87052b801417"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7884000, public
accept-ranges: bytes
x-amz-cf-id: 8-Tm4-bXGMKxfOv53vmH-unIIu8WPKy-F6dGQ1-UZYmWIYroT00kBw==

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
460 B 481ms
160ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=t2vfrddPT8jmzoW56s7Gxm&kind=text,text,text,text,timer,counter,text&label=lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=yK4VpcaC9xtkJYF2GXos2h,yK4VpcaC9xtkJYF2GXos2h,fbrGnLofZFAproQLZkbXwU,yK4VpcaC9xtkJYF2GXos2h,114.29999995231628,1,rPB5y8nMhphtwVFSVr6RnJ
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 10:48:24 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://security.hafenfinancialpresents.com
X-Forwarded-For: 192.145.127.217
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 04vc7npvuss31unrgcd0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 1A36 180 KB
62 KB 185ms
75ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=it_IT&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sHafen+Financial,+1626+A.+Plaza+Way,+Walla+Walla,+WA!6i13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

cb914cdb76fc9f7d36f890fe7953d73892069cdc63957bb5341ca56be6e3a10f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63199
x-xss-protection: 0

GET
H3 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame D691 58 KB
14 KB 30ms
29ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: advisorsdigitaledgeseminars.lpages.co
URL: https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/yK4VpcaC9xtkJYF2GXos2h/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:26:01 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 1534943
etag: "CffC8Q"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 048c7f83dd5bf9a002c70df9efe81ada
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Tue, 12 Nov 2024 16:26:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D691 13 KB
988 B 61ms
61ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700

Requested by

Host: advisorsdigitaledgeseminars.lpages.co
URL: https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/yK4VpcaC9xtkJYF2GXos2h/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71fc1cb5000d7c977317152f834714cc11702a3d0b8eed8ec6eb70a722fe1a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledgeseminars.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 10:48:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 10:48:24 GMT

GET
H3 200 OVwxT5eX840QlgqsPULiCVOWXZd5wjfWo1RRe-cHDn7SsOyih0oH2RBGoCuZw1Gn7EIGzNqj2KpsrPl_lZvd2fI=w16
lh3.googleusercontent.com/ Frame D691 4 KB
4 KB 123ms
123ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/OVwxT5eX840QlgqsPULiCVOWXZd5wjfWo1RRe-cHDn7SsOyih0oH2RBGoCuZw1Gn7EIGzNqj2KpsrPl_lZvd2fI=w16

Requested by

Host: advisorsdigitaledgeseminars.lpages.co
URL: https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/yK4VpcaC9xtkJYF2GXos2h/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db662d71be2f274e23cc6f24bd0db81ce1838ff22c8d0c6abc1207fb3fa89946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledgeseminars.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3783
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:24 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame D691 12 KB
5 KB 45ms
45ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: advisorsdigitaledgeseminars.lpages.co
URL: https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/yK4VpcaC9xtkJYF2GXos2h/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledgeseminars.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:47:53 GMT
content-encoding: gzip
server: Google Frontend
age: 31
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: f1baaa8776593f063913dd2d59d975cd
cache-control: public, max-age=300
content-length: 5417
expires: Fri, 01 Dec 2023 10:52:53 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ Frame 4AD3 28 KB
7 KB 91ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: advisorsdigitaledge.lpages.co
URL: https://advisorsdigitaledge.lpages.co/serve-leadbox/rPB5y8nMhphtwVFSVr6RnJ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledge.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1047
age: 277512
cdn-cachedat: 11/11/2022 02:14:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4083f5d376eb849a458cc790b53ba080"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 601a9a422917d5011204b75b2a4627c5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 82eac1efc9684c52-MXP
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ Frame 4AD3 8 KB
823 B 62ms
62ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: advisorsdigitaledge.lpages.co
URL: https://advisorsdigitaledge.lpages.co/serve-leadbox/rPB5y8nMhphtwVFSVr6RnJ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledge.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 09:28:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 10:48:24 GMT

GET
H3 200 OVwxT5eX840QlgqsPULiCVOWXZd5wjfWo1RRe-cHDn7SsOyih0oH2RBGoCuZw1Gn7EIGzNqj2KpsrPl_lZvd2fI=w16
lh3.googleusercontent.com/ Frame 4AD3 4 KB
4 KB 89ms
89ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/OVwxT5eX840QlgqsPULiCVOWXZd5wjfWo1RRe-cHDn7SsOyih0oH2RBGoCuZw1Gn7EIGzNqj2KpsrPl_lZvd2fI=w16

Requested by

Host: advisorsdigitaledge.lpages.co
URL: https://advisorsdigitaledge.lpages.co/serve-leadbox/rPB5y8nMhphtwVFSVr6RnJ/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db662d71be2f274e23cc6f24bd0db81ce1838ff22c8d0c6abc1207fb3fa89946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledge.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3783
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 Dec 2023 10:48:24 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.26.7/js/ Frame 1A6C 542 KB
131 KB 190ms
68ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.26.7/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/268663823
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1e6b21e69b0f9e0f8b03ae254acfb8a48fdd2e2dd06e0d0e9e342b25fdf0a25c

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000113-IAD, cache-fra-eddf8230040-FRA
date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 57905
x-timer: S1701427704.411192,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 134031
x-cache-hits: 14, 12194

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.26.7/js/ Frame 1A6C 410 KB
99 KB 180ms
59ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.26.7/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/268663823
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3cbeb9152582ba3ecabd9117b802e295627331b8c473f5f76f8cdacdd1270217

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200149-IAD, cache-fra-eddf8230040-FRA
date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 57905
x-timer: S1701427704.411052,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101200
x-cache-hits: 14, 22180

GET
H2 200 player.css
f.vimeocdn.com/p/4.26.7/css/ Frame 1A6C 205 KB
21 KB 328ms
110ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.26.7/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/268663823
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 512c7ec42048b48624853960163f28cdaeb4abd46e8e6d9c517aa728537076b0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100028-IAD, cache-fra-eddf8230081-FRA
date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 57906
x-timer: S1701427705.544828,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21696
x-cache-hits: 15, 21088

GET
H2 200 699704816-c1a6f77b08994c15e1c0a1c6d36f949595833701816fa09701ad9aa7487d08bb-d
i.vimeocdn.com/video/ Frame 1A6C 1 KB
2 KB 216ms
160ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/699704816-c1a6f77b08994c15e1c0a1c6d36f949595833701816fa09701ad9aa7487d08bb-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/268663823
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fbce0937c19e459760b982365fb68e923a49d5f44414375838d659a561ca2223

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1777972
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 1227
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120117-DFW, cache-mxp6965-MXP
x-timer: S1701427704.333542,VS0,VE134
etag: 04427cb5d869391cf2fe44064835aec7
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 9, 0

GET
H2 200 identify.html Show response
js.center.io/ Frame 86D7 4 KB
2 KB 42ms
42ms Document
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://advisorsdigitaledgeseminars.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 285
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Fri, 01 Dec 2023 10:43:39 GMT
etag: "OMWYXg"
expires: Fri, 01 Dec 2023 10:48:39 GMT
server: Google Frontend
x-cloud-trace-context: ec9c85c890cdee6caf813308d55579b4

GET
H2 200 center.js Show response
js.center.io/ Frame 4AD3 12 KB
5 KB 42ms
42ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: advisorsdigitaledge.lpages.co
URL: https://advisorsdigitaledge.lpages.co/serve-leadbox/rPB5y8nMhphtwVFSVr6RnJ/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledge.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:45:30 GMT
content-encoding: gzip
server: Google Frontend
age: 174
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: e0b4b111e94353b4129c01f6e26fc3b9
cache-control: public, max-age=300
content-length: 5417
expires: Fri, 01 Dec 2023 10:50:30 GMT

GET
H3 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame 7334 58 KB
14 KB 28ms
28ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: advisorsdigitaledgeseminars.lpages.co
URL: https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/fbrGnLofZFAproQLZkbXwU/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:26:01 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 1534943
etag: "CffC8Q"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 048c7f83dd5bf9a002c70df9efe81ada
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Tue, 12 Nov 2024 16:26:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7334 13 KB
892 B 78ms
78ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700

Requested by

Host: advisorsdigitaledgeseminars.lpages.co
URL: https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/fbrGnLofZFAproQLZkbXwU/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71fc1cb5000d7c977317152f834714cc11702a3d0b8eed8ec6eb70a722fe1a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledgeseminars.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 10:48:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 10:48:24 GMT

GET
H3 200 -2GCuOKSXYnLZfzQP2J1KFHvtzk19Dncl16-9xLr_adwQ6w_9FI77f4fIWrlxrdpmpa2lu1l-sgcZB2mQIIp=w16
lh3.googleusercontent.com/ Frame 7334 790 B
815 B 44ms
44ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-2GCuOKSXYnLZfzQP2J1KFHvtzk19Dncl16-9xLr_adwQ6w_9FI77f4fIWrlxrdpmpa2lu1l-sgcZB2mQIIp=w16

Requested by

Host: advisorsdigitaledgeseminars.lpages.co
URL: https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/fbrGnLofZFAproQLZkbXwU/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3a9cc98e6d1897ee8ed2860fea20646e9532d3ed5ce0eb51c8af481036e3f247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledgeseminars.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:23 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 790
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 Dec 2023 10:48:23 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame EBA6 4 KB
2 KB 46ms
45ms Document
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://advisorsdigitaledge.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 11
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Fri, 01 Dec 2023 10:48:13 GMT
etag: "OMWYXg"
expires: Fri, 01 Dec 2023 10:53:13 GMT
server: Google Frontend
x-cloud-trace-context: 8bbad9ee3c2f8363c3618595f33e4cef

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 1A36 3 B
46 B 176ms
52ms XHR
application/json 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=it_IT&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/55/3/intl/it_ALL/ Frame 1A36 227 KB
60 KB 118ms
34ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/55/3/intl/it_ALL/init_embed.js

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sHafen+Financial,+1626+A.+Plaza+Way,+Walla+Walla,+WA!6i13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3db3cfdeea40ed416ef416ac9a182277be7aa30e0cd98bf6335b9dd80bd60fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61260
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 00:55:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:34:23 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame 7334 12 KB
5 KB 45ms
44ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: advisorsdigitaledgeseminars.lpages.co
URL: https://advisorsdigitaledgeseminars.lpages.co/serve-leadbox/fbrGnLofZFAproQLZkbXwU/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledgeseminars.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:47:42 GMT
content-encoding: gzip
server: Google Frontend
age: 42
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 83bf93e97dc187be504cb274f67532d7
cache-control: public, max-age=300
content-length: 5417
expires: Fri, 01 Dec 2023 10:52:42 GMT

GET
H2 200 responseweb-base-bundle-min.27b93cc2.css
prod.smassets.net/assets/responseweb/ Frame B0CF 62 KB
8 KB 61ms
60ms Stylesheet
text/css 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.27b93cc2.css

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

704dc7c75b580953710c22720a7d6196ca037e1993e0d554562fe604ab1fcf0d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: O3Mvnjrsh189k8qV_kbaS0F0XHL9bNRR
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 07:20:07 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: G03FKRDF1MZERGY5
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 12564
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: /01oDRDxCxpeNf8uophoChEdzafNwmwMdUykCk3PFMrYoo7AaC+QZya8QGGkaOqI1DGswrAZnLc=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 22:10:17 GMT
server: AmazonS3
etag: W/"27b93cc22cc051196700ea011c39e36d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: XXY8xjQ2SCJF18DF0sPAXStKTs_XU2Mrt61JBk8RJECrlCoUeLiOeQ==

GET
H2 200 smlib.surveytemplates-survey_page-bundle-min.77cf7edd.css
prod.smassets.net/assets/responseweb/ Frame B0CF 89 KB
13 KB 166ms
165ms Stylesheet
text/css 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-survey_page-bundle-min.77cf7edd.css

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2e716f8f45f4567bfc4221353a90b7e748556f30e527ee3c16f5c2f598858322

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: Yb7dbmGqnTVN.UpJUfZz0QYnHeCcngLO
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 10:08:13 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: YS7FMS6K9G77F4VX
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 2427
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: L6KUR7FHWElb0sUjVvVUMHKAwb3rE32laZ5SwK4P+4d4ssCN0rf68eD+1/uprXxJU3gn2pJnpKg=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 22:10:41 GMT
server: AmazonS3
etag: W/"77cf7eddb3ac4c5325c5df1c3b0b325d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: vOe63ts_gQn-FmwESI4ELjtvpgT2jdWsodMribLCtt7dd8wY4PfLYw==

GET
H2 200 4.6.1_6403437_palette-6_15887933-7CFD-4DE1-A619-C83F48E3F860.css
secure.surveymonkey.com/r/themes/ Frame B0CF 26 KB
5 KB 724ms
709ms Stylesheet
text/css 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.surveymonkey.com/r/themes/4.6.1_6403437_palette-6_15887933-7CFD-4DE1-A619-C83F48E3F860.css
Requested by: Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 28f23033e0833a5cdbfc7682fdcc1cf8f33e42513fd65deaca8c2ee79fd87ad8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:25 GMT
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css; charset=UTF-8
access-control-expose-headers: Server-Timing
cache-control: max-age=3600
sm-request-id: KfOgemHuOGb6s-2SXl8qyvqWdVgvKe37El6naE9ADwWPpESsUb39Rg==
server-timing: traceparent;desc="00-186db8f1c09a85e7a515df7f910329d0-fe9c419eef14661d-01"
x-amz-cf-id: KfOgemHuOGb6s-2SXl8qyvqWdVgvKe37El6naE9ADwWPpESsUb39Rg==

GET
H2 200 wds-react.min.css
cdn.smassets.net/assets/wds/4_20_2/wds-react/ Frame B0CF 127 KB
15 KB 286ms
264ms Stylesheet
text/css 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.smassets.net/assets/wds/4_20_2/wds-react/wds-react.min.css

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e515bb968d71ad7c7d3d7d0207798342e1ccc3a81c0c86dd9a46cf770e1e793a

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: uuS3rJ8lpzOfMrSciOuzwH9Tk1993xne
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 08:41:12 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: H3J47PCNJVZQRWTQ
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 7645
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: 5jT2X03CnWp0oCaxehiATtlPngPhfaOo73rQPXetr37lunHF9geIyH7Fjo/4Y7vSz5hQXlKE1cg=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 17 Nov 2020 13:22:33 GMT
server: AmazonS3
etag: W/"319c4184e0e815aaae848111368f49e6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: u78G7cp6-4_CrkdCx0LOl9pim6RkhlFqoe6eVViiIX4m0kEu3jlaQA==

GET
H2 200 responseweb-responsewebPkgs-bundle-min.614c8463.css
prod.smassets.net/assets/responseweb/ Frame B0CF 5 KB
2 KB 62ms
61ms Stylesheet
text/css 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-responsewebPkgs-bundle-min.614c8463.css

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6e24336b2c46212f552712f9388860eb4d01f99c94614919d30c03df806b5899

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: de3WI6MKO8UZ0bA3EuAyO9U3iIy3DXOW
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 07:51:30 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: K8427Q6V22R1V5TG
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 10833
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: NzEtfDj0kNKuVHeiUlsQ6YulhRIwylJEVCK3rRrWwbs+Kxw6pdJuMscj9SxRUzqPQbZmO6Vcidc=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 22:10:48 GMT
server: AmazonS3
etag: W/"614c8463ea474a81e0f9592f3c4fe62b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: 0GoylidfQE7pxiYy8ZBgnqTBcHmKIK6EGvD5PD-0fY_qgoslwJvLLA==

GET
H2 200 responseweb-version-bundle-min.5a1733bc.css
prod.smassets.net/assets/responseweb/ Frame B0CF 11 KB
3 KB 213ms
212ms Stylesheet
text/css 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-version-bundle-min.5a1733bc.css

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

63f142c7ed7eb20faf91e3887f8abb696900f6f386b767c2cf09146bb53cb9ab

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 3.hz1SGH_I7CcJE3EVSGK2j3RPnYDFj4
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date: Thu, 30 Nov 2023 21:37:16 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: 3SE9Y1YPNWG1QNXV
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 48352
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: juV1X/kI0MKH6TESnKmfzjYG31QH6x8cWzfxKjBaihgSvxEVpqGvFHh28DSN6Z6HkPdBcRt00tw=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 22:10:16 GMT
server: AmazonS3
etag: W/"5a1733bcb6e5b00dee4304cd2ae82501"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: _fc-6hKGxOsB7-hfTxLNgAHF0jLRGuiO3RKuqNVgx_S1fAJg0kOqPQ==

GET
H2 200 responseweb-jquery-bundle-min.a17eeae3.js Show response
prod.smassets.net/assets/responseweb/ Frame B0CF 103 KB
34 KB 120ms
119ms Script
application/javascript 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-jquery-bundle-min.a17eeae3.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6345ede1de8ae9ec09a174bedb7158651b5045415c20c38d8a135f8c382557f8

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: kuoqIiiJmzipW0uCP6jliO2CfNJBkXju
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 06:55:11 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: MZCFC8ZCCCT2HCWV
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 14163
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: Tz0oBFGypKaSh3FtOfbPe8Hj4k5CDiA5tLuMJx4ILfMGfKNbw6/w16RkT8pmEYKd3KN+63PIWW0=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 22:10:38 GMT
server: AmazonS3
etag: W/"a17eeae3257239c918edea1e7466d0d2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: 0SxChqF3H4Y8LnQbB22PWZvfDswJAkrJVD0U_UQgZDl92G9fU-FODw==

GET
H2 200 responseweb-response-bundle-min.2721eb1c.js Show response
prod.smassets.net/assets/responseweb/ Frame B0CF 123 KB
30 KB 195ms
194ms Script
application/javascript 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-response-bundle-min.2721eb1c.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e0ebf146d5aa80264526b48873cb5ee062d6b6c2c947b0b359230a8830cf2c5a

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: b16KpPOgBphPzMcbIC2uWHPmULS8rdpC
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 08:57:53 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: 0NEH5TNAAGB7NGDG
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 6632
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: 8krV/KozPFosKulKUwht1nJc7yOs33a35eFTse0PsqAAN9SLB3IQtnLPKwu+afePKcBj48C+C60=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 22:10:04 GMT
server: AmazonS3
etag: W/"2721eb1c3299587a2b097a0b07efba55"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: 7ODhJurH26z765rVuRiJ8FHP5oBM0vqS7TemWivY8-6kxgcWsAB9xA==

GET
H2 200 smlib.surveytemplates-sm-react-bundle-min.a68d6acc.js Show response
prod.smassets.net/assets/responseweb/ Frame B0CF 127 KB
41 KB 103ms
102ms Script
application/javascript 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-sm-react-bundle-min.a68d6acc.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

77e870dd37a97aff3ff09ba46e00f023cda7fce3e4791e3103d4e5b401009333

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: Hg0YozIq0X2i.EucVdpmn2wEFM0WPMyr
content-encoding: gzip
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 05:17:41 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: WV3N4XSFV1E90XM9
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 19883
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: 38WMc1v6FVSOQSWlYV0urQoAEsL6ubdr8L4/huGFej1HhyYtcouPbg0hbm63E2tv/oqdn3/f0dE=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 22:10:42 GMT
server: AmazonS3
etag: W/"a68d6acc0c7f3de0989f242559189c1d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: 0CLZfrtij5SXFPMjKSogG9X8Y2REZHKhiQ4k3f4ph6mW_EM03JhhXw==

GET
H2 200 smlib.surveytemplates-sm-polyfill-bundle-min.ef0f0b28.js Show response
prod.smassets.net/assets/responseweb/ Frame B0CF 94 KB
32 KB 68ms
67ms Script
application/javascript 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-sm-polyfill-bundle-min.ef0f0b28.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5aefcc68ff56d078478fc4e14f24140c2eba2bfa03f79ac7c8897a1a4b67e1c4

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: eDJBiuo.91JwtmCP_NboVkLoVyN9YU9g
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 08:23:49 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: H8NKCGW46J57TWCE
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 8720
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: rpVD51gc0GGrDz29qod+4W+hB9Jc7b/CuqgRMQ4MuVxzxHqGQ1MrsHSG7KFVio9se9xF1QmYsFITcMEQs0HRrQ==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 22:10:41 GMT
server: AmazonS3
etag: W/"ef0f0b28d8e5bad7258b80dfb3cc6019"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: tIHV9GYks8RqVnlY1rw2mCjYfjcyvfRDwkvvN6en2euDbQEhB77AcQ==

GET
H2 200 responseweb-responsewebPkgs_hybrid-bundle-min.1d586c49.js Show response
prod.smassets.net/assets/responseweb/ Frame B0CF 7 MB
1 MB 145ms
144ms Script
application/javascript 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-responsewebPkgs_hybrid-bundle-min.1d586c49.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d0e65d0f41fd1aefae7e5e12d61a1142b7de6bc1403015b1d517ae069c7d3d23

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 0mr8glj71mRYWwydFI1v9ujyu1P6SA6l
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date: Thu, 30 Nov 2023 20:29:53 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: 0CQ4RVAKB100G0V0
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 51527
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: T1qTnko0GFzW2kOaHVGHM+Skdjp7EdTQ9C/MZtJi1XvbjFsUVuYgNDJAPZdwFfQHGWIthsqI6vA=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 Nov 2023 18:45:12 GMT
server: AmazonS3
etag: W/"1d586c497655afefcab1b574420ab935"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: 6aFuKjruPjBHWcmCIXp6j08k0RHASDc-oAeGFwiVRTAiZXWuDs8smw==

GET
H2 200 responseweb-ui_bundle-bundle-min.a165823c.js Show response
prod.smassets.net/assets/responseweb/ Frame B0CF 25 KB
9 KB 211ms
211ms Script
application/javascript 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/responseweb-ui_bundle-bundle-min.a165823c.js

Requested by

Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

46363740103d99445256b74206aa302ba5f543ade69ac31901e2e7647878ec33

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.surveymonkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: S7lLYD8BJgaYZ87ZStePklVvHnW9GYJZ
content-encoding: br
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 08:20:08 GMT
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-amz-request-id: G1NFJ4RK1FZ81CFX
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 8897
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: COMPLETED
x-amz-id-2: 3Wb68mqXBDLUGCAGNgq/XQH14fsP9cN9l/Bb4fj9FL5buIa4h4RBDY0OEHxCffKDDv2Ps2e3sitZ/LUIybxlWw==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 22:10:02 GMT
server: AmazonS3
etag: W/"a165823ce19e210d098673cd3a500be3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7884000, public
x-amz-cf-id: oB_xlCVOhvFMcfkekKBrRUL_rECwI4YozLmedCr1bKB_yuZNXjS4YQ==

GET
H2 200 splunk-otel-web.js Show response
cdn.signalfx.com/o11y-gdi-rum/latest/ Frame B0CF 166 KB
41 KB 176ms
59ms Script
application/javascript 108.138.7.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Requested by: Host: www.surveymonkey.com
URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-16.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17b2a47720dd8abed7db78358e56d8b6fd5063cc18d9badafb8fd1cd49c14311

Request headers

Referer: https://www.surveymonkey.com/
Origin: https://www.surveymonkey.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:11:14 GMT
content-encoding: gzip
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2230
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 17 Oct 2023 13:52:35 GMT
server: AmazonS3
etag: W/"60d22480807c67256f4d1487eaf26779"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: kvPCFZRG4uK0SwaKB87dZ6rRp5LnLUMPaDOiKb_glGvqrzgBUyjFOg==

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/ Frame 1A36 255 KB
56 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=it_IT&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7135c8774f32cc6a0bc4cb4f5c21bfd6826c43bb48468d46a0c0781bfe6c6602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57177
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:34:26 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/ Frame 1A36 173 KB
54 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=it_IT&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff5cab79b983af6ad684c63e442178a67a8167431e39bd26873076f3b2c3bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55183
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:34:26 GMT

GET
H2 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/ Frame 1A36 71 KB
23 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=it_IT&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d27ed7a50d7634cdf0e5158c9a3a08ef87973e39253e0bb961feee107f0dfde4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23874
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:34:26 GMT

GET
H2 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/ Frame 1A36 3 KB
1 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=it_IT&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3db62c16d038b8e5a98ee66a6ea2c9f957072e013a0c84392ecc007b13c1a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1281
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 11:53:15 GMT

GET
DATA 200
OK truncated
/ Frame 1A36 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 1A36 36 KB
36 KB 121ms
121ms Image
image/png 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i358958&2i745507&2e1&3u13&4m2&1u400&2u350&5m5&1e0&5sit-IT&6sus&10b1&12b1&client=google-maps-embed&token=125207

Requested by

Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

9ab3452079f6e91936df55c83bd89bd5f91e2ceb250e6ab5479fd14579f50805

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=87
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36513
x-xss-protection: 0
expires: Sat, 02 Dec 2023 10:48:24 GMT

GET
H2 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/ Frame 1A36 26 KB
9 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=it_IT&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

672be51c060236e6be0f7ae914565583d0f3ba1353f7845404afa81fbd95cc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8882
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:34:26 GMT

GET
H2 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/ Frame 1A36 3 KB
1 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/3/intl/it_ALL/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=it_IT&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f417dd89b1b905f4005be55500cfee152f1f704db2aa5f3fb60f94d7d4ea7dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1215
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 04:53:50 GMT

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 1A6C 2 KB
1 KB 105ms
105ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/268663823
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230081-FRA
date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 799317
x-timer: S1701427705.684333,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 25, 241202

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1A6C 4 KB
2 KB 200ms
126ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.7/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 10:48:24 GMT

GET
H2 200 699704816-c1a6f77b08994c15e1c0a1c6d36f949595833701816fa09701ad9aa7487d08bb-d
i.vimeocdn.com/video/ Frame 1A6C 53 KB
53 KB 176ms
176ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/699704816-c1a6f77b08994c15e1c0a1c6d36f949595833701816fa09701ad9aa7487d08bb-d
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/268663823
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 47d0521be4bd6e6ecdbc4bf9b55d1d1f7b0a0da7d5f55f4c245179f31f6c5ead

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1661314
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 54122
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120055-DFW, cache-mxp6965-MXP
x-timer: S1701427705.649855,VS0,VE142
etag: 6263a526381a7c761b1803022915b0e1
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 2, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 1A6C 0
142 B 193ms
137ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=baa21f16a6b92a53ed805efe1e6fb2c9027517e61701427704
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.7/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 01 Dec 2023 10:48:24 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 1A6C 0
918 B 242ms
165ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=baa21f16a6b92a53ed805efe1e6fb2c9027517e61701427704

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 30 Nov 2023 22:48:24 GMT
Date: Fri, 01 Dec 2023 10:48:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kiad7000115-IAD, cache-mxp6935-MXP
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1701427705.823781,VS0,VE123
x-backend-proxy: webproxy15
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-55754f9bc8-b2lmv
Accept-Ranges: bytes
CF-RAY: 82eac1f31db54c72-MXP
X-Cache-Hits: 0, 0

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 1A6C 35 KB
12 KB 181ms
180ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Fri, 01 Dec 2023 10:48:24 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/119/ Frame 1A6C 50 KB
15 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/119/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 02 Dec 2023 10:25:24 GMT

GET
H2 200 699704816-c1a6f77b08994c15e1c0a1c6d36f949595833701816fa09701ad9aa7487d08bb-d
i.vimeocdn.com/video/ Frame 1A6C 41 KB
42 KB 289ms
289ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/699704816-c1a6f77b08994c15e1c0a1c6d36f949595833701816fa09701ad9aa7487d08bb-d?mw=1100&mh=619
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/268663823
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05d3e1a634f5ef8b888813a5413e63c577b4f71c8d2c6beda16d19d26ada8c14

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:25 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 45976
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 42347
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210171-DFW, cache-mxp6965-MXP
x-timer: S1701427705.862124,VS0,VE262
etag: 29e0bfb3c4a021878100d182b143a61d
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
460 B 163ms
163ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=t2vfrddPT8jmzoW56s7Gxm&kind=timer,timer,timer&label=lb_embed_leadbox_load,lb_embed_leadbox_load,lb_embed_leadbox_load&value=817.3999999761581,923.2000000476837,944.8999999761581
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 10:48:25 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://security.hafenfinancialpresents.com
X-Forwarded-For: 192.145.127.217
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 04vc7nurk1t8unlkf80g

GET
H2 200 National2Web-Light.woff2
prod.smassets.net/assets/responseweb/smlib.ui/5.4.0/assets/fonts/ Frame B0CF 35 KB
36 KB 232ms
128ms Font
application/font-woff2 65.9.66.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/smlib.ui/5.4.0/assets/fonts/National2Web-Light.woff2

Requested by

Host: prod.smassets.net
URL: https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.27b93cc2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-29.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8924a5e7cde8b8cfd7fb9b9540e794993ba9dcbbc371ce9ca7c91924ef2d73b1

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.27b93cc2.css
Origin: https://www.surveymonkey.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: LCdVn8h6SzTmvvRLowCt56nQWAoyrtUc
date: Fri, 01 Dec 2023 08:40:59 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: G0T6E21D5C5FA3SK
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 7647
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 35935
x-amz-id-2: b0p26ZFr+kFoUwAxOKPdXMIM0/bh5OIxBErvU15fzRbWhFJneYD1l8y8qbgmcJecoWH+lPv3mX8=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 22:10:35 GMT
server: AmazonS3
etag: "e55198d6fcd57630f0617639e2f6da90"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=7884000, public
accept-ranges: bytes
x-amz-cf-id: -QbMHkgCJby__zqvVc_PNOkGdy_PHICSRyvJskMMAgyGWmsZ80q3Sw==

GET
H2 200 National2Web-Regular.woff2
prod.smassets.net/assets/responseweb/smlib.ui/5.4.0/assets/fonts/ Frame B0CF 34 KB
35 KB 182ms
78ms Font
application/font-woff2 65.9.66.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.smassets.net/assets/responseweb/smlib.ui/5.4.0/assets/fonts/National2Web-Regular.woff2

Requested by

Host: prod.smassets.net
URL: https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.27b93cc2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-29.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c7e022d03458278aabb7ce6892ddeef5736041de037d0d64adedc2eb1d82850b

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.27b93cc2.css
Origin: https://www.surveymonkey.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: V5pVtJxtOMcaWTsfgjcj0nZIRlof6wb0
date: Fri, 01 Dec 2023 10:35:03 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 0D25RRTN2N9F4XK3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 883
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 34775
x-amz-id-2: RvnFq9m34jqHaYyv7+DYImj/d7kacP+fx9csRKvvdsVVzVv1s5esqXeArBBmtQCOjzX2KtwiyZ0=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 22:10:34 GMT
server: AmazonS3
etag: "13244bd99451605c61b32c9617162c1f"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=7884000, public
accept-ranges: bytes
x-amz-cf-id: YD2B9guGXaJVZnnXmtvAEsgUhTQayliC6yPcmSIWorr_PhXO159HBA==

GET
H2 200 Mateo.4.woff2
cdn.smassets.net/assets/wds/4_20_1/wds-core/icons/ Frame B0CF 23 KB
24 KB 287ms
113ms Font
application/font-woff2 65.9.66.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.smassets.net/assets/wds/4_20_1/wds-core/icons/Mateo.4.woff2

Requested by

Host: cdn.smassets.net
URL: https://cdn.smassets.net/assets/wds/4_20_2/wds-react/wds-react.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9a1c20619f7207113a221fa91bf8c4c7c676facf10cbfce20f614a9b6cf6411e

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://.hotjar.com wss://.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://.zendesk.com https://.myshopify.com https://teams.microsoft.com https://.eloqua.com https://.surveymonkey.com https://.sharepoint.com https://.worldpay.com https://.cardinalcommerce.com https://.office.com https://.office365.com https://.microsoft365.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.smassets.net/assets/wds/4_20_2/wds-react/wds-react.min.css
Origin: https://www.surveymonkey.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 5vKIe7wZf5LV4.sfKzaBSRGPfwMFPNpW
date: Fri, 01 Dec 2023 05:34:19 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: J1WXRHS46N949CYN
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 18847
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 23544
x-amz-id-2: wkifnajxFXirlydVBwEgq34UUXjvpI+qhJ072W+NqaZw8w7VvxdbjoL0RUQlfYMGWa54Qt1n0v/zkz9paIwSWg==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 17 Nov 2020 13:22:47 GMT
server: AmazonS3
etag: "ce580ef65226ee5f53cef201183bc464"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=7884000, public
accept-ranges: bytes
x-amz-cf-id: dhYYjNUwVHHJxJKIXWuLOdOROiWceJ1qDuKkMeqbldIJcES14xeXKg==

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
357 B 161ms
161ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,336,314,722,7,724,836,837,3010,3011
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 10:48:25 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 192.145.127.217
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 04vc7o4fj9c2bhm83ge0

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 77 KB
24 KB 263ms
76ms Script
text/javascript 2600:9000:2644:3e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: security.hafenfinancialpresents.com
URL: https://security.hafenfinancialpresents.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:3e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04973f96fb9c6e41af1fc9486d48e8936d01498f8eedb266616bacd866e2e6c5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id: WR87b7q5q8oup3pL2O5SSN.NVO0Ke7cd
Content-Encoding: gzip
Via: 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
Date: Fri, 01 Dec 2023 10:19:50 GMT
Age: 1715
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 31 Oct 2023 15:28:28 GMT
Server: AmazonS3
Etag: W/"c7df5f519bb5d8f62bef23196a8ec659"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: IwMq1JAr1rHzBga5ulHLDkenEqHFooBgWHV0HnaLQA2W51H41dHvgw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

167ms
89ms

Script
application/javascript

2600:9000:2644:3e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2644:3e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Thu, 30 Nov 2023 19:17:26 GMT
Via: 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
Age: 55872
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: f4ePzcqb5JS0gsrlOPgbcN046NR7TnhDgqdRuignEwNFPmCMj5gCAA==

Redirect headers

Date: Thu, 30 Nov 2023 22:52:57 GMT
Via: 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
Age: 42929
X-Amz-Cf-Pop: FRA60-P6
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: YS-uNM4xiDeSFni4_U-KVlVC6BiljULJ0AVl7cNAGpQveH8KHhfYsg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/ 0
805 B 764ms
682ms Script
text/javascript 2600:9000:2644:3e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:3e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id: YlSiULpEgfU27Hnkzko0pFex1FJVR.mr
Date: Fri, 01 Dec 2023 10:48:27 GMT
Via: 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Thu, 30 Nov 2023 11:52:25 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: AaG0KpEgdMS0tzJGxvNE55KCPn97ICwTk1C2olZg4WQ6II1MRCLFQA==

GET
H2 200 I7EKOA5TM5B6XKPNWFBKWV Show response
d.adroll.com/consent/check/ 492 B
585 B 404ms
131ms Script
application/javascript 2a05:d018:cc3:fe04:bf61:ba9a:8199:2b0f
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/I7EKOA5TM5B6XKPNWFBKWV?pv=26031277793.74268&arrfrr=https%3A%2F%2Fsecurity.hafenfinancialpresents.com%2F&_s=29a1a55c12546d6f94f9ce2783137365&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:bf61:ba9a:8199:2b0f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ca2efb17cf4a6a3ac0d04003fb3324d409f5dc9d7188cb6262fae05f22f6df55

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:48:26 GMT
server: nginx/1.22.1
content-length: 492
content-type: application/javascript

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
460 B 165ms
164ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=idmtfnmkQCsbUnq8iNkZmU&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=147.5,56.89999997615814,1,519.8999999761581
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://security.hafenfinancialpresents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 10:48:28 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://security.hafenfinancialpresents.com
X-Forwarded-For: 192.145.127.217
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 04vc7oo7avr0kelp4al0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame D691 35 B
462 B 211ms
153ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=PZAqtg7Q3nEXvoUySEuG9q&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=47.89999997615814,52.200000047683716,1
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledgeseminars.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 10:48:28 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://advisorsdigitaledgeseminars.lpages.co
X-Forwarded-For: 192.145.127.217
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 04vc7opgs43nrvicc0t0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame 4AD3 35 B
454 B 239ms
154ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=bCgMQnEQ8rocgyt9j2PnrD&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=45.800000071525574,51.09999990463257,1
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledge.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 10:48:28 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://advisorsdigitaledge.lpages.co
X-Forwarded-For: 192.145.127.217
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 04vc7oqn0s5hictivsg0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame 7334 35 B
462 B 301ms
150ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=JuNmmf53h8EzvssxKo7dvq&origin=center-js&kind=counter,timer&label=ident-cache,load-center&value=1,48.300000071525574
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://advisorsdigitaledgeseminars.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 10:48:28 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://advisorsdigitaledgeseminars.lpages.co
X-Forwarded-For: 192.145.127.217
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 04vc7orcrhlnupfvrki0

POST rum
rum-ingest.us1.signalfx.com/v1/ Frame B0CF 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rum-ingest.us1.signalfx.com
URL: https://rum-ingest.us1.signalfx.com/v1/rum?auth=zc0197kWHeYhZNXuPUlB5w

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 16:38:34	Name: view.ho4XDowT9fQA6GX9VULGMS-default-prop.k2cTAAd9qsib7e44aGLHBR Value: 1701427704000
js.center.io/	1970-01-21 02:13:07	Name: centerVisitorId Value: PfQUY2pPZohVx5yVP27tKS
.hafenfinancialpresents.com/	1970-01-20 18:46:43	Name: _fbp Value: fb.1.1701427703875.1151233998
.hafenfinancialpresents.com/	1970-01-21 02:13:07	Name: _ga Value: GA1.2.994841370.1701427704
.hafenfinancialpresents.com/	1970-01-20 16:38:34	Name: _gid Value: GA1.2.1664352563.1701427704
.hafenfinancialpresents.com/	1970-01-20 16:37:07	Name: _gat_gtag_UA_134632641_27 Value: 1
security.hafenfinancialpresents.com/	1969-12-31 23:59:59	Name: smcx_248409333_last_shown_at Value: 1701427704003
.vimeo.com/	1970-01-20 16:37:09	Name: __cf_bm Value: 7G.eIJHUpFQ0EFeUxglPhAdIbBAVYnOe8CcEr4zq0X8-1701427704-0-AUhaBuE0bjb0+nNNk6SyP7AtiYemCZz0+90fYxb6kBJjPbTHnsXHewUkeNfJf26q6MIVQsf7ZtdSOvip7kOsp8M=
.surveymonkey.com/	1970-01-21 01:22:43	Name: CX_248409333 Value: 1701427704421910:270004034:248409333:created
.surveymonkey.com/	1969-12-31 23:59:59	Name: apex__sm Value: _2B81SCXgfGKYxkOg_2BkRoW22VmC9mwXcxoKUv4xrrwWXt02w3kusPUbOgJoHI_2B8a6IZzIVz60fMSb_2FTqzkIWRfIiDOqPoNycnZMfbX4sD0lgo_3D
.surveymonkey.com/	1969-12-31 23:59:59	Name: auth Value: mMh1y40UqXWJawozdmpE_2BPfvccKPCvyVqe_2BJLZHV4b53cOXMXrBFYv03OCSP5_2FRsJJqyV_2FH5lxWsYf9QusCwmkWyvYkeu4xRvOJxCbQUhfk1Ywa4pbHrfXG3lMbmqsG_2FGAEPFmzZqvApTMCMnauMNg_3D_3D
.surveymonkey.com/	1970-01-20 16:37:09	Name: ep201 Value: "/iHIKdXY2ZawkZDAKeqi97FrMvI="
.surveymonkey.com/	1970-01-20 18:46:43	Name: ep203 Value: "0H8sVw26kGqbEE1F/ouyoqVbZ4c="
.surveymonkey.com/	1969-12-31 23:59:59	Name: sm_rec Value: UserID=1&Username=&PackageID=1&LanguageID=1
.vimeo.com/	1970-01-21 02:13:07	Name: vuid Value: pl914149418.1777683651
www.surveymonkey.com/	1970-01-20 16:37:08	Name: _splunk_rum_sid Value: %7B%22id%22%3A%22f2acdecf67fe20d703367218f9935fde%22%2C%22startTime%22%3A1701427705381%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://security.hafenfinancialpresents.com/(Line 94) Message: Allow attribute will take precedence over 'allowfullscreen'.
security	warning	URL: https://www.surveymonkey.com/r/ZCHSW3F?embedded=1(Line 109) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

advisorsdigitaledge.lpages.co
advisorsdigitaledgeseminars.lpages.co
ajax.googleapis.com
api.leadpages.io
cdn.signalfx.com
cdn.smassets.net
connect.facebook.net
d.adroll.com
d10lpsik1i8c69.cloudfront.net
embed.lpcontent.net
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
js.center.io
lh3.googleusercontent.com
maps.google.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
player.vimeo.com
prod.smassets.net
rum-ingest.us1.signalfx.com
s.adroll.com
secure.surveymonkey.com
security.hafenfinancialpresents.com
settings.luckyorange.net
static.leadpages.net
vimeo.com
widget.surveymonkey.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.surveymonkey.com
rum-ingest.us1.signalfx.com
108.138.7.16
146.75.118.109
151.101.128.217
162.159.138.60
172.67.75.100
18.155.139.94
18.155.153.28
2001:4860:4802:34::15
2600:9000:2644:3e00:6:9280:1080:93a1
2606:4700::6812:bcf
2a00:1450:4001:800::2004
2a00:1450:4001:803::200a
2a00:1450:4001:803::200e
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:cc3:fe04:bf61:ba9a:8199:2b0f
34.107.203.240
34.120.202.204
35.192.151.63
35.202.21.90
65.9.66.29
65.9.66.4
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
04973f96fb9c6e41af1fc9486d48e8936d01498f8eedb266616bacd866e2e6c5
0508bee3bd0ea33e595d096522a5c0b157f5fb496d2f2f443a7cd22291218980
0526bb9ba9c876d6ce679e94fa6451a58d2adab3f518ba14f1d43108986acb81
05d3e1a634f5ef8b888813a5413e63c577b4f71c8d2c6beda16d19d26ada8c14
0a57ed751b6fed5edb4970e00fd96d001170bca7761f4b3e6cb9db4b5088c4d9
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
17b2a47720dd8abed7db78358e56d8b6fd5063cc18d9badafb8fd1cd49c14311
1c610485b34da42edfe3dd95de3cd150158393e71403e357d8d6454b3e30b435
1e6b21e69b0f9e0f8b03ae254acfb8a48fdd2e2dd06e0d0e9e342b25fdf0a25c
25f032e92c1ba144f58964555f8b879ed9d50b63c703a0d443d4722f77f648db
272e00782301eec87d4a03f8705bae38c491c5b42a7caaf813dcf54057353110
28f23033e0833a5cdbfc7682fdcc1cf8f33e42513fd65deaca8c2ee79fd87ad8
2afce6a1367ba94e04980e549a5c71fe5cbb32b8e02fa5b4a5dce410dd5a44ec
2e716f8f45f4567bfc4221353a90b7e748556f30e527ee3c16f5c2f598858322
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3a9cc98e6d1897ee8ed2860fea20646e9532d3ed5ce0eb51c8af481036e3f247
3cbeb9152582ba3ecabd9117b802e295627331b8c473f5f76f8cdacdd1270217
3db3cfdeea40ed416ef416ac9a182277be7aa30e0cd98bf6335b9dd80bd60fa5
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
46363740103d99445256b74206aa302ba5f543ade69ac31901e2e7647878ec33
47d0521be4bd6e6ecdbc4bf9b55d1d1f7b0a0da7d5f55f4c245179f31f6c5ead
4c586068701f20d46efcd90896d317fa49fc4a7f6c9e35ed42f9c79aa91f2c1d
512c7ec42048b48624853960163f28cdaeb4abd46e8e6d9c517aa728537076b0
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
5aefcc68ff56d078478fc4e14f24140c2eba2bfa03f79ac7c8897a1a4b67e1c4
6345ede1de8ae9ec09a174bedb7158651b5045415c20c38d8a135f8c382557f8
63f142c7ed7eb20faf91e3887f8abb696900f6f386b767c2cf09146bb53cb9ab
672be51c060236e6be0f7ae914565583d0f3ba1353f7845404afa81fbd95cc5c
69725467e06f9514310e27cfd18f2c04e857c1acde2cf67ab91971d5bb765622
69f31566d58ee19706a2f8e1ba4f1df5152d2112b2e3da32bea647b846d4409d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd8301ed4af18dd47b1a1055afec71618f8bdbd565a1a370c138ae3a3608696
6e24336b2c46212f552712f9388860eb4d01f99c94614919d30c03df806b5899
704dc7c75b580953710c22720a7d6196ca037e1993e0d554562fe604ab1fcf0d
7135c8774f32cc6a0bc4cb4f5c21bfd6826c43bb48468d46a0c0781bfe6c6602
71fc1cb5000d7c977317152f834714cc11702a3d0b8eed8ec6eb70a722fe1a22
757b52cddbf665cd40625461e49d89b01fbce69169bcf95389fe72e1217db4a1
77e870dd37a97aff3ff09ba46e00f023cda7fce3e4791e3103d4e5b401009333
86b8415bd8fe2705c92ff8007d544f7b56241add0d0e23ba2b3dfc49a7f10c33
8924a5e7cde8b8cfd7fb9b9540e794993ba9dcbbc371ce9ca7c91924ef2d73b1
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8e532a65de40f24689fd0bb8ca1bd8ddd401bdfb0c6987bcbf1ef2fae1e9dcd2
916d8c34d4eb25b28a6418328131ee9473400214a5660cb1f385674851f12c64
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a1c20619f7207113a221fa91bf8c4c7c676facf10cbfce20f614a9b6cf6411e
9ab3452079f6e91936df55c83bd89bd5f91e2ceb250e6ab5479fd14579f50805
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a5e2530942e8be1dcb92a1c4aa1b1ddb2119db9e88bbbe116d365694985b2a39
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
b3db62c16d038b8e5a98ee66a6ea2c9f957072e013a0c84392ecc007b13c1a16
b551513433d2a4de242352a0e445c1b83010c0bf63b3c9a91c96cf2f89e92769
bd7bb9315ae993385eafe280b9ab47c677c99cb0a216229044bd5dd42305b855
bea4b6b838fce3abb195561547175c783c84308e3221c12aa48fa590e8234e26
bfd5b35c6d64341d5bbbc9cb45b5c98c5e279fabb5f8f44373990c6fd5395cbe
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c7e022d03458278aabb7ce6892ddeef5736041de037d0d64adedc2eb1d82850b
ca2efb17cf4a6a3ac0d04003fb3324d409f5dc9d7188cb6262fae05f22f6df55
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca88bc8a2e624938a13db01285aa7006eb6fbb0c3f3ce2b0675512cb1a05a65e
cad509336f8eb04dfaf47fc91cc88c8d1a1646f2f4f9c2c0ca79ee1dd05d45e7
cb914cdb76fc9f7d36f890fe7953d73892069cdc63957bb5341ca56be6e3a10f
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d0e65d0f41fd1aefae7e5e12d61a1142b7de6bc1403015b1d517ae069c7d3d23
d27ed7a50d7634cdf0e5158c9a3a08ef87973e39253e0bb961feee107f0dfde4
db662d71be2f274e23cc6f24bd0db81ce1838ff22c8d0c6abc1207fb3fa89946
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decdf198c825c817443bd2299df3947f0e64a5faf578c11819208c204b73ac71
e0ebf146d5aa80264526b48873cb5ee062d6b6c2c947b0b359230a8830cf2c5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e515bb968d71ad7c7d3d7d0207798342e1ccc3a81c0c86dd9a46cf770e1e793a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f350c47965ef51cede092ae85337ea29db6abc554cf9c85d681e08d36583b04b
f417dd89b1b905f4005be55500cfee152f1f704db2aa5f3fb60f94d7d4ea7dcd
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbce0937c19e459760b982365fb68e923a49d5f44414375838d659a561ca2223
ff5cab79b983af6ad684c63e442178a67a8167431e39bd26873076f3b2c3bce9

security.hafenfinancialpresents.com Open in urlscan Pro 35.202.21.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

98 %HTTPS

55 %IPv6

23 Domains

37 Subdomains

29 IPs

4 Countries

3601 kBTransfer

13153 kBSize

16 Cookies

3 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

security.hafenfinancialpresents.com Open in urlscan Pro
35.202.21.90 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

98 %
HTTPS

55 %
IPv6

23
Domains

37
Subdomains

29
IPs

4
Countries

3601 kB
Transfer

13153 kB
Size

16
Cookies

106 HTTP transactions
1 data transactions