wealthyretirement.com Open in urlscan Pro
18.233.27.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://events-b.mb.wealthyretirement.com/z/17g5fzdvc?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&ut...
Effective URL:
https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa...
Submission: On June 23 via api (June 23rd 2022, 2:53:21 pm UTC) from CH — Scanned from DE

Summary HTTP 173 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 69 IPs in 8 countries across 53 domains to perform 173 HTTP transactions. The main IP is 18.233.27.104, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is wealthyretirement.com.
TLS certificate: Issued by R3 on June 11th 2022. Valid for: 3 months.

This is the only time wealthyretirement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6810:cf3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.233.27.104 18.233.27.104	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
3	54.231.130.17 54.231.130.17	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.217.169.56 52.217.169.56	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.92 65.9.66.92	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	65.9.66.22 65.9.66.22	16509 (AMAZON-02) (AMAZON-02)
3	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	44.227.121.110 44.227.121.110	16509 (AMAZON-02) (AMAZON-02)
4	143.204.215.5 143.204.215.5	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2010	15169 (GOOGLE) (GOOGLE)
12	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
2	44.240.141.78 44.240.141.78	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::622	54113 (FASTLY) (FASTLY)
16	2.21.20.143 2.21.20.143	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.205.143.103 18.205.143.103	14618 (AMAZON-AES) (AMAZON-AES)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.72.41.193 52.72.41.193	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:ef:... 2a02:26f0:ef:295::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.123 65.9.66.123	16509 (AMAZON-02) (AMAZON-02)
1	23.35.229.86 23.35.229.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	99.86.4.101 99.86.4.101	16509 (AMAZON-02) (AMAZON-02)
22	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
3	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.51.216.125 52.51.216.125	16509 (AMAZON-02) (AMAZON-02)
1	54.164.14.138 54.164.14.138	14618 (AMAZON-AES) (AMAZON-AES)
1 5	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.209.107.65 52.209.107.65	16509 (AMAZON-02) (AMAZON-02)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:205... 2600:9000:2057:2600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	3.125.77.13 3.125.77.13	16509 (AMAZON-02) (AMAZON-02)
1	54.77.1.80 54.77.1.80	16509 (AMAZON-02) (AMAZON-02)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.198.158.44 18.198.158.44	16509 (AMAZON-02) (AMAZON-02)
1 2	54.229.131.207 54.229.131.207	16509 (AMAZON-02) (AMAZON-02)
2 2	54.84.45.101 54.84.45.101	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4602:f850:4eec:7dd:fbc1	14618 (AMAZON-AES) (AMAZON-AES)
1	44.198.216.154 44.198.216.154	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:612... 2600:1f18:612b:4200:c26a:81b8:fdad:e020	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
173	69

1 2606:4700::6810:cf3f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

events-b.mb.wealthyretirement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.233.27.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-27-104.compute-1.amazonaws.com

wealthyretirement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.231.130.17 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

portrait-tracker.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.217.169.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-92.fra56.r.cloudfront.net

cdn.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-22.fra56.r.cloudfront.net

accessibilityserver.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.227.121.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-121-110.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.215.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-5.fra53.r.cloudfront.net

dnzkifeab6.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.240.141.78 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-141-78.us-west-2.compute.amazonaws.com

api.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.21.20.143 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-143.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.205.143.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-143-103.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.41.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-41-193.compute-1.amazonaws.com

e-10348.adzerk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef:295::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-101.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.191 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.216.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-216-125.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.14.138 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-14-138.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.107.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-107-65.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.62 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.22 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.29.65 (Milan, Italy) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:2600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.77.13 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-77-13.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.1.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-1-80.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.158.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-158-44.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.131.207 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-131-207.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.45.101 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-45-101.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:f850:4eec:7dd:fbc1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.216.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-216-154.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:c26a:81b8:fdad:e020 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	2 KB
16	akamaihd.net embedwistia-a.akamaihd.net — Cisco Umbrella Rank: 15543	4 MB
12	wistia.net fast.wistia.net — Cisco Umbrella Rank: 9080	327 KB
12	amazonaws.com portrait-tracker.s3.amazonaws.com — Cisco Umbrella Rank: 337353 s3.amazonaws.com dnzkifeab6.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 343865	511 KB
11	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727 sslwidget.criteo.com — Cisco Umbrella Rank: 1530 widget.us.criteo.com — Cisco Umbrella Rank: 16628 dis.criteo.com — Cisco Umbrella Rank: 717	20 KB
11	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	245 KB
9	lytics.io c.lytics.io — Cisco Umbrella Rank: 5366	61 KB
7	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 408 ib.adnxs.com — Cisco Umbrella Rank: 244	7 KB
7	bing.com bat.bing.com — Cisco Umbrella Rank: 362	12 KB
5	wealthyretirement.com 1 redirects events-b.mb.wealthyretirement.com wealthyretirement.com	41 KB
4	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 745 ads.yahoo.com — Cisco Umbrella Rank: 1058 ups.analytics.yahoo.com — Cisco Umbrella Rank: 299	1 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	5 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	5 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 1975 tr.outbrain.com — Cisco Umbrella Rank: 1779 sync.outbrain.com — Cisco Umbrella Rank: 694	5 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627 script.hotjar.com — Cisco Umbrella Rank: 904 vars.hotjar.com — Cisco Umbrella Rank: 917 in.hotjar.com — Cisco Umbrella Rank: 1509	67 KB
4	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4992 distillery.wistia.com — Cisco Umbrella Rank: 7165 pipedream.wistia.com — Cisco Umbrella Rank: 7287	2 KB
4	userway.org cdn.userway.org — Cisco Umbrella Rank: 6009 api.userway.org — Cisco Umbrella Rank: 5848	35 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 543 i6.liadm.com — Cisco Umbrella Rank: 1491	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5448	719 B
3	google.com www.google.com — Cisco Umbrella Rank: 8	719 B
3	getblueshift.com cdn.getblueshift.com — Cisco Umbrella Rank: 13346 api.getblueshift.com — Cisco Umbrella Rank: 9878	3 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 681 cdn.stickyadstv.com — Cisco Umbrella Rank: 2277	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 642	854 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1528	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321	140 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 369	7 KB
2	adzerk.net e-10348.adzerk.net — Cisco Umbrella Rank: 613671	3 KB
2	taboola.com trc.taboola.com — Cisco Umbrella Rank: 672 sync-t1.taboola.com — Cisco Umbrella Rank: 1188	330 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	142 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 909	418 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2264	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1285	428 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	35 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 653	163 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1626	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2006	336 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 659	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 529	787 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 410	140 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 611	225 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 336	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1515	427 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 2143	232 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 606	14 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 669	71 KB
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 422	1 KB
1	accessibilityserver.org accessibilityserver.org — Cisco Umbrella Rank: 24450	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 429	19 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 630	30 KB
173	53

	Domain	Requested by
22	www.facebook.com
16	embedwistia-a.akamaihd.net	fast.wistia.net
12	fast.wistia.net	c.lytics.io fast.wistia.net
11	connect.facebook.net	wealthyretirement.com connect.facebook.net
9	c.lytics.io	portrait-tracker.s3.amazonaws.com c.lytics.io wealthyretirement.com
7	bat.bing.com	wealthyretirement.com bat.bing.com
5	s3.amazonaws.com	wealthyretirement.com www.googletagmanager.com
4	secure.adnxs.com	3 redirects
4	dis.criteo.com
4	gum.criteo.com	3 redirects static.criteo.net
4	dnzkifeab6.execute-api.us-east-1.amazonaws.com	portrait-tracker.s3.amazonaws.com
4	wealthyretirement.com	wealthyretirement.com portrait-tracker.s3.amazonaws.com
3	ib.adnxs.com	3 redirects
3	www.google.de
3	www.google.com
3	cdn.userway.org	accessibilityserver.org
3	portrait-tracker.s3.amazonaws.com	wealthyretirement.com portrait-tracker.s3.amazonaws.com
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	idsync.rlcdn.com
2	tr.outbrain.com	amplify.outbrain.com
2	sp.analytics.yahoo.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com portrait-tracker.s3.amazonaws.com
2	s.yimg.com	wealthyretirement.com portrait-tracker.s3.amazonaws.com
2	e-10348.adzerk.net
2	distillery.wistia.com	fast.wistia.net
2	api.getblueshift.com	portrait-tracker.s3.amazonaws.com
2	www.googletagmanager.com	portrait-tracker.s3.amazonaws.com wealthyretirement.com
1	d.turn.com	1 redirects
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	s.ad.smaato.net
1	contextual.media.net
1	eb2.3lift.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	ups.analytics.yahoo.com
1	ads.yahoo.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	pipedream.wistia.com	fast.wistia.net
1	in.hotjar.com	portrait-tracker.s3.amazonaws.com
1	mug.criteo.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	portrait-tracker.s3.amazonaws.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	amplify.outbrain.com	wealthyretirement.com
1	static.hotjar.com	wealthyretirement.com
1	static.criteo.net	www.googletagmanager.com
1	snap.licdn.com	wealthyretirement.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.optimizely.com	www.googletagmanager.com
1	fast.wistia.com	fast.wistia.net
1	storage.googleapis.com	c.lytics.io
1	trc.taboola.com
1	api.userway.org	portrait-tracker.s3.amazonaws.com
1	accessibilityserver.org	wealthyretirement.com
1	cdn.getblueshift.com	portrait-tracker.s3.amazonaws.com
1	cdn.jsdelivr.net	wealthyretirement.com
1	code.jquery.com	wealthyretirement.com
1	events-b.mb.wealthyretirement.com	1 redirects
173	79

This site contains links to these domains. Also see Links.

Domain
e-10348.adzerk.net
oxfordclub.com
privacyportal-cdn.onetrust.com

Subject Issuer	Validity	Valid
wealthyretirement.com R3	`2022-06-11` - `2022-09-09`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.getblueshift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
accessibilityserver.org Amazon	`2021-12-09` - `2023-01-05`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2022-05-26` - `2022-08-24`	3 months	crt.sh
api.userway.org Amazon	`2021-11-02` - `2022-11-30`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2022-03-10` - `2023-04-08`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.wistia.com Amazon	`2022-03-02` - `2023-03-31`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.adzerk.net Amazon	`2021-12-06` - `2023-01-02`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-01` - `2022-06-30`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-13` - `2022-08-03`	2 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
Frame ID: 08046FC0301E4BC05E994E66D2F75F13
Requests: 92 HTTP requests in this frame

Frame: https://portrait-tracker.s3.amazonaws.com/index.html
Frame ID: 7DABAA152542D7DAF35BD2A538C951B6
Requests: 1 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
Frame ID: 3D05EFF28BD7147944A74FC9B80F2538
Requests: 34 HTTP requests in this frame

Frame: https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait
Frame ID: F30B9F8649CCB2858410F3FC0424A94B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=wealthyretirement.com&origin=onetag
Frame ID: A4AF6819800BB4A7337B9D9BC1DFC8DF
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 38A465774762F84DEB3B589F8138D0A6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2CCF70F861F92CD8EA5AE7C2E40C348F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E0F0814EC03F1B10D71A188A02281661
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1346B24DD25A83C23DDC9DD97002F477
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 67579B8BBB4AD4BBE1297483151DB35A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D0745B126E163CC87B16FB34EF906A7D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1E153FEE7391125F4246AD99E8FEF6C4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FA5457E2092376BA22F3D52F7477FE44
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EDA9F0667E47F7609E8B79AED0179CA1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8F164981C2B344A44DEFECDB9244572F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9C5F312F92C79DF2B60DF01B287BEE55
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nhnnNr-QHnSJUaZJNgwPglXlsIhjQZnFj6ngFw&google_gid=CAESEDHggFblo-Yi-lm19Ct1i2E&google_cver=1&google_ula=913071,0
Frame ID: BEBFA631734C053BEC2E468457DA30E2
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The U.S. Already Has Double-Digit Inflation

Page URL History Show full URLs

https://events-b.mb.wealthyretirement.com/z/17g5fzdvc?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=f1dbdd9a-f2c0-44a8-... HTTP 307
https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

173
Requests

91 %
HTTPS

39 %
IPv6

53
Domains

79
Subdomains

69
IPs

8
Countries

5769 kB
Transfer

8837 kB
Size

68
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://e-10348.adzerk.net/r?e=eyJ2IjoiMS4xMCIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDgsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6NzI1OTg5OTIsImRpIjoiNjZiZTliYjUzZTNhNDU5NGI5ODY2MDNhZmMwMjJkYjkiLCJkaiI6MCwiaWkiOiI4NzFlMmIwYTU4YjM0NTQ1OWMzMmExYTNhMGVlMjFmNCIsImRtIjozLCJmYyI6MjMwNDQ2MzgzLCJmbCI6MTc1NDM2MTcsImlwIjoiNTQuODkuMjI0Ljc0IiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjIwLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo2LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYmFlNGE0MmY3NjQ5N2MwYyIsInNwIjo5OTk4MTYsInN0IjoxMTU1MTk5LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtMDNhYThmYjU5YTBjNDYwYWIwMjE2ZGIyNjM4ZTE0YjIiLCJ0cyI6MTY1NTk5NTk5NTkyNCwicG4iOiJlbWFpbGFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJ1ciI6bnVsbH0&s=Skio1qEvQyLp2Jkkidd_WM1YStY&url=https%3A%2F%2Fpro.oxfordclub.com%2Fm%2F2022822%3Fs4=webview%26s6=20220621_wr_nonmwl%26s5=wealthre%26adz_e%3DeyJ2IjoiMS4xMCIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDgsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6NzI1OTg5OTIsImRpIjoiNjZiZTliYjUzZTNhNDU5NGI5ODY2MDNhZmMwMjJkYjkiLCJkaiI6MCwiaWkiOiI4NzFlMmIwYTU4YjM0NTQ1OWMzMmExYTNhMGVlMjFmNCIsImRtIjozLCJmYyI6MjMwNDQ2MzgzLCJmbCI6MTc1NDM2MTcsImlwIjoiNTQuODkuMjI0Ljc0IiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjIwLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo2LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYmFlNGE0MmY3NjQ5N2MwYyIsInNwIjo5OTk4MTYsInN0IjoxMTU1MTk5LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtMDNhYThmYjU5YTBjNDYwYWIwMjE2ZGIyNjM4ZTE0YjIiLCJ0cyI6MTY1NTk5NTk5NTkyNSwicG4iOiJlbWFpbGFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJldCI6Mn0%26adz_s%3D6njjt1hNZwcpRTGh_LWJYyuOPz4%26adz_p%3DETBLY531
Title: Are you sitting down?

Search URL Search Domain Scan URL

URL: https://e-10348.adzerk.net/r?e=eyJ2IjoiMS4xMCIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDgsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6NTQzNzI0NTUsImRpIjoiNjZiZTliYjUzZTNhNDU5NGI5ODY2MDNhZmMwMjJkYjkiLCJkaiI6MSwiaWkiOiJjOTMwODZmYjFkMDg0NGY5ODJlNmU1MzRmODNlNDdkOCIsImRtIjozLCJmYyI6MjMwNDQ2NjE4LCJmbCI6MTc1NDM2MTcsImlwIjoiNTQuODkuMjI0Ljc0IiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjIwLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo2LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYmFlNGE0MmY3NjQ5N2MwYyIsInNwIjo5OTk4MTYsInN0IjoxMTU1MTk5LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtMDNhYThmYjU5YTBjNDYwYWIwMjE2ZGIyNjM4ZTE0YjIiLCJ0cyI6MTY1NTk5NTk5NTkyNiwicG4iOiJlbWFpbGFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJ1ciI6bnVsbH0&s=NpXRBhSGDYPKidoiuD59GCyzuQs&url=https%3A%2F%2Fpro.manwardpress.com%2Fm%2F2022938%3Fs4=webview%26s6=20220621_wr_nonmwl%26s5=wealthre%26adz_e%3DeyJ2IjoiMS4xMCIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDgsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6NTQzNzI0NTUsImRpIjoiNjZiZTliYjUzZTNhNDU5NGI5ODY2MDNhZmMwMjJkYjkiLCJkaiI6MSwiaWkiOiJjOTMwODZmYjFkMDg0NGY5ODJlNmU1MzRmODNlNDdkOCIsImRtIjozLCJmYyI6MjMwNDQ2NjE4LCJmbCI6MTc1NDM2MTcsImlwIjoiNTQuODkuMjI0Ljc0IiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjIwLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo2LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYmFlNGE0MmY3NjQ5N2MwYyIsInNwIjo5OTk4MTYsInN0IjoxMTU1MTk5LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtMDNhYThmYjU5YTBjNDYwYWIwMjE2ZGIyNjM4ZTE0YjIiLCJ0cyI6MTY1NTk5NTk5NTkyNiwicG4iOiJlbWFpbGFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJldCI6Mn0%26adz_s%3DrtYl43NeMQ7oDx1a6U0ReZsXm8Q%26adz_p%3DEMTDY596
Title: $400,000 Bitcoin??

Search URL Search Domain Scan URL

URL: https://oxfordclub.com/affiliates/?referralFranchise=WR
Title: Partner With Us

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/90ddaa87-9d70-4282-9d4f-d6cbd96bd224/c4dd28cf-6762-4f86-acf4-3e1c6ec51a3a.html
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://events-b.mb.wealthyretirement.com/z/17g5fzdvc?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_mime_type=html&bsft_tv=11&bsft_lx=2 HTTP 307
https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1655995996201&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26utm_campaign%3D20220621_wr_nonmwl%26utm_content%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26bsft_tv%3D11%26src%3Demail%26bsft_lx%3D2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D518825%26time%3D1655995996201%26url%3Dhttps%253A%252F%252Fwealthyretirement.com%252Fwebview%252Fwe-already-have-double-digit-inflation%253Fbsft_utid%253D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%2526bsft_clkid%253D246df74d-4cf5-489a-9c9f-8b14e2ea426c%2526bsft_aaid%253Dba611593-2123-403a-9286-2afa6fa671c2%2526bsft_eid%253D65f5e853-f9d1-44eb-a893-835cf6712251%2526bsft_uid%253D5ebec341-8e79-4078-ad86-82f483c1ad30%2526bsft_mid%253Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%2526bsft_ek%253D2022-06-21T21%25253A00%25253A41Z%2526utm_campaign%253D20220621_wr_nonmwl%2526utm_content%253D20220621_wr_nonmwl%2526utm_source%253Dwealthre%2526bsft_mime_type%253Dhtml%2526utm_medium%253Demail%2526bsft_tv%253D11%2526src%253Demail%2526bsft_lx%253D2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1655995996201&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26utm_campaign%3D20220621_wr_nonmwl%26utm_content%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26bsft_tv%3D11%26src%3Demail%26bsft_lx%3D2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1655995996201&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26utm_campaign%3D20220621_wr_nonmwl%26utm_content%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26bsft_tv%3D11%26src%3Demail%26bsft_lx%3D2&liSync=true&e_ipv6=AQLAWP0XPhGSpgAAAYGRDZpf4W7eRWgagfFreqsklWe7fzTK1jGV66GE_Dl-OC9PsPLpmRlg7A

Request Chain 103

https://gum.criteo.com/sid/json?origin=onetag&domain=wealthyretirement.com&sn=ChromeSyncframe&so=0&topUrl=wealthyretirement.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=BYPS0nx1TlVtbG8xSHZWY0tLTUEwNk1HMEN0YVNVeXNFVDFPL2Nqd1UvYk1ndlM2NFowdHRWMTNTWm5mbXhVcER6aXF3QjE5elUzcGlaOUM5aG8rdkFZdE9lSzcyUC9tMWVDSDdQcTZyZm03NXlxSzA1OFU3MW92eDU2UmNya3hJSklSdTlEdnJhMWxvU2R1VXpUUzZqTWdWMnhqcWI5RE5hMzR3MXp0VTJUdVdDWWJFWUlMMlhsL2JXbTY0R2N4L29qZ2VGL2dJd1JDYWxDbUJKQ21kSWhHVTNCT3NuWWswY0VoVDdkR05MbGZIZUhrWnAwai92ZEJVTXZOS1JrbmFSUFduSFBiQjFSNi8zN0JpMjhsQkowWnM5OTI5Nit2dlhTdDhDbnQ2RDVyYlBKND18&cppv=2

Request Chain 132

https://sslwidget.criteo.com/event?a=55939&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=cG4sbV80TlVwY1RvaXRPWDI2JTJGVW9kTTBFTiUyQk5WbG9jMXZZTXVpeHlxZFV1bU02M25KZzR0YVhnOUdzOWtPS1NHbklMQUZ0ZlR1R0hXJTJGUjVjMlc4c0FWc00lMkYxSXppejQlMkJvaGpLdEQ5QmRjbm5tU0N4bnQzV1FwQUVCOWY3NlNZRXExRzFBS1p5eDUlMkJJdTh2ZmpwM3NlaWN0UEs3UjRXa2dwampjc0tSa3V1VXVjejglM0Q&tld=wealthyretirement.com&ful=623&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-407&dtycbr=25079 HTTP 302
https://widget.us.criteo.com/event?a=55939&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=cG4sbV80TlVwY1RvaXRPWDI2JTJGVW9kTTBFTiUyQk5WbG9jMXZZTXVpeHlxZFV1bU02M25KZzR0YVhnOUdzOWtPS1NHbklMQUZ0ZlR1R0hXJTJGUjVjMlc4c0FWc00lMkYxSXppejQlMkJvaGpLdEQ5QmRjbm5tU0N4bnQzV1FwQUVCOWY3NlNZRXExRzFBS1p5eDUlMkJJdTh2ZmpwM3NlaWN0UEs3UjRXa2dwampjc0tSa3V1VXVjejglM0Q&tld=wealthyretirement.com&ful=623&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-407&dtycbr=25079

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-nhnnNr-QHnSJUaZJNgwPglXlsIhjQZnFj6ngFw&google_cm&google_hm=ay1uaG5uTnItUUhuU0pVYVpKTmd3UGdsWGxzSWhqUVpuRmo2bmdGdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nhnnNr-QHnSJUaZJNgwPglXlsIhjQZnFj6ngFw&google_gid=CAESEDHggFblo-Yi-lm19Ct1i2E&google_cver=1&google_ula=913071,0

Request Chain 138

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=2HR2nGhmX6nXwqbfrbp1NVsAhCjyjv9M

Request Chain 147

https://secure.adnxs.com/setuid?entity=52&code=k-137efL-QHnSJUaZJNgwPglXlsIh_Y4lF7KIujg&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-137efL-QHnSJUaZJNgwPglXlsIh_Y4lF7KIujg%26seg%3D95287

Request Chain 148

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3221481021941392353

Request Chain 152

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NiiSDL-QHnSJUaZJNgwPglXlsIi9GTvjPleINA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NiiSDL-QHnSJUaZJNgwPglXlsIi9GTvjPleINA&C=1

Request Chain 154

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-gP8mqr-QHnSJUaZJNgwPglXlsIgGB2Cw7l9d8A&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-gP8mqr-QHnSJUaZJNgwPglXlsIgGB2Cw7l9d8A&expires=30&user_group=5

Request Chain 160

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ThnXZr-QHnSJUaZJNgwPglXlsIhRPUh8ao_JrQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ThnXZr-QHnSJUaZJNgwPglXlsIhRPUh8ao_JrQ

Request Chain 161

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-lMulwr-QHnSJUaZJNgwPglXlsIhbMKISS3icTw HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-lMulwr-QHnSJUaZJNgwPglXlsIhbMKISS3icTw&_li_chk=true&previous_uuid=b922581dbc8a4964ad6b280497ebfd3c HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-lMulwr-QHnSJUaZJNgwPglXlsIhbMKISS3icTw

Request Chain 164

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-CikNXL-QHnSJUaZJNgwPglXlsIjDzec0wemk2g&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 167

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/kkCVCQpg0MTdSrhAJAREK8H9jOgOoVn0/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2800566003983153735

Request Chain 170

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3221481021941392353

173 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
wealthyretirement.com/webview/we-already-have-double-digit-inflation/
Redirect Chain

https://events-b.mb.wealthyretirement.com/z/17g5fzdvc?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_ek=20...
https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=202...

12 KB
3 KB

539ms
331ms

Document
text/html

18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ea19442df750c76d1acce0c19123c0a7d4a8ea6173068f315e989d46b12a30e5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=UTF-8
Date: Thu, 23 Jun 2022 14:53:13 GMT
Server: nginx
Transfer-Encoding: chunked
X-Cache-Status: BYPASS

Redirect headers

access-control-allow-headers: Content-Type, X-Api-Key
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 71fe0d416e29bbad-FRA
content-type: text/html; charset=utf-8
date: Thu, 23 Jun 2022 14:53:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
pragma: no-cache
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: b1a5d482-671e-4617-87bc-0d604581305e
x-runtime: 1.161198
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 46ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://wealthyretirement.com/
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:13 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1655995993.dop168.fr8.t,1655995993.cds167.fr8.hn,1655995993.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H/1.1 200
OK all.js Show response
portrait-tracker.s3.amazonaws.com/ 37 KB
38 KB 422ms
117ms Script
application/javascript 54.231.130.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/all.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 415422ec9a8645bc4a15ba4a860e5a7cb133038c69b28d7a23f3febfc40f9242

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:14 GMT
Last-Modified: Tue, 17 May 2022 20:14:26 GMT
Server: AmazonS3
x-amz-request-id: 3MXSVTBY1D954DFC
ETag: "faa72930cbf681cb6fe7023413f1978b"
Content-Type: application/javascript
x-amz-version-id: YFZSMuVueqXRStn.kw7bvcS_1lf7ZK_q
Accept-Ranges: bytes
Content-Length: 38262
x-amz-id-2: d8YjZRW9Zd9Nm33B43hWzJXrh8c3OhK9iM8QKjO/0v3qO8AEYdmi9yYi9S9Jfl1r1H1UJLJfkJs=

GET
H2 200 foundation.min.css
cdn.jsdelivr.net/npm/foundation-sites@6.7.4/dist/css/ 132 KB
19 KB 66ms
28ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/foundation-sites@6.7.4/dist/css/foundation.min.css

Requested by

Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

229d6077e7d50edc21b4fbde98ddd834327691ca0c12f91e99a38ae42e1a9116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8140480
x-jsd-version: 6.7.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19174-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"20ef1-bhEYyg3UHPtQeklGmSXYZB57t6s"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imOCfcHsO9Ub9mCC3QtZEIBqOmSlz%2FFBtOcFAmccOQ4k5eAG%2BHyoqCzMwlwauksqY75YoQbdcKQgWGp18lmMK%2BoFkrdaFdo5azOtDl3vCIWqmOOCOxobGDRBM9jf%2BphMedAI7e2kZVxVIjmFCRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71fe0d505bfa01db-ZRH

GET
H/1.1 200
OK single-webview.css
wealthyretirement.com/wp-content/plugins/og-plugins-webview/styles/ 1 KB
603 B 97ms
96ms Stylesheet
text/css 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/og-plugins-webview/styles/single-webview.css
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 26a74aa295ceeba34b3ced6606085d0d0ddb1f2120ab099e6aa5aba3620750de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:13 GMT
Content-Encoding: br
Last-Modified: Wed, 22 Jun 2022 19:43:38 GMT
Server: nginx
ETag: W/"62b370ea-407"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK wealthy-retirement-logo.svg
s3.amazonaws.com/cdn.wealthyretirement.com/wp-content/uploads/2018/07/ 14 KB
14 KB 427ms
127ms Image
image/svg+xml 52.217.169.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.wealthyretirement.com/wp-content/uploads/2018/07/wealthy-retirement-logo.svg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bb9d2e9db7611ec45ec27b7bfbf174b6b26c18215b64502b8756711ac3b1c767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:15 GMT
Last-Modified: Mon, 09 Jul 2018 21:08:10 GMT
Server: AmazonS3
x-amz-request-id: 9N849EGEQP2KRJD8
ETag: "d9c31e6f3af9510bb2ec6b29a1486b8c"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 14156
x-amz-id-2: b5DFgrGR86NI0GCRB6LjGi6GHr73/Ijq79hZpX3ylouuDM1S+ZdeeSSG0qgRPYf+E7b5APfo/Xc=

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/ 65 KB
22 KB 37ms
20ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25294875032f9525d068cd8a2f5764cf60ac8a5927fee1c4e0cb8f560363c3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:14 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 808
content-encoding: br
last-modified: Thu, 23 Jun 2022 14:39:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIxk2I9dA1KPvWiCLOX86aK5ANhfaBD5S2jgfs9Wt54EQ6vGqup44nYV71L4d0HWCDbt6TbPyGz7kty7VMVuMxYWiBuL%2FSsp%2BsZWQLFzGSkNhhgH6CCMcwu8zyZy8c6OfFb%2BHoMaStsS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 71fe0d537be3916b-FRA

GET
H/1.1 200
OK blueshift.js Show response
cdn.getblueshift.com/ 4 KB
2 KB 31ms
7ms Script
application/javascript 65.9.66.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getblueshift.com/blueshift.js
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f72ed2dfeef063e009cb45581ae6df3d43bd0cf04c299cbde9ed456ae594f8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:51:32 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 08 Feb 2022 00:38:50 GMT
Server: AmazonS3
Age: 105
ETag: "e180e60ec878d69551a1c449b37c6552"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 1990
X-Amz-Cf-Id: mRza-6RMUSWtRynVne5efGSHTEBhrLvoSWYTxOV6yg0Q9f4jN4U8TA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 254 KB
75 KB 38ms
16ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4b281b8cb77be7ba0158b1755a7f5724504036b5f2801ef9730b470b765d0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76383
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 14:53:14 GMT

GET
H/1.1 200
OK index.html Show response
portrait-tracker.s3.amazonaws.com/ Frame 7DAB 2 KB
3 KB 125ms
124ms Document
text/html 54.231.130.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/index.html
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9b6554e3dbe9e11702720eb95ef8808b4e1e307bbec908ab5e6d0e1da2294470

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 2371
Content-Type: text/html
Date: Thu, 23 Jun 2022 14:53:15 GMT
ETag: "c029f674b13b082e9a03b16217c3f576"
Last-Modified: Wed, 03 Nov 2021 21:10:09 GMT
Server: AmazonS3
x-amz-id-2: JPkcWMI7bXKyxX02bx8XR+i4gaP9J5iX8bYU7gIsWAwZHcfAQI8+3FFZhSNZDgIAy4Tb2a6o+Y0=
x-amz-request-id: 9N89MM543GW71B8M
x-amz-version-id: X1zblgbOV1d.Qkc55AyQidmgNGbabuW5

GET
H2 200 widget.js Show response
accessibilityserver.org/ 1 KB
1 KB 34ms
8ms Script
application/javascript 65.9.66.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accessibilityserver.org/widget.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-22.fra56.r.cloudfront.net
Software: CDN77-Turbo /
Resource Hash: 3c3c65f927da48a919f53c62fbfb1c76bef32c8766923e8a02b618d7f793c42c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 23 Jun 2022 14:34:17 GMT
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront), 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-77-nzt-ray: /PVk8VIuLa4
age: 3113
x-77-cache: HIT
access-control-max-age: 3000
x-cache: Hit from cloudfront
x-age: 3095
content-encoding: br
x-77-nzt: Abk73BCMGgD/FwwAAA
last-modified: Thu, 23 Jun 2022 09:45:41 GMT
server: CDN77-Turbo
etag: W/"4b0a5d3a4c3fbe3dc0225397ba16660b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
x-amz-cf-pop: DUS51-C1, FRA56-C1
x-amz-cf-id: 86lw8_r-HrwQgbzUXtA8uA3MZnMjdeIf15xoFvODcQjxNCiCM1Cxhg==

GET
H2 200 widget_app_base_1655977387219.js Show response
cdn.userway.org/widgetapp/2022-06-23/ 115 KB
32 KB 62ms
13ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-06-23/widget_app_base_1655977387219.js
Requested by: Host: accessibilityserver.org
URL: https://accessibilityserver.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 821b95ee2680967cd414f8595b8b56e6c75ec0d5518b736e64aca1519ee7d2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 23 Jun 2022 14:53:14 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
etag: W/"bb2c6497bcad66f72142aaed4a677d0a"
age: 139
x-77-cache: HIT
x-cache: HIT
x-age: 17810
content-encoding: br
vary: Accept-Encoding
x-77-nzt: AZySIRljNVb/kkUAAA
x-accel-expires: @1681898184
last-modified: Thu, 23 Jun 2022 09:45:40 GMT
server: CDN77-Turbo
x-77-nzt-ray: YwbuYiZ5U/8
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: OBAGft3la2Lj2bxlFaP5yMuPzTvVCFZRj2LIydxbYjS8PK-m1fHwvw==

GET
H2 200 d6480b33-a20a-4829-b48d-c95b612b81ef Show response
c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/ 20 KB
5 KB 161ms
160ms Script
application/json 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/d6480b33-a20a-4829-b48d-c95b612b81ef?segments=true&fields=pub_circulation_status,su_list_email_status,bi_ltv&mergestate=true&state=%7B%22_uid%22%3A%22d6480b33-a20a-4829-b48d-c95b612b81ef%22%2C%22utm_campaign%22%3A%2220220621_wr_nonmwl%22%2C%22utm_source%22%3A%22wealthre%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_content%22%3A%2220220621_wr_nonmwl%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22wealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11%22%2C%22_v%22%3A%223.0.27%22%7D&ts=1655995994296&callback=u_674101861665210800

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eeafa097dc79b4a24f8f1c4b4015d24bcacb5cb9d2b11ea1f97a8b0a1799513

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 71fe0d546d37916b-FRA
date: Thu, 23 Jun 2022 14:53:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPOOFp1pPmiLg%2FzaNfbe%2BngVYMuWsmLoYzrP2ZKJs5G73KpkxRMUjg6qCC8ob4k1tUqLQPtFMGSElpMh088RPPH2dA%2FYoaemDBMuDC2rfSiemfpcCEKbQ7wzygUCRbsDRFSvOAWKKHXD"}],"group":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
549 B 124ms
124ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1655995994289&_nmob=t&_device=desktop&url=wealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&_v=3.0.27&_uid=d6480b33-a20a-4829-b48d-c95b612b81ef&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoQKMoI7dj644LNnKLTNLbOzuSgSDsKm0Ud3N%2BaqSJ1kCwFEeYjlFwDVsYeDf8AyefxJn1DEodmYiQpcQ1GDvdeZzwX%2FDDkRyJcCabrjnZkziyi6JXHwbKIOLTolhuvlzfza2ZnQy6gI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71fe0d546d3a916b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H2 200 ycrjEXSWMj Show response
api.userway.org/api/tunings/ 641 B
959 B 512ms
162ms XHR
application/json 44.227.121.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/ycrjEXSWMj
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.227.121.110 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-227-121-110.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e6ed5d8cd4489c9f70341dd6246fd8207587c1f00e9acd38bccf298275bb537d

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 23 Jun 2022 14:53:14 GMT
etag: W/"281-x22dIBD7QdsYdsBLC48UId8F4BM"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 641
x-service-version: uw-pr

POST
H2 200 GetBlueshiftUserData Show response
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 8 KB
8 KB 685ms
685ms XHR
application/json 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetBlueshiftUserData
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: /
Resource Hash: 454e7d6de52bab068a3456f54a7911b531aca5a3966734e4d357db1ffb06a687

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 3759c295-6bef-4c57-b659-8e621c56ecba
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62b47e5a-0402816d1bd15e9410f0d119;Sampled=0
x-cache: Miss from cloudfront
x-amz-apigw-id: ULiuNHeEIAMFXSA=
content-length: 7860
x-amz-cf-id: WfDs7lTYLaGQ_PENfwrt_iylQm3lddPf1ghgHUhoSWX_nRMJCWkFEg==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 GetBlueshiftUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 0
0 142ms
104ms Preflight
application/json 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetBlueshiftUserData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wealthyretirement.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 3
content-type: application/json
date: Thu, 23 Jun 2022 14:53:14 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-apigw-id: ULiuKE3QoAMFXOw=
x-amz-cf-id: p_ahSZzjKpQeAuqFVBKqwcG25_qZFzNAT2t6-2-nFXqIxtgEtuf9CQ==
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 210d6c39-87ce-4228-b3bf-f06f64ea2773
x-cache: Miss from cloudfront

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
231 B 81ms
39ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3Dd6480b33-a20a-4829-b48d-c95b612b81ef%26account_id%3D9c32784e3cc4888a693a7988ad64c63d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms: 24
pragma: no-cache
date: Thu, 23 Jun 2022 14:53:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1655995995.512398,VS0,VE24
x-served-by: cache-mxp6935-MXP
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 17ms
17ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 71fe0d589c65916b-FRA
date: Thu, 23 Jun 2022 14:53:14 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 23 Jun 2022 13:43:07 GMT
server: cloudflare
age: 4207
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3NSRZF1i7oDe6ao5sR9zassczmpW0%2FC%2FZFT7Jc5%2BGGcz9Y3gX0acg6QhKv7JT8z3RBqodmKdYLn6VLoA%2BwE6NHmEgs%2B6q2Jtp5yYqPQO7Zr8Z99p4avGLauVL88DU4h58VShZBLfShG"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 71fe0d58bca7916b-FRA
date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 23 Jun 2022 13:43:09 GMT
server: cloudflare
age: 4206
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xQkb9rJ7knfw7LpLIeG8UxsEuPV0xdqYk8812pU8X0EDXp3r%2BAjzxCa2X4wFqJgBV%2F4v9MOUiOqN%2B5wD0DbPFt0OdQTc5s3KT%2BirpBbKO2VdMAmBOi2rG0Dq%2FA7Y51LlE3h4jWbfkpY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 lytics_overrides.min.css
storage.googleapis.com/lioservices/2470-oxford-club/ 602 B
1 KB 32ms
9ms Stylesheet
text/css 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:48:19 GMT
age: 296
x-guploader-uploadid: ADPycdst1SPaeI1LDTNRQz_871T2WpkKFRKLzrqQJit1AlDtAaIqheM4XhYQAQf6_inZHeJqNkB9RZ-pEvnoWwQHTKqWXw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 602
last-modified: Thu, 04 Oct 2018 21:47:26 GMT
server: UploadServer
etag: "9df2d5ae6031369aa6e0f3685608cd8c"
x-goog-hash: crc32c=VZEimQ==, md5=nfLVrmAxNpqm4PNoVgjNjA==
x-goog-generation: 1538689646128559
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 602
accept-ranges: bytes
content-type: text/css
expires: Thu, 23 Jun 2022 15:48:19 GMT

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/ 45 KB
7 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

651078c24196c6c79ae72674bf04fe8cd86d36adae3d14f86f1b1cd92adee585

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 529
content-encoding: br
last-modified: Thu, 23 Jun 2022 14:44:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyMaK%2FjMdqwXzBq1QmI4Qu5iOo19LQXxxPGm7yO7bfnK2Ip0Su1%2B2JmNgjwrkZNAiaadfSqXNNgUcS%2BFxUJdLwMbzF%2FNwHyMQY3aOuhQTPmsJslKYmRRtfGlcWS9r%2BflevYI%2BXWnBIOc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 71fe0d58fcfc916b-FRA

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
472 B 128ms
128ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?pf-widget-id=7201585b3b470a5a8df9d40960e39f04&pf-widget-type=form&pf-widget-layout=modal&pf-widget-variant=1&pf-widget-event=show&_ts=1655995995056&_nmob=t&_device=desktop&url=wealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&_uid=d6480b33-a20a-4829-b48d-c95b612b81ef&_v=3.0.27&_uido=d6480b33-a20a-4829-b48d-c95b612b81ef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ondyQvEC2dUt7C4nDAAZSvOqpbTHAXs7kXB5%2FgSD2rAzPk%2BP8e1MfHNdBYJQHMuQ2mEK4kHCkelgioOcm%2Bp9dlpenKAU%2BvM8NAl87ZirkfNvIQA6CN36BuRHCYqfZ9U0YFymcunuinja"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71fe0d595d97916b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 vusn89uzxr Show response
fast.wistia.net/embed/iframe/ Frame 3D05 8 KB
3 KB 65ms
17ms Document
text/html 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c86d711931baa8aafe66a40ef8c65862dd035c8482fd09d7801aab87ef4fc99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 81676
cache-control: public, no-cache
content-encoding: br
content-length: 2925
content-type: text/html; charset=utf-8
date: Thu, 23 Jun 2022 14:53:15 GMT
etag: W/"6c86d711931baa8aafe66a40ef8c6586"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-browser-version: 103
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-content-type-options: nosniff
x-download-options: noopen
x-ecma-v: modern
x-permitted-cross-domain-policies: none
x-request-id: a272cde6a6171229620be8c0eb0f126a
x-runtime: 0.085997
x-served-by: cache-iad-kjyo7100051-IAD, cache-mxp6973-MXP
x-timer: S1655995995.173034,VS0,VE1

POST
H2 200 GetLyticsUserData Show response
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 21 KB
22 KB 576ms
576ms XHR
application/json 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: /
Resource Hash: 9d2a3bff45e30cac4ea8f689c481cb7efe307cac8d753cdb6ae582f26ff96346

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: e42af3aa-5458-41f5-bfbb-9bdb4d2a7628
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62b47e5b-3fe46a6351c9d0a35bf64ac7;Sampled=0
x-cache: Miss from cloudfront
x-amz-apigw-id: ULiuYE-7oAMFaIw=
content-length: 21658
x-amz-cf-id: h8zc1QaZVWAtWJAANUxDPaJDEzSEY4E2aq7HiB0Vb4v3ihvFwoncpg==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 0
0 285ms
284ms Preflight
application/json 143.204.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-5.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wealthyretirement.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 3
content-type: application/json
date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-apigw-id: ULiuUHinoAMFWEw=
x-amz-cf-id: 70dyKmLHnnGKncVsDxuEBEO7haRPDruMfNBR6MN43hQHHyWc_CfoyA==
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 3d5ee35c-6f17-442e-8329-23c3c68049c5
x-cache: Miss from cloudfront

POST
H/1.1 200
OK admin-ajax.php Show response
wealthyretirement.com/wp-admin/ 16 KB
4 KB 780ms
779ms XHR
text/html 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wealthyretirement.com/wp-admin/admin-ajax.php

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-27-104.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e8fe9a0948006991a6946eaebeb921f18d0aaca6eb80e4ee304ff6d502654c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 23 Jun 2022 14:53:15 GMT
Content-Encoding: br
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://wealthyretirement.com
Cache-Control: no-cache, must-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK ajax-loader.gif
portrait-tracker.s3.amazonaws.com/ 3 KB
4 KB 116ms
115ms Image
image/gif 54.231.130.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portrait-tracker.s3.amazonaws.com/ajax-loader.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:16 GMT
Last-Modified: Tue, 29 Sep 2020 18:47:39 GMT
Server: AmazonS3
x-amz-request-id: YNKK8QV3NKTTK3SY
ETag: "a51c5608d01acf32df728f299767f82b"
Content-Type: image/gif
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 3208
x-amz-id-2: 9CZaCptlHasJJ9MrfBPssZg8SStITZq6YuYIIrbQcbrRT5VwDfsm4Uk0Bvydx+ojyfbsbJbp4lA=

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
312 B 130ms
127ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?email=alan.katz%40ubs.com&_ts=1655995995196&_nmob=t&_device=desktop&url=wealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&_uid=d6480b33-a20a-4829-b48d-c95b612b81ef&_v=3.0.27&_uido=d6480b33-a20a-4829-b48d-c95b612b81ef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7kASiUaBt%2BAcYNthk8QioS%2Fo2hZGBqmmj6sbSxddsyccGECYlOr8Te4JcXZ12Cylo8Z%2BrDCUneRYNE62XMjlOQEq2A7beVl8wVpL5NTBMSme65fyFl%2B27SGnZYRXHtpz0uUuAcfIF32"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71fe0d5a7f44916b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 3D05 45 KB
12 KB 22ms
20ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

688de2863882cd4e85e4b6316aefb8f610ea02b62ca386fad5b735951e5d6125

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
content-encoding: br
vary: Accept-Encoding
age: 511
x-cache: HIT, HIT
content-length: 12040
x-served-by: cache-iad-kjyo7100020-IAD, cache-mxp6973-MXP
access-control-allow-origin: *
x-browser-version: 103
last-modified: Wed, 22 Jun 2022 19:29:35 GMT
x-timer: S1655995995.277651,VS0,VE0
etag: "62b36d9f-2f08"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame 3D05 595 KB
110 KB 26ms
25ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

10a7751411018f211fb1d5ec7127084a6a4975087bc621baefb3f2430b9c1094

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
content-encoding: br
vary: Accept-Encoding
age: 510
x-cache: HIT, HIT
content-length: 112346
x-served-by: cache-iad-kjyo7100091-IAD, cache-mxp6973-MXP
access-control-allow-origin: *
x-browser-version: 103
last-modified: Wed, 22 Jun 2022 19:29:35 GMT
x-timer: S1655995995.277812,VS0,VE0
etag: "62b36d9f-1b6da"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 8

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 14ms
13ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
age: 28
x-77-cache: HIT
x-cache: HIT
x-age: 178027
content-encoding: br
x-77-nzt: AZySIRm5ayz/a7cCAA
x-accel-expires: @1681737968
last-modified: Sat, 28 May 2022 16:05:58 GMT
server: CDN77-Turbo
x-77-nzt-ray: OUL9ITShv7Q
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: RubtDnxBaDcYTNdfO15ycr9dXJsUqxVIrIlB9P-53njXiv480jtcNA==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
age: 28
x-77-cache: HIT
x-cache: HIT
x-age: 178027
content-encoding: br
vary: Accept-Encoding
x-77-nzt: AZySIRndayn/a7cCAA
x-accel-expires: @1681737968
last-modified: Sat, 28 May 2022 16:05:58 GMT
server: CDN77-Turbo
x-77-nzt-ray: KfB2/WMVEXg
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Wyc8ri4KaIWcUuBDMD0rqMzyAsNHJi-2Fd4021lNav9GUeUy06avcw==

GET
H2 200 wistia-mux.js Show response
fast.wistia.net/assets/external/ Frame 3D05 128 KB
32 KB 17ms
16ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a32b5669bc3ce0ecd85ee26f648a5bf1017b15d67f6fd68e363fa739e9d3f054

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
content-encoding: br
vary: Accept-Encoding
age: 510
x-cache: HIT, HIT
content-length: 32504
x-served-by: cache-iad-kcgs7200085-IAD, cache-mxp6973-MXP
access-control-allow-origin: *
x-browser-version: 103
last-modified: Wed, 22 Jun 2022 19:29:35 GMT
x-timer: S1655995995.451734,VS0,VE0
etag: "62b36d9f-7ef8"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 4

GET
H2 200 captions.js Show response
fast.wistia.net/assets/external/ Frame 3D05 144 KB
31 KB 17ms
16ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/captions.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cf7d57ea3d0af25b0dc6bfd80b3de5ca909d7600ed0f915bfabcb754eebee45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
content-encoding: br
vary: Accept-Encoding
age: 510
x-cache: HIT, HIT
content-length: 31346
x-served-by: cache-iad-kjyo7100171-IAD, cache-mxp6973-MXP
access-control-allow-origin: *
x-browser-version: 103
last-modified: Wed, 22 Jun 2022 19:29:35 GMT
x-timer: S1655995995.475527,VS0,VE0
etag: "62b36d9f-7a72"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
233 B 168ms
168ms XHR
image/gif 44.240.141.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1655995995&e=pageload&r=&z=99175&x=d02bedf323815b3e88b644f5e9687371&k=45a68dc8-13c5-bd58-173c-e2680d31b2fb&u=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-78.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-Api-Key: d02bedf323815b3e88b644f5e9687371

Response headers

access-control-allow-origin: https://wealthyretirement.com
date: Thu, 23 Jun 2022 14:53:16 GMT
content-type: image/gif
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: etag

OPTIONS
H2 200 unity.gif
api.getblueshift.com/ Frame 0
0 489ms
159ms Preflight 44.240.141.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1655995995&e=pageload&r=&z=99175&x=d02bedf323815b3e88b644f5e9687371&k=45a68dc8-13c5-bd58-173c-e2680d31b2fb&u=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-78.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://wealthyretirement.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type, if-none-match, if-modified-since, x-api-key, x-requested-with
access-control-allow-methods: GET, PATCH, OPTIONS, HEAD, DELETE, POST, PUT
access-control-allow-origin: https://wealthyretirement.com
access-control-max-age: 86400
content-length: 0
date: Thu, 23 Jun 2022 14:53:15 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 3D05 58 KB
16 KB 17ms
17ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

da678e4dd0118222f0c9cb9df67d285e587318777e75e4d4c17abee8c894752b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
content-encoding: br
vary: Accept-Encoding
age: 510
x-cache: HIT, HIT
content-length: 15825
x-served-by: cache-iad-kjyo7100028-IAD, cache-mxp6973-MXP
access-control-allow-origin: *
x-browser-version: 103
last-modified: Wed, 22 Jun 2022 19:29:35 GMT
x-timer: S1655995996.516819,VS0,VE0
etag: "62b36d9f-3dd1"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 4

GET
H2 200 vusn89uzxr.json Show response
fast.wistia.net/embed/captions/ Frame 3D05 1 KB
1 KB 17ms
17ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/captions/vusn89uzxr.json?callback=wistiajson1

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/captions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

52ada88a3283f8f7e92824680aa1193016922892c8d46b728e9edc225b3e3996

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 177
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 731
x-request-id: eb969ed9c8e7e5bb8e2cdd10c09585ad
x-served-by: cache-iad-kjyo7100069-IAD, cache-mxp6973-MXP
x-runtime: 0.010408
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1655995996.521839,VS0,VE1
etag: W/"52ada88a3283f8f7e92824680aa11930"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 103
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame 3D05 408 KB
96 KB 19ms
18ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ed8563d664c24e70f971438ff51b6df46d922bce46c60a32e2bfc2e0ef5ae92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
content-encoding: br
vary: Accept-Encoding
age: 511
x-cache: HIT, HIT
content-length: 97903
x-served-by: cache-iad-kcgs7200172-IAD, cache-mxp6973-MXP
access-control-allow-origin: *
x-browser-version: 103
last-modified: Wed, 22 Jun 2022 19:29:35 GMT
x-timer: S1655995996.566275,VS0,VE0
etag: "62b36d9f-17e6f"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 5

GET
H2 200 vusn89uzxr.m3u8 Show response
fast.wistia.com/embed/medias/ Frame 3D05 1 KB
2 KB 54ms
18ms XHR
application/x-mpegurl 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/vusn89uzxr.m3u8

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

28e8d8be570040b96e09d271d1dd8a6ba68f4805538239eef9bb61da0a659202

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 17
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 1058
x-request-id: cd0ef581b0caa7cdf3595e4a7bc3adab
x-served-by: cache-iad-kiad7000063-IAD, cache-mxp6946-MXP
x-runtime: 0.029354
referrer-policy: strict-origin-when-cross-origin
x-timer: S1655995996.661826,VS0,VE1
etag: W/"28e8d8be570040b96e09d271d1dd8a6b"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 103
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame 3D05 1 KB
1 KB 17ms
16ms Image
image/gif 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 511
x-cache: HIT, HIT
x-cache-hits: 1, 3
content-length: 1214
x-served-by: cache-iad-kcgs7200146-IAD, cache-mxp6973-MXP
x-browser-version: 103
last-modified: Thu, 23 Jun 2022 14:41:40 GMT
x-timer: S1655995996.630990,VS0,VE0
etag: "62b47ba4-4be"
strict-transport-security: max-age=0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vusn89uzxr.vtt
fast.wistia.net/embed/captions/ Frame 3D05 1 KB
2 KB 17ms
17ms TextTrack
text/vtt 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/captions/vusn89uzxr.vtt?language=eng

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9b70d6dc0d9eebb8a7a0bb4bcaf40f7f5ce562403293c4505110c3b817a31d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 176
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 1223
x-request-id: 14727b9e2d8383be8124b7cea7d5de68
x-served-by: cache-iad-kcgs7200172-IAD, cache-mxp6973-MXP
x-runtime: 0.015222
referrer-policy: strict-origin-when-cross-origin
x-timer: S1655995996.641294,VS0,VE1
etag: W/"9b70d6dc0d9eebb8a7a0bb4bcaf40f7f"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/vtt; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 103
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H/1.1 200
OK v2 Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/ Frame 3D05 1 KB
2 KB 67ms
15ms XHR
application/vnd.apple.mpegurl 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4a8192adab342bc70a40ed0b25bc563deb361afd2fdbdb2dedc1ce26bb0c4aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:15 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=30671712
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1231
Expires: Tue, 13 Jun 2023 14:48:27 GMT

GET
H/1.1 200
OK v2 Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/ Frame 3D05 1 KB
2 KB 65ms
14ms XHR
application/vnd.apple.mpegurl 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4a8192adab342bc70a40ed0b25bc563deb361afd2fdbdb2dedc1ce26bb0c4aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:15 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=30671712
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1231
Expires: Tue, 13 Jun 2023 14:48:27 GMT

GET
H/1.1 200
OK seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 614 KB
615 KB 16ms
16ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f27782c652bc608717ddc8d7989a6654abe0bd23d4826298feb66eddb53d015e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:15 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=29558583
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 629048
Expires: Wed, 31 May 2023 17:36:18 GMT

GET
H/1.1 200
OK seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 614 KB
615 KB 15ms
15ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f27782c652bc608717ddc8d7989a6654abe0bd23d4826298feb66eddb53d015e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:15 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=29558583
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 629048
Expires: Wed, 31 May 2023 17:36:18 GMT

GET
H/1.1 200
OK seg-2-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 247 KB
248 KB 15ms
14ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f1e7f4aec0ef790fc7568dd497d278a2cb6488d8961792f7d6421b83b83ccf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:15 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=29565361
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 253048
Expires: Wed, 31 May 2023 19:29:16 GMT

GET
BLOB 200
OK dd1cbe7e-b157-46d7-828b-8a6f5bb58a3d
https://fast.wistia.net/ Frame 3D05 86 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fast.wistia.net/dd1cbe7e-b157-46d7-828b-8a6f5bb58a3d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e362df2ea96fdc17d900cf0a82c64cb70aac2f8f7f5e2c2726b359913221d6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 88294
Content-Type: text/javascript

GET
H3-Q050 200 seg-3-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 224 KB
224 KB 21ms
21ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65a20c69e67c35a92602f8caefd13afeee999ee6267c87a78e212ef431d51b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=29571953
expires: Wed, 31 May 2023 21:19:08 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 228984
quic-version: Q050

GET
H3-Q050 200 seg-3-v1-a1.ts
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 24 KB
0 17ms
17ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=29571953
expires: Wed, 31 May 2023 21:19:08 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 228984
quic-version: Q050

GET
H/1.1 200
OK seg-4-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 294 KB
295 KB 34ms
17ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-4-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c85d1db883c4b08296fcd7e9f258fcd647d725aca193a2dc51a4f1753ecda00c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:15 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=29797155
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 301176
Expires: Sat, 03 Jun 2023 11:52:30 GMT

POST
H2 204 x Show response
distillery.wistia.com/ Frame 3D05 0
96 B 304ms
100ms XHR
text/plain 18.205.143.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-143-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 23 Jun 2022 14:53:16 GMT
cache-control: max-age=0, private, must-revalidate

GET
DATA 200
OK truncated
/ Frame 3D05 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 interFontFace.js Show response
fast.wistia.net/assets/external/ Frame 3D05 39 KB
16 KB 18ms
17ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/interFontFace.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c38af5b241a5b0d3e570a4e083533b0020c1779aacad57ca3303c561444a46b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:15 GMT
content-encoding: br
vary: Accept-Encoding
age: 511
x-cache: HIT, HIT
content-length: 16451
x-served-by: cache-iad-kjyo7100179-IAD, cache-mxp6973-MXP
access-control-allow-origin: *
x-browser-version: 103
last-modified: Wed, 22 Jun 2022 19:29:35 GMT
x-timer: S1655995996.958306,VS0,VE1
etag: "62b36d9f-4043"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
67 KB 40ms
18ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ce2ba7ca96349b557bad51a18e809d4731a541b1c494143f97e1358d7ad959c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68485
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 14:53:16 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 68ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0202054D7A07486783C3B97FB4B8ADFD Ref B: FRAEDGE1511 Ref C: 2022-06-23T14:53:16Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 23 Jun 2022 14:53:15 GMT
accept-ranges: bytes
content-length: 11374

GET
H/1.1 200
OK lytics-styles.css
s3.amazonaws.com/assets.oxfordclub.com/css/global/ 42 KB
42 KB 113ms
113ms Stylesheet
text/css 52.217.169.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: acce289cbfc3ffaa97f344e97a96555bfb5fc8623616888f7bf69556108e409f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Last-Modified: Thu, 23 Jun 2022 14:44:26 GMT
Server: AmazonS3
x-amz-request-id: 87D7RSZASVJXFWZ1
ETag: "a5755d820ac35ea99c9932f06f1a4024"
Content-Type: text/css
x-amz-version-id: CCXiI6w63ggccdidLK31dfkvALkk08k4
Accept-Ranges: bytes
Content-Length: 42658
x-amz-id-2: K+j4b1UqHSot41MVkMYj4ax0+lHiqO5MzF2k1KuHTYVUmQBxkVrZAKodDQ9/V1TQbcd4kbtASrM=

GET
H/1.1 200
OK jody-1.png
wealthyretirement.com/wp-content/uploads/2020/03/ 32 KB
33 KB 194ms
193ms Image
image/png 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wealthyretirement.com/wp-content/uploads/2020/03/jody-1.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b9b215bbdb26978ced9af85ac38f07275fee2a8488b2849e0731373f922a3aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:16 GMT
Last-Modified: Wed, 11 Mar 2020 18:36:41 GMT
Server: nginx
ETag: "5e692fb9-81c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33216

GET
H2 200 i.gif
e-10348.adzerk.net/ 43 B
1 KB 316ms
109ms Image
image/gif 52.72.41.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e-10348.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDgsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6NzI1OTg5OTIsImRpIjoiNjZiZTliYjUzZTNhNDU5NGI5ODY2MDNhZmMwMjJkYjkiLCJkaiI6MCwiaWkiOiI4NzFlMmIwYTU4YjM0NTQ1OWMzMmExYTNhMGVlMjFmNCIsImRtIjozLCJmYyI6MjMwNDQ2MzgzLCJmbCI6MTc1NDM2MTcsImlwIjoiNTQuODkuMjI0Ljc0IiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjIwLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo2LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYmFlNGE0MmY3NjQ5N2MwYyIsInNwIjo5OTk4MTYsInN0IjoxMTU1MTk5LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtMDNhYThmYjU5YTBjNDYwYWIwMjE2ZGIyNjM4ZTE0YjIiLCJ0cyI6MTY1NTk5NTk5NTkyNSwicG4iOiJlbWFpbGFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJiYSI6MTE5LCJmcSI6MTZ9&s=tUY4NNjv1hiVUYobLwqMu0Wvwh4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.41.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-41-193.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1a-i-036f85aa94e097d52

GET
H2 200 i.gif
e-10348.adzerk.net/ 43 B
1 KB 317ms
110ms Image
image/gif 52.72.41.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e-10348.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDgsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6NTQzNzI0NTUsImRpIjoiNjZiZTliYjUzZTNhNDU5NGI5ODY2MDNhZmMwMjJkYjkiLCJkaiI6MSwiaWkiOiJjOTMwODZmYjFkMDg0NGY5ODJlNmU1MzRmODNlNDdkOCIsImRtIjozLCJmYyI6MjMwNDQ2NjE4LCJmbCI6MTc1NDM2MTcsImlwIjoiNTQuODkuMjI0Ljc0IiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjIwLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo2LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYmFlNGE0MmY3NjQ5N2MwYyIsInNwIjo5OTk4MTYsInN0IjoxMTU1MTk5LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtMDNhYThmYjU5YTBjNDYwYWIwMjE2ZGIyNjM4ZTE0YjIiLCJ0cyI6MTY1NTk5NTk5NTkyNiwicG4iOiJlbWFpbGFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJiYSI6MTE4LCJmcSI6MTZ9&s=pPOPFyOtO9bIJO982GPS3atTeII
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.41.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-41-193.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1b-i-056b82009af3dcb58

GET
H/1.1 200
OK 20220621_WR-consumer-price-index.jpg
s3.amazonaws.com/assets.oxfordclub.com/emails/images/ 111 KB
111 KB 295ms
117ms Image
image/jpeg 52.217.169.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/emails/images/20220621_WR-consumer-price-index.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b3a37696517a2b95324367430f0cd519c4751ca6ed766c22c6a80ba76c6674e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Last-Modified: Tue, 21 Jun 2022 20:06:38 GMT
Server: AmazonS3
x-amz-request-id: 87D6KFFRJ0M818SS
ETag: "b5329e7300c62086d008857c40544a53"
Content-Type: image/jpeg
x-amz-version-id: _yMz0qR2IE3tTGjT3c_pjYJIbNc20GY4
Accept-Ranges: bytes
Content-Length: 113403
x-amz-id-2: VucnC7btYxLWCwa0mB23yxAKXAo3/Zypd6h4rY0ZbDpF8Y4CKVNl8qKuYFDc7PI763e0rXwjnWE=

GET
H/1.1 200
OK 20220621_WR-US-monthly-rent.jpg
s3.amazonaws.com/assets.oxfordclub.com/emails/images/ 132 KB
132 KB 404ms
109ms Image
image/jpeg 52.217.169.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/emails/images/20220621_WR-US-monthly-rent.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ef01295b57dda4382e21080c16dcaecadba40fd052d48f1dbba277930d294195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Last-Modified: Tue, 21 Jun 2022 20:06:37 GMT
Server: AmazonS3
x-amz-request-id: 87DB6YR3DFAJ3Y6H
ETag: "4b15cbfde9700a7cd4395cd8277c32f3"
Content-Type: image/jpeg
x-amz-version-id: h3fCRIgnmVohs5pg59.qDjQJx9LdFDHN
Accept-Ranges: bytes
Content-Length: 134775
x-amz-id-2: AaXW8MhvcQppMGMV/pcliWdmuMCWePfvpKAQxY2XevsqRe5iyMPvGAUaI7W/OhIkfIlMBsMBLvE=

GET
H/1.1 200
OK 20220621_WR-SP-Case-Shiller.jpg
s3.amazonaws.com/assets.oxfordclub.com/emails/images/ 137 KB
138 KB 416ms
121ms Image
image/jpeg 52.217.169.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/emails/images/20220621_WR-SP-Case-Shiller.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5bd4396a3292bf7e009ee924ea3fb8c9b402743714acb7f3ba5f55c27cf532f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Last-Modified: Tue, 21 Jun 2022 20:06:38 GMT
Server: AmazonS3
x-amz-request-id: 87DD6KMXBDN63V9H
ETag: "31c00ec8183d45a480d23ddb8576b253"
Content-Type: image/jpeg
x-amz-version-id: xMD9bBqL4RPUP.Z8d6moLNITGZpDxXhX
Accept-Ranges: bytes
Content-Length: 140540
x-amz-id-2: TyFVT/yHrF8Iwf9qMwix/eHJccCtXWHXjLzoo+7yX+CQ8KoU5ctoMXvZtPOGeh5MUKZdibU7s6Y=

POST
H2 200 portrait Show response
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/ Frame F30B 0
428 B 124ms
124ms Document
text/html 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 71fe0d5fafc2916b-FRA
content-encoding: br
content-type: text/html
date: Thu, 23 Jun 2022 14:53:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noX9Ys7sBQuY2kZ5Hn4S%2BznaIH6Kd3dB1aBTIHTWopjXynsiFDbRbn%2BkMzQWHUWFfdxVoo2ZnAlLv3XZ6t%2F5Cza8sHjBWb5dXwh16lcaeh8ymS68FOrqEDe3fD%2FB%2FqeAeOl00K53cpxW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000;
via: 1.1 google

GET
H2 200 288828202.js Show response
cdn.optimizely.com/js/ 214 KB
71 KB 30ms
10ms Script
text/javascript 2a02:26f0:ef:295::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/288828202.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ef:295::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a41d57891295c41db15219348cd6ea25b905786b4485bef3ba4a692c0af7655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: AGSiDl9zqJRPmIt26XVCbr_lobkx_V3G
content-encoding: gzip
etag: "ead132393d856a23bae9a5e509595194"
x-amz-request-id: S7K9QEPZNPQ232F6
x-amz-meta-revision: 600
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="2a02:26f0:ef:295::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 71386
x-amz-id-2: d+TyC5SHzGRgE3Yp64hPcfEh+/mNzJ1xJtWaLvnfCVA3gXM8fTo79JR7EWkCHt+BA2gvLG4fNLg=
last-modified: Thu, 05 Jul 2018 14:14:39 GMT
server: AmazonS3
date: Thu, 23 Jun 2022 14:53:16 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 49ms
24ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Jun 2022 14:53:16 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 33ms
11ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=72555
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: zzA2epx2fEtZviGTNmQ+tcV5GGq0M/DJsn6CA8SjPo2zIIChtFTiZCe4+cqBwL+cwjseKD+UsGVsUeBvaxXBDw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:53:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 44ms
15ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: KJBYBFJXVN04HEHF
x-amz-id-2: mr92bBJ8Bpz2OnYqaa2L9IkM4Go/CKRaYyRz8CSLv5JBW5B46lAU7WPUN8W7lt9K+GDgb6W93+Y=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 84ms
37ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 05:07:22 GMT
server: nginx
etag: W/"6295a28a-a708"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Jun 2022 14:53:16 GMT

GET
H2 200 hotjar-478755.js Show response
static.hotjar.com/c/ 4 KB
2 KB 42ms
7ms Script
application/javascript 65.9.66.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-478755.js?sv=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-123.fra56.r.cloudfront.net

Software

Resource Hash

ef29e96ffb08bbf4f543dda5bf5fb8db8b2c067232e6033b3c10ba0ccecb10d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2045
access-control-allow-origin: *
cache-control: max-age=60
etag: W/6a3302a9a7afac0bf8c3575efa0fe507
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ynESjOYgNbX2xeEoS4FZQa6J7RKNf-KAxWwUWD4fnS3pG4JF2PYEhw==

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
4 KB 174ms
118ms Script
application/x-javascript 23.35.229.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/we-already-have-double-digit-inflation/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=65f5e853-f9d1-44eb-a893-835cf6712251&utm_campaign=20220621_wr_nonmwl&utm_source=wealthre&utm_medium=email&utm_content=20220621_wr_nonmwl&bsft_clkid=246df74d-4cf5-489a-9c9f-8b14e2ea426c&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=f1dbdd9a-f2c0-44a8-8c09-050408dbf2db&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-06-21T21%3A00%3A41Z&bsft_lx=2&bsft_tv=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.229.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3249
Expires: Thu, 23 Jun 2022 15:13:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 249
date: Thu, 23 Jun 2022 14:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 23 Jun 2022 16:49:07 GMT

GET
H2 204 4056182.js Show response
bat.bing.com/p/action/ 0
137 B 33ms
33ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4056182.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8DB657C353C9486BA9BEABB65380D253 Ref B: FRAEDGE1511 Ref C: 2022-06-23T14:53:16Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 23 Jun 2022 14:53:15 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 37ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4056182&Ver=2&mid=bb45e196-1808-47f4-b49a-d65129989757&sid=3684c760f30411ecae4d472cdacacffd&vid=3684fd30f30411ec8c6755b3d8c270a2&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&p=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&r=&lt=3223&evt=pageLoad&msclkid=N&sv=1&rn=243393

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C24E6BDC7D3471A98A7A15DBDD7A262 Ref B: FRAEDGE1511 Ref C: 2022-06-23T14:53:16Z
date: Thu, 23 Jun 2022 14:53:15 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 15020902.js Show response
bat.bing.com/p/action/ 0
119 B 121ms
121ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15020902.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4DAC3BF98E374FA8BD60F6FF67D51274 Ref B: FRAEDGE1511 Ref C: 2022-06-23T14:53:16Z
date: Thu, 23 Jun 2022 14:53:15 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
119 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15020902&Ver=2&mid=fd71be49-bd5b-4f00-99c1-5a2469fc6277&sid=3684c760f30411ecae4d472cdacacffd&vid=3684fd30f30411ec8c6755b3d8c270a2&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&p=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&r=&lt=3223&evt=pageLoad&msclkid=N&sv=1&rn=638109

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 758550597A8D4ED4B1207938067340F6 Ref B: FRAEDGE1511 Ref C: 2022-06-23T14:53:16Z
date: Thu, 23 Jun 2022 14:53:15 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 15322609.js Show response
bat.bing.com/p/action/ 0
119 B 184ms
183ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15322609.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2C76A095DC1F45F0A4D11B12BC2CCDAE Ref B: FRAEDGE1511 Ref C: 2022-06-23T14:53:16Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 23 Jun 2022 14:53:15 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 38ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15322609&Ver=2&mid=9e0e5572-1d00-45d9-b268-1886b02baf5a&sid=3684c760f30411ecae4d472cdacacffd&vid=3684fd30f30411ec8c6755b3d8c270a2&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&p=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&r=&lt=3223&evt=pageLoad&msclkid=N&sv=1&rn=874176

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 408CFE4C85224F12A1F0B0C243456F7B Ref B: FRAEDGE1511 Ref C: 2022-06-23T14:53:16Z
date: Thu, 23 Jun 2022 14:53:15 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 172267203502730 Show response
connect.facebook.net/signals/config/ 24 KB
7 KB 21ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/172267203502730?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f2229cc3f7dc6236b7ce778db2eea947be52ac6b615f668d01b8880460a1e09

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6716
x-xss-protection: 0
pragma: public
x-fb-debug: fab85ZdgaBHt55bmOt3uqMkRMbZdq9k8P7+uV78mdy226qLPTLinv9DZv+7ssJPxu/NodwbSNKRcALuDK3cXFA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:53:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1655995996201&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fbsft_utid%3D5ebec341-8e79-4...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D518825%26time%3D1655995996201%26url%3Dhttps%253A%252F%252Fwealthyretirement.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1655995996201&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fbsft_utid%3D5ebec341-8e79-4...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1655995996201&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fbsft_utid%3D5ebec341-8e79-...

0
264 B

194ms
169ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1655995996201&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26utm_campaign%3D20220621_wr_nonmwl%26utm_content%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26bsft_tv%3D11%26src%3Demail%26bsft_lx%3D2&liSync=true&e_ipv6=AQLAWP0XPhGSpgAAAYGRDZpf4W7eRWgagfFreqsklWe7fzTK1jGV66GE_Dl-OC9PsPLpmRlg7A
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FFAF831189E94777B02CF6C9DE873B13 Ref B: FRAEDGE1520 Ref C: 2022-06-23T14:53:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiHp0lyPpPQgCH/0/GWA==
x-li-fabric: prod-ltx1

Redirect headers

date: Thu, 23 Jun 2022 14:53:16 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 51B5B81C7EEA45E48DB35C4579C4224B Ref B: VIEEDGE2315 Ref C: 2022-06-23T14:53:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1655995996201&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26utm_campaign%3D20220621_wr_nonmwl%26utm_content%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26bsft_tv%3D11%26src%3Demail%26bsft_lx%3D2&liSync=true&e_ipv6=AQLAWP0XPhGSpgAAAYGRDZpf4W7eRWgagfFreqsklWe7fzTK1jGV66GE_Dl-OC9PsPLpmRlg7A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiHp0itoHh2pHPYcXLIQ==

GET
H2 200 405446.json Show response
s.yimg.com/wi/config/ 2 B
448 B 46ms
16ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/405446.json

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:00 GMT
x-content-type-options: nosniff
age: 16
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: TKG0N1AN771RDRP7
x-amz-id-2: BKYDHWqCwpVNgbA5Bqf9BxQWa2qxvnmO21hI6nytT7NOInQ6Pe8QKpBYK/2pcXeM1xTypCfHnEI=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/780296261/ 3 KB
2 KB 48ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/780296261/?random=1655995996263&cv=9&fst=1655995996263&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-&tiba=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7b00664204e0061836b1c143cf0458a6d789571814ac850c98a3c8faf8c2720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/665056240/ 3 KB
2 KB 48ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/665056240/?random=1655995996266&cv=9&fst=1655995996266&num=1&label=H5lgCLKD4sgBEPDnj70C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-&tiba=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1461e6250c102c626aa8164bdaea6967e81fa88c4fc15bdec491d852d4f6bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1377
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.58b0567970adefe5846a.js Show response
script.hotjar.com/ 243 KB
63 KB 32ms
8ms Script
application/javascript 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.58b0567970adefe5846a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-478755.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-101.fra6.r.cloudfront.net

Software

Resource Hash

89f6089a08cc1c82d297577a431c69927082a16305c59bea96ae51b58a14156b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 09:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19810
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64035
access-control-allow-origin: *
last-modified: Thu, 23 Jun 2022 09:22:12 GMT
etag: "af7dba47fa75f89b59b4405220d4ae7e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: V1xDJu0qxaAUko5yrRcwGnpFpYDMmxRg6DHINA6kA59oeMmK6hDv0w==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1333453726&t=pageview&_s=1&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&ul=en-us&de=UTF-8&dt=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=626575362&gjid=515970282&cid=1628713597.1655995996&tid=UA-344672-10&_gid=1631190150.1655995996&_r=1&gtm=2wg6f0WF7VQJT&cd1=d6480b33-a20a-4829-b48d-c95b612b81ef&cd2=suppress_325war_active%7Clytics_discovery_22156%7Csuppress_tot_tot_lifetime_oxccc_tot19hot_and_mlb%7Csuppbrk%7C786_webinar_libwealt_modal_target%7Cexclude_active_pes_oxc%7Cexclude_active_on_omt_agb_oxc%7Cexclude_active_on_mwl%7Csuppress_all_osa20hot_active_osa_buyers_and_oxc_duplicate%7Csuppress_ore_orl_mab_oxc%7Cmax_neighbors%7Corc_experience_3cdd6058420e8d2fe7d22977bd67e482_decision%7Cdefault_unhealthy_profiles%7Clytics_discovery_22156_neighbors%7Cexclude_active_on_786hot20_oxc_786_agb%7Corc_experience_7201585b3b470a5a8df9d40960e39f04_decision%7C786_ipo_suppression%7Cexclude_active_ett_mab_oxc%7Csuppress_%7Csuppress_mtd_mtx_asb%7Csuppress_active_on_cbp_cbx_asb_asx_mxb%7Csuppress_war_war20hot%7Cwealthre_modal_target%7Cno_oxf_oxf19hot_agb_oxccc_oxcdc%7Csuppore%7Csuppress_oxc_owa_owa20hot%7Cexclude_active_on_oxc_786_agb_duplicate%7Cexclude_active_on_nmt_oxc%7Cexclude_active_on_mal_agb_oxc%7Cly_unknown_email%7Csuppress_active_tbl21hot_tbl_mab_oxc%7Cproftrnd_lytics_modal%7Csuppress_oxf_oxl_agb_oxc_dc_and_oxc_cc%7Ctradeday_nonsubscribers%7Cwrp_video_modal%7Comt_launch_webinar_modal%7Csuppress_oxc%7Cexclude_active_on_prhealth%7Cexclude_active_on_totwealt_oxc_mlb%7Call%7Clibwealt_modal_target%7Csuppression_active_subscribers_investme%7Csuppress_war_wax_woh%7Csuppress_cbp20hot_cbp_agb_oxc&cd3=&cd5=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&cd9=_1kr8w66c5f5&cd10=0b83d49e-aa2b-48c9-a4d1-c49e87efcdc9&cd11=1655995994133&z=1097176802

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wealthyretirement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 162317297901043 Show response
connect.facebook.net/signals/config/ 24 KB
7 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/162317297901043?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6f8cb21725d4ff2ea1bbf3d993a6b1f19c5071225247fe3c62dc7a085298203

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6717
x-xss-protection: 0
pragma: public
x-fb-debug: aMkP7GFk+wm41BXLtgfjIrbsrduY/WZLBjjBwpSXSxHo64PyfNVX+A+HVXfIgDdlMLJGPxUlXHWlR4zmYUO2LQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:53:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 27ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=172267203502730&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995996295&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 23 Jun 2022 14:53:16 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A4AF 15 KB
6 KB 61ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=wealthyretirement.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:53:15 GMT
server-processing-duration-in-ticks: 2012
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
631 B 102ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2023%20Jun%202022%2014%3A53%3A16%20GMT&n=0&b=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&.yp=405446&f=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 23 Jun 2022 14:53:16 GMT

POST
H2 204 x Show response
distillery.wistia.com/ Frame 3D05 0
95 B 100ms
99ms XHR
text/plain 18.205.143.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-143-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 23 Jun 2022 14:53:16 GMT
cache-control: max-age=0, private, must-revalidate

GET
H3 200 1420932934903352 Show response
connect.facebook.net/signals/config/ 24 KB
7 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1420932934903352?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed3cc403630558032e2d1ae7513970ed92ef6224193eff9448f957f30876a11d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6717
x-xss-protection: 0
pragma: public
x-fb-debug: yeFxp8UTq0C9xSsbTDZpTGUOpPG706rRAv/+WwDZ5lyhpSSYof53UqDbtqZ3gBWPJLtmw3hU02ODCXwPSOzs/w==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:53:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 22ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=162317297901043&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995996321&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 23 Jun 2022 14:53:16 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/780296261/ 42 B
548 B 56ms
22ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/780296261/?random=1655995996263&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-&tiba=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&async=1&fmt=3&is_vtc=1&random=1778571820&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/780296261/ 42 B
548 B 46ms
19ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/780296261/?random=1655995996263&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-&tiba=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&async=1&fmt=3&is_vtc=1&random=1778571820&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/665056240/ 42 B
108 B 42ms
23ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/665056240/?random=1655995996266&cv=9&fst=1655992800000&num=1&label=H5lgCLKD4sgBEPDnj70C&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-&tiba=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&async=1&fmt=3&is_vtc=1&random=1674936438&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/665056240/ 42 B
108 B 31ms
21ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/665056240/?random=1655995996266&cv=9&fst=1655992800000&num=1&label=H5lgCLKD4sgBEPDnj70C&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-&tiba=The%20U.S.%20Already%20Has%20Double-Digit%20Inflation&async=1&fmt=3&is_vtc=1&random=1674936438&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-344672-10&cid=1628713597.1655995996&jid=626575362&gjid=515970282&_gid=1631190150.1655995996&_u=YEBAAAAAAAAAAC~&z=1589534410

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 23 Jun 2022 14:53:16 GMT
content-type: text/plain
access-control-allow-origin: https://wealthyretirement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame 38A4 2 KB
1 KB 33ms
7ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-478755.js?sv=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-118.fra53.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2013550
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-id: no-wr8n4U_qe6klg8LNhYe5cndOgqgUVlJcjV5WGryo9k4lgYcGS7Q==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 375ms
88ms Script
application/javascript 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=0040752ca591876c6ab7eb366d24329d4d
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:16 GMT
content-encoding: gzip
X-TraceId: cf13e57ed153b671e5ae375040331654
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 369ms
86ms Image
image/gif 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=0040752ca591876c6ab7eb366d24329d4d&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&optOut=false&bust=01005790457688227&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:16 GMT
Cache-Control: no-cache
X-TraceId: fe7630c53930a5afe6130608ab35c662
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H3 200 154661765322510 Show response
connect.facebook.net/signals/config/ 287 KB
83 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/154661765322510?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b73e8cea8c2d00154464c6ddab3078070dc6bcea7c690aa0e2b1f1a716c5e0ed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84701
x-xss-protection: 0
pragma: public
x-fb-debug: IBvg0k0zoblGWQAzk5v8dxZsQew3/GZbtQvMzKLACX2oe+knMGZk3wtGFOVSyE3Ph8p+kM12xrdy9DirUX+eSQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:53:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 22ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1420932934903352&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995996396&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:53:16 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A4AF
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=wealthyretirement.com&sn=ChromeSyncframe&so=0&topUrl=wealthyretirement.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=BYPS0nx1TlVtbG8xSHZWY0tLTUEwNk1HMEN0YVNVeXNFVDFPL2Nqd1UvYk1ndlM2NFowdHRWMTNTWm5mbXhVcER6aXF3QjE5elUzcGlaOUM5aG8rdkFZdE9lSzcyUC9tMWVDSDdQcTZyZm03NXlxSzA1OFU3MW92eDU2Um...

460 B
659 B

411ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=BYPS0nx1TlVtbG8xSHZWY0tLTUEwNk1HMEN0YVNVeXNFVDFPL2Nqd1UvYk1ndlM2NFowdHRWMTNTWm5mbXhVcER6aXF3QjE5elUzcGlaOUM5aG8rdkFZdE9lSzcyUC9tMWVDSDdQcTZyZm03NXlxSzA1OFU3MW92eDU2UmNya3hJSklSdTlEdnJhMWxvU2R1VXpUUzZqTWdWMnhqcWI5RE5hMzR3MXp0VTJUdVdDWWJFWUlMMlhsL2JXbTY0R2N4L29qZ2VGL2dJd1JDYWxDbUJKQ21kSWhHVTNCT3NuWWswY0VoVDdkR05MbGZIZUhrWnAwai92ZEJVTXZOS1JrbmFSUFduSFBiQjFSNi8zN0JpMjhsQkowWnM5OTI5Nit2dlhTdDhDbnQ2RDVyYlBKND18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8555082c4a2ca4bb86287570748c1aa113f357363240cd2bd6617314aad4c807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4593
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:15 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=BYPS0nx1TlVtbG8xSHZWY0tLTUEwNk1HMEN0YVNVeXNFVDFPL2Nqd1UvYk1ndlM2NFowdHRWMTNTWm5mbXhVcER6aXF3QjE5elUzcGlaOUM5aG8rdkFZdE9lSzcyUC9tMWVDSDdQcTZyZm03NXlxSzA1OFU3MW92eDU2UmNya3hJSklSdTlEdnJhMWxvU2R1VXpUUzZqTWdWMnhqcWI5RE5hMzR3MXp0VTJUdVdDWWJFWUlMMlhsL2JXbTY0R2N4L29qZ2VGL2dJd1JDYWxDbUJKQ21kSWhHVTNCT3NuWWswY0VoVDdkR05MbGZIZUhrWnAwai92ZEJVTXZOS1JrbmFSUFduSFBiQjFSNi8zN0JpMjhsQkowWnM5OTI5Nit2dlhTdDhDbnQ2RDVyYlBKND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1989
content-length: 567
expires: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 53ms
34ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-344672-10&cid=1628713597.1655995996&jid=626575362&_u=YEBAAAAAAAAAAC~&z=1604465510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 65ms
46ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-344672-10&cid=1628713597.1655995996&jid=626575362&_u=YEBAAAAAAAAAAC~&z=1604465510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/478755/ 147 B
323 B 147ms
46ms XHR
application/json 52.51.216.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/478755/visit-data?sv=5
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.216.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-216-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 261964361146571 Show response
connect.facebook.net/signals/config/ 24 KB
7 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/261964361146571?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec1f3c07d25a962ec076fe26202cf1b2bde20f0f55f8ce64b70e61c635bdd533

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6798
x-xss-protection: 0
pragma: public
x-fb-debug: FJpf+pdTYViJwb+TtVaJ/a2KVlfEdz6xtfN9i1dGG0SKbFo+cQ42xK4wBc8xGOmTecQIiFIfZlaO8aiACKVa4Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:53:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=154661765322510&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995996447&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:53:16 GMT

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 3D05 2 B
136 B 305ms
100ms XHR
text/plain 54.164.14.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.14.138 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-14-138.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 23 Jun 2022 14:53:16 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H3 200 380237935810224 Show response
connect.facebook.net/signals/config/ 24 KB
7 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/380237935810224?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5da28b2486d927ff0a4b85113593877fe6222e0309ce1dce25ad6feef9cf684e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6717
x-xss-protection: 0
pragma: public
x-fb-debug: eglCC5PGNZcfc4dBH8M+TCC78xn7XPOX9BOhZCu3tnBDBMQDEcf8Rgn/gBHfeIwvoOE66kekiV6PrnXijYh84A==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:53:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261964361146571&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995996460&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:53:16 GMT

GET
H3 200 668246423725853 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/668246423725853?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06ed9b8d58cebf0c857d894b0d017357625b537ded3a1b6f9908349083758a67

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84741
x-xss-protection: 0
pragma: public
x-fb-debug: t0m/7NA3xwpeWAcFyCISqWrXpssnkN6tKYzaBHU2040N+Opgv+Xv3fdxOlcUlLswDhkGEMcMdzqATDIqj1OP4A==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:53:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=380237935810224&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995996473&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:53:16 GMT

GET
H3 200 231043257988858 Show response
connect.facebook.net/signals/config/ 24 KB
7 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/231043257988858?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

079bd4d4fef241ce4d4e7234f6ed40b2f66a2b52a843af0e61f0e18368e856c5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6766
x-xss-protection: 0
pragma: public
x-fb-debug: ISBR6CeP4udJW6vzEZDpIA2o5e9wxvDoBGvCsBI1H+N5houtlgAKsmSRAcyGa/fs7prv+qQPr/Qh7oTBH7UKrA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:53:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 15ms
15ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=668246423725853&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995996504&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:53:16 GMT

GET
H3 200 336157786980095 Show response
connect.facebook.net/signals/config/ 24 KB
7 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/336157786980095?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ff3c35ccc08c1509db11fc59fc84e6ab0171440edb40b84300ff2ada544bce5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6717
x-xss-protection: 0
pragma: public
x-fb-debug: 0t0Ls4LsAO+bIMZHs4B1HtDzZyANBaof+SPU7xENY1BELO5Q7Dtbw+DHCHY0A650e5gFW+OmVHAwf0omXnek8g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:53:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=231043257988858&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995996524&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:53:16 GMT

GET
H3 200 2337243036594698 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2337243036594698?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7b235a7e6c9b69611f807670589a15c1be255219367cdbedf1bc92fa82c9dd8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6899
x-xss-protection: 0
pragma: public
x-fb-debug: 8qz2OndZmXY2ioevexn09z3ICSY+ltemXfghmu6Ha503YF1auOCjtNGeXXdvMrPGrYfPJfH9gz52KyqTWtC0cw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:53:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
10ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=336157786980095&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995996538&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:53:16 GMT

GET
H2 200 allIntegrations.js Show response
fast.wistia.net/assets/external/ Frame 3D05 25 KB
7 KB 16ms
16ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70ec22c08951852f4567a4ab812564fa646d41c7925ebad477b37ceaef302e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
content-encoding: br
vary: Accept-Encoding
age: 511
x-cache: HIT, HIT
content-length: 7103
x-served-by: cache-iad-kjyo7100155-IAD, cache-mxp6973-MXP
access-control-allow-origin: *
x-browser-version: 103
last-modified: Wed, 22 Jun 2022 19:29:35 GMT
x-timer: S1655995997.561037,VS0,VE0
etag: "62b36d9f-1bbf"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 5

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2337243036594698&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995996554&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:53:16 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2CCF 0
15 B 9ms
8ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:53:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E0F0 0
15 B 10ms
9ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:53:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1346 0
15 B 11ms
8ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:53:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6757 0
15 B 11ms
8ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:53:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D074 0
15 B 10ms
8ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:53:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1E15 0
15 B 10ms
8ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:53:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame FA54 0
15 B 11ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:53:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EDA9 0
15 B 12ms
8ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:53:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8F16 0
15 B 12ms
10ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:53:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9C5F 0
15 B 13ms
11ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:53:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=55939&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=cG4sbV80TlVwY1RvaXRPWDI2JTJGVW9kTTBFTiUyQk5WbG9jMXZZTXVpeHlxZFV1bU02M25KZzR0YVhnOUd...
https://widget.us.criteo.com/event?a=55939&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=cG4sbV80TlVwY1RvaXRPWDI2JTJGVW9kTTBFTiUyQk5WbG9jMXZZTXVpeHlxZFV1bU02M25KZzR0YVhnOUd...

9 KB
9 KB

307ms
109ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=55939&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=cG4sbV80TlVwY1RvaXRPWDI2JTJGVW9kTTBFTiUyQk5WbG9jMXZZTXVpeHlxZFV1bU02M25KZzR0YVhnOUdzOWtPS1NHbklMQUZ0ZlR1R0hXJTJGUjVjMlc4c0FWc00lMkYxSXppejQlMkJvaGpLdEQ5QmRjbm5tU0N4bnQzV1FwQUVCOWY3NlNZRXExRzFBS1p5eDUlMkJJdTh2ZmpwM3NlaWN0UEs3UjRXa2dwampjc0tSa3V1VXVjejglM0Q&tld=wealthyretirement.com&ful=623&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-407&dtycbr=25079

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b79c62d58312e2647a45edd5989fa8642f40677c669ae4c21abce2c9e51d0cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12175004
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=55939&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=cG4sbV80TlVwY1RvaXRPWDI2JTJGVW9kTTBFTiUyQk5WbG9jMXZZTXVpeHlxZFV1bU02M25KZzR0YVhnOUdzOWtPS1NHbklMQUZ0ZlR1R0hXJTJGUjVjMlc4c0FWc00lMkYxSXppejQlMkJvaGpLdEQ5QmRjbm5tU0N4bnQzV1FwQUVCOWY3NlNZRXExRzFBS1p5eDUlMkJJdTh2ZmpwM3NlaWN0UEs3UjRXa2dwampjc0tSa3V1VXVjejglM0Q&tld=wealthyretirement.com&ful=623&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-407&dtycbr=25079
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5756158
timing-allow-origin: *
content-length: 0
expires: 0

GET
H/1.1 200
OK seg-5-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 294 KB
295 KB 15ms
15ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-5-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0f2ffc2a01a717d97125724a3347b0b35eb3ef050b9c3c1b7906ad80d8a4ba61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=30322389
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 301176
Expires: Fri, 09 Jun 2023 13:46:26 GMT

GET
H/1.1 200
OK seg-6-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 350 KB
351 KB 17ms
17ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-6-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 45e16c099f70d0a28b59ef206ca26fc1770ca1dc75b9139ffb03fbccf1eb4a9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=29812257
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 358328
Expires: Sat, 03 Jun 2023 16:04:14 GMT

GET
H/1.1 200
OK seg-7-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 467 KB
468 KB 15ms
14ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-7-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55aecb1f1ef9bc1194c8c9226a1ebffe6b1e5dc0906e02e9da110930bb684e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=30699183
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 478648
Expires: Tue, 13 Jun 2023 22:26:20 GMT

GET
H/1.1 200
OK seg-8-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 203 KB
204 KB 15ms
15ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-8-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 937bec9cb281be602f0cee942df7c076b247a2139d171cf6bba92de6e2dea48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=30043160
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 207928
Expires: Tue, 06 Jun 2023 08:12:37 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame BEBF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-nhnnNr-QHnSJUaZJNgwPglXlsIhjQZnFj6ngFw&google_cm&google_hm=ay1uaG5uTnItUUhuU0pVYVpKTmd3UGdsWGxzSWhqUVpuR...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nhnnNr-QHnSJUaZJNgwPglXlsIhjQZnFj6ngFw&google_gid=CAESEDHggFblo-Yi-lm19Ct1i2E&google_cver=1&google_ula=913071,0

43 B
370 B

15ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nhnnNr-QHnSJUaZJNgwPglXlsIhjQZnFj6ngFw&google_gid=CAESEDHggFblo-Yi-lm19Ct1i2E&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1369885
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nhnnNr-QHnSJUaZJNgwPglXlsIhjQZnFj6ngFw&google_gid=CAESEDHggFblo-Yi-lm19Ct1i2E&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame BEBF
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=2HR2nGhmX6nXwqbfrbp1NVsAhCjyjv9M

0
98 B

120ms
17ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=2HR2nGhmX6nXwqbfrbp1NVsAhCjyjv9M
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=2HR2nGhmX6nXwqbfrbp1NVsAhCjyjv9M
date: Thu, 23 Jun 2022 14:53:16 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2576
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame BEBF 0
232 B 193ms
32ms Image
text/html 52.209.107.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-nhnnNr-QHnSJUaZJNgwPglXlsIhjQZnFj6ngFw&custom=&tag_format=img&tag_action=sync&custom=&cb=99b2ae4c-3243-4ef2-86ee-5a2159a0a89c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.107.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-107-65.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:53:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 451 362338.gif
idsync.rlcdn.com/ Frame BEBF 0
42 B 148ms
18ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-nhnnNr-QHnSJUaZJNgwPglXlsIhjQZnFj6ngFw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame BEBF 0
47 B 20ms
15ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:17 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame BEBF 43 B
290 B 39ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:17 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 23 Jun 2022 14:53:17 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame BEBF 0
396 B 162ms
11ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-afYGLL-QHnSJUaZJNgwPglXlsIjeRCLa4IXfqg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:17 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame BEBF 0
476 B 349ms
88ms Image
text/plain 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-pILNir-QHnSJUaZJNgwPglXlsIhnrRX46Miezg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Cache-Control: no-cache
X-TraceId: 8d25bfa684fd98f6cd1c187f2ebc9da9
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame BEBF 0
427 B 368ms
219ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-rSOl7L-QHnSJUaZJNgwPglXlsIggIARzVd3DNA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:17 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 23 Jun 2022 14:53:17 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame BEBF 0
239 B 147ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-rSOl7L-QHnSJUaZJNgwPglXlsIggIARzVd3DNA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame BEBF
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-137efL-QHnSJUaZJNgwPglXlsIh_Y4lF7KIujg&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-137efL-QHnSJUaZJNgwPglXlsIh_Y4lF7KIujg%26seg%3D95287

43 B
1 KB

38ms
37ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-137efL-QHnSJUaZJNgwPglXlsIh_Y4lF7KIujg%26seg%3D95287

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:53:17 GMT
X-Proxy-Origin: 193.27.14.40; 193.27.14.40; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b3c7e8db-45cc-4ae4-b76d-bd65d2ad70db
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:53:17 GMT
X-Proxy-Origin: 193.27.14.40; 193.27.14.40; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c0208ac0-f157-447c-910c-ae14459730d6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-137efL-QHnSJUaZJNgwPglXlsIh_Y4lF7KIujg%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame BEBF
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3221481021941392353

43 B
370 B

16ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3221481021941392353

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:17 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2240173
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:53:17 GMT
X-Proxy-Origin: 193.27.14.40; 193.27.14.40; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e274853b-8468-4c7e-9117-dad285a92e76
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3221481021941392353
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame BEBF 0
225 B 121ms
13ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-f955GL-QHnSJUaZJNgwPglXlsIhz25wa0eW0nA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H2 200 xuid
eb2.3lift.com/ Frame BEBF 37 B
140 B 38ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-q4gJ67-QHnSJUaZJNgwPglXlsIgTRAuITWrzdg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame BEBF 45 B
787 B 147ms
68ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-bDj5Tr-QHnSJUaZJNgwPglXlsIhrn7WVMvMS3A

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Thu, 23 Jun 2022 14:53:17 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Thu, 23 Jun 2022 14:53:17 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame BEBF
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NiiSDL-QHnSJUaZJNgwPglXlsIi9GTvjPleINA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NiiSDL-QHnSJUaZJNgwPglXlsIi9GTvjPleINA&C=1

43 B
783 B

47ms
47ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NiiSDL-QHnSJUaZJNgwPglXlsIi9GTvjPleINA&C=1
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:53:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 23 Jun 2022 14:53:17 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:53:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-NiiSDL-QHnSJUaZJNgwPglXlsIi9GTvjPleINA&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 23 Jun 2022 14:53:17 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame BEBF 0
239 B 33ms
7ms Image
text/plain 2600:9000:2057:2600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2vWVAr-QHnSJUaZJNgwPglXlsIgT6HeQBRifow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:17 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: AWnWn8Ce7x7-rGndFIWlRvhh9AryZhvWP-LfAm98Y73UAOIuY0f02g==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame BEBF
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-gP8mqr-QHnSJUaZJNgwPglXlsIgGB2Cw7l9d8A&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-gP8mqr-QHnSJUaZJNgwPglXlsIgGB2Cw7l9d8A&expires=30&user_group=5

43 B
495 B

8ms
8ms

Image
image/gif

3.125.77.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-gP8mqr-QHnSJUaZJNgwPglXlsIgGB2Cw7l9d8A&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 3.125.77.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-77-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-gP8mqr-QHnSJUaZJNgwPglXlsIgGB2Cw7l9d8A&expires=30&user_group=5
Date: Thu, 23 Jun 2022 14:53:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame BEBF 35 B
336 B 105ms
35ms Image
image/gif 54.77.1.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-vZ8nqb-QHnSJUaZJNgwPglXlsIgzNcciNpkx7w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.1.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-1-80.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:17 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame BEBF 23 B
172 B 148ms
48ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-x-VcS7-QHnSJUaZJNgwPglXlsIibpNKA7MlwtA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:17 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 23 Jun 2022 14:53:17 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame BEBF 0
99 B 54ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-8X38Ob-QHnSJUaZJNgwPglXlsIixQqD1aI2Gqw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13575

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame BEBF 43 B
163 B 83ms
24ms Image
image/gif 185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6uj9yL-QHnSJUaZJNgwPglXlsIg0JFQUFYwRxQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:16 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame BEBF 0
35 B 60ms
7ms Image
text/plain 18.198.158.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-HQMEZ7-QHnSJUaZJNgwPglXlsIgiFnaQVpm6fw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.158.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-158-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:17 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame BEBF
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ThnXZr-QHnSJUaZJNgwPglXlsIhRPUh8ao_JrQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ThnXZr-QHnSJUaZJNgwPglXlsIhRPUh8ao_JrQ

43 B
447 B

32ms
32ms

Image
image/gif

54.229.131.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ThnXZr-QHnSJUaZJNgwPglXlsIhRPUh8ao_JrQ
Protocol: H2
Server: 54.229.131.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-131-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Jun 2022 14:53:17 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ThnXZr-QHnSJUaZJNgwPglXlsIhRPUh8ao_JrQ
date: Thu, 23 Jun 2022 14:53:17 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame BEBF
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-lMulwr-QHnSJUaZJNgwPglXlsIhbMKISS3icTw
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-lMulwr-QHnSJUaZJNgwPglXlsIhbMKISS3icTw&_li_chk=true&previous_uuid=b922581dbc8a4964ad6b280497ebfd3c
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-lMulwr-QHnSJUaZJNgwPglXlsIhbMKISS3icTw

43 B
419 B

281ms
93ms

Image
image/gif

2600:1f18:444a:4602:f850:4eec:7dd:fbc1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-lMulwr-QHnSJUaZJNgwPglXlsIhbMKISS3icTw

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:f850:4eec:7dd:fbc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:18 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-lMulwr-QHnSJUaZJNgwPglXlsIhbMKISS3icTw
Date: Thu, 23 Jun 2022 14:53:17 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame BEBF 43 B
428 B 316ms
97ms Image
image/gif 44.198.216.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-IOB6Ob-QHnSJUaZJNgwPglXlsIjP-l176z-v8w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.198.216.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-216-154.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:17 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame BEBF 43 B
183 B 287ms
93ms Image
image/gif 2600:1f18:612b:4200:c26a:81b8:fdad:e020
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-2JEJOb-QHnSJUaZJNgwPglXlsIhC0A5ptIYNcw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:c26a:81b8:fdad:e020 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:17 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame BEBF
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-CikNXL-QHnSJUaZJNgwPglXlsIjDzec0wemk2g&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

35ms
7ms

Image
image/gif

2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1655995997.dop229.fr8.t,1655995997.cds041.fr8.shn,1655995997.cds041.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:53:17 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1655995997622003-416
Expires: Thu, 23 Jun 2022 14:53:17 GMT

GET
H/1.1 200
OK seg-9-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 456 KB
456 KB 15ms
14ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-9-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88a9252da7c1ef7ef3071dc8bb05a9153d322558b8194721a258494a781501ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=30065321
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 466616
Expires: Tue, 06 Jun 2023 14:21:58 GMT

GET
H/1.1 200
OK seg-10-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 185 KB
186 KB 15ms
14ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-10-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ab583e1e1c81587c0efb344e14ae7f0b60e855bd12c3e22f30258d43f96f9bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=29626058
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 189880
Expires: Thu, 01 Jun 2023 12:20:55 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame BEBF
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/kkCVCQpg0MTdSrhAJAREK8H9jOgOoVn0/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2800566003983153735

43 B
370 B

14ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2800566003983153735

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1328601
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2800566003983153735
pragma: no-cache
date: Thu, 23 Jun 2022 14:53:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK seg-11-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 83 KB
83 KB 21ms
20ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-11-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0dd7294f8dea6522592417618be6658cea6907e8c12d4751567f5e10c3344059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=30083013
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 84600
Expires: Tue, 06 Jun 2023 19:16:50 GMT

GET
H/1.1 200
OK seg-12-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 3D05 56 KB
57 KB 20ms
19ms XHR
video/mp2t 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-12-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c4f2068d91add4ccb80c76ec35eb938db206281684194bb65a8f6fa83c4ff59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:53:17 GMT
Access-Control-Request-Method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=29804385
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 57528
Expires: Sat, 03 Jun 2023 13:53:02 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame BEBF
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3221481021941392353

43 B
370 B

15ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3221481021941392353

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:53:17 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1621859
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:53:17 GMT
X-Proxy-Origin: 193.27.14.40; 193.27.14.40; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3e5b2902-4187-4a88-bda3-d55b98127b40
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3221481021941392353
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=154661765322510&ev=Microdata&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995997951&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20U.S.%20Already%20Has%20Double-Digit%20Inflation%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=30&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:53:17 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=668246423725853&ev=Microdata&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fwe-already-have-double-digit-inflation%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D65f5e853-f9d1-44eb-a893-835cf6712251%26utm_campaign%3D20220621_wr_nonmwl%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220621_wr_nonmwl%26bsft_clkid%3D246df74d-4cf5-489a-9c9f-8b14e2ea426c%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3Df1dbdd9a-f2c0-44a8-8c09-050408dbf2db%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-21T21%253A00%253A41Z%26bsft_lx%3D2%26bsft_tv%3D11&rl=&if=false&ts=1655995998005&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20U.S.%20Already%20Has%20Double-Digit%20Inflation%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=30&fbp=fb.1.1655995996294.756317673&it=1655995996199&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:53:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:53:18 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 04:43:07	Name: _li_ss Value: MgkI_____wcQzBI
.wealthyretirement.com/	1970-01-20 03:59:57	Name: seerses Value: e
.wealthyretirement.com/	1970-01-23 19:35:55	Name: seerid Value: d6480b33-a20a-4829-b48d-c95b612b81ef
.lytics.io/	1970-01-21 01:35:55	Name: seerid Value: d6480b33-a20a-4829-b48d-c95b612b81ef
.wealthyretirement.com/	1970-01-20 12:45:31	Name: _bs Value: 45a68dc8-13c5-bd58-173c-e2680d31b2fb
.bing.com/	1970-01-20 13:21:31	Name: MUID Value: 15056FCBA8E2660238DA7E07A989679E
.wealthyretirement.com/	1970-01-20 04:01:22	Name: _uetsid Value: 3684c760f30411ecae4d472cdacacffd
.wealthyretirement.com/	1970-01-20 13:21:31	Name: _uetvid Value: 3684fd30f30411ec8c6755b3d8c270a2
.wealthyretirement.com/	1970-01-20 08:19:07	Name: optimizelyEndUserId Value: oeu1655995996224r0.5286740661616374
.wealthyretirement.com/	1970-01-20 08:19:07	Name: optimizelySegments Value: %7B%22301652738%22%3A%22campaign%22%2C%22301739447%22%3A%22gc%22%2C%22301835208%22%3A%22false%22%7D
.wealthyretirement.com/	1970-01-20 08:19:07	Name: optimizelyBuckets Value: %7B%7D
.wealthyretirement.com/	1970-01-20 03:59:56	Name: optimizelyPendingLogEvents Value: %5B%5D
.wealthyretirement.com/	1970-01-20 21:31:07	Name: _ga Value: GA1.2.1628713597.1655995996
.wealthyretirement.com/	1970-01-20 04:01:22	Name: _gid Value: GA1.2.1631190150.1655995996
.wealthyretirement.com/	1970-01-20 03:59:56	Name: _gat_secondary Value: 1
.wealthyretirement.com/	1970-01-20 06:09:31	Name: _fbp Value: fb.1.1655995996294.756317673
.facebook.com/	1970-01-20 06:09:31	Name: fr Value: 0hHDY2q3MuQ4iRPO0..BitH5c...1.0.BitH5c.
e-10348.adzerk.net/	1970-01-20 12:45:31	Name: azk Value: ue1-03aa8fb59a0c460ab0216db2638e14b2
e-10348.adzerk.net/	1970-01-20 12:45:31	Name: azk-ss Value: true
e-10348.adzerk.net/	1970-01-20 04:43:07	Name: azk-events Value: W3sidiI6IjEuMTAiLCJhdiI6ODk3MTk1LCJhdCI6Mzc3NywiYnQiOjAsImNtIjo2MTQ1NzQ4LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjU0MzcyNDU1LCJkaSI6IjY2YmU5YmI1M2UzYTQ1OTRiOTg2NjAzYWZjMDIyZGI5IiwiZGoiOjEsImlpIjoiYzkzMDg2ZmIxZDA4NDRmOTgyZTZlNTM0ZjgzZTQ3ZDgiLCJkbSI6MywiZmMiOjIzMDQ0NjYxOCwiZmwiOjE3NTQzNjE3LCJpcCI6IjU0Ljg5LjIyNC43NCIsIm53IjoxMDM0OCwicGMiOjUwLCJvcCI6NTAsImVjIjoyMCwiZ20iOjAsImVwIjpudWxsLCJwciI6MTc1OTg5LCJydCI6NiwicnMiOjUwMCwic2EiOiJ1bmRlZmluZWQiLCJzYiI6ImktMGJhZTRhNDJmNzY0OTdjMGMiLCJzcCI6OTk5ODE2LCJzdCI6MTE1NTE5OSwidHIiOnRydWUsInVrIjoidWUxLTAzYWE4ZmI1OWEwYzQ2MGFiMDIxNmRiMjYzOGUxNGIyIiwidHMiOjE2NTU5OTU5OTU5MjYsInBuIjoiZW1haWxhZCIsImdjIjp0cnVlLCJnQyI6dHJ1ZSwiZ3MiOiJub25lIiwiZGMiOjEsInR6IjoiVVRDIiwiY2kiOiIyMzhkYTY4Nzk4Mjc0ODk3YWI1OGIwNDBmOWI3MjdjZCIsImN2IjoxfV0
.criteo.com/	1970-01-20 13:21:31	Name: uid Value: e2e7eb4b-2200-4c5f-a5ef-077b68754199
.yahoo.com/	1970-01-20 12:45:53	Name: A3 Value: d=AQABBFx-tGICEIUJOc9mRdTaz1B09imsqoMFEgEBAQHPtWK-YgAAAAAA_eMAAA&S=AQAAAh58fX7oc40xnAG_C3mkyls
.linkedin.com/	1970-01-20 04:43:07	Name: UserMatchHistory Value: AQIlhF51yCHZUwAAAYGRDZi2_I1jiKfg0y0lUKaJyCwDYWGxeP90PTWtC8BleYOg9e6qV6ZMRqAY5Q
.linkedin.com/	1970-01-20 04:43:07	Name: AnalyticsSyncHistory Value: AQIeUFB7ey7dXgAAAYGRDZi2hLz025DyXtswviMbJ7WSbrp9nUXoPZuhGM0Fu3GW4f6oTGLeSWP_D-U7N4yqNQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:31:49	Name: bcookie Value: "v=2&4012aedf-6c0f-4404-8ea5-2d1d959292d4"
.linkedin.com/	1970-01-20 04:01:22	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2447:u=1:x=1:i=1655995996:t=1656082396:v=2:sig=AQG2uKTQb4EJqJpegXoaVqHflVgYHC_C"
.wealthyretirement.com/	1970-01-20 12:45:31	Name: _hjSessionUser_478755 Value: eyJpZCI6Ijc5OTc1NWJkLTcyN2ItNTgwMS1hYWVmLTAzOTQ0NTNkZWJkZiIsImNyZWF0ZWQiOjE2NTU5OTU5OTYzNTMsImV4aXN0aW5nIjpmYWxzZX0=
.wealthyretirement.com/	1970-01-20 03:59:57	Name: _hjFirstSeen Value: 1
wealthyretirement.com/	1970-01-20 03:59:56	Name: _hjIncludedInSessionSample Value: 1
.wealthyretirement.com/	1970-01-20 03:59:57	Name: _hjSession_478755 Value: eyJpZCI6IjdjMDU2MTVkLTA3ZjktNGI0MS05ZTNjLWExOGU5ZmUzYmQ1YiIsImNyZWF0ZWQiOjE2NTU5OTU5OTY0MjYsImluU2FtcGxlIjp0cnVlfQ==
wealthyretirement.com/	1970-01-20 03:59:56	Name: _hjIncludedInPageviewSample Value: 1
.wealthyretirement.com/	1970-01-20 03:59:57	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:31:49	Name: bscookie Value: "v=1&2022062314531613f321ca-dc04-468a-81ef-55e27540187dAQHPuPf3_SvVFgVCwoHmBROCD3osxsmH"
.linkedin.com/	1970-01-20 21:30:37	Name: li_gc Value: MTswOzE2NTU5OTU5OTY7MjswMjFsUa89F2XPX7zAbb5NcT0y5AH7xY1L0a5Wfi8U/Q7b1Q==
wealthyretirement.com/	1970-01-20 03:59:56	Name: outbrain_cid_fetch Value: true
.wealthyretirement.com/	1970-01-20 13:29:19	Name: cto_bundle Value: cG4sbV80TlVwY1RvaXRPWDI2JTJGVW9kTTBFTiUyQk5WbG9jMXZZTXVpeHlxZFV1bU02M25KZzR0YVhnOUdzOWtPS1NHbklMQUZ0ZlR1R0hXJTJGUjVjMlc4c0FWc00lMkYxSXppejQlMkJvaGpLdEQ5QmRjbm5tU0N4bnQzV1FwQUVCOWY3NlNZRXExRzFBS1p5eDUlMkJJdTh2ZmpwM3NlaWN0UEs3UjRXa2dwampjc0tSa3V1VXVjejglM0Q
.doubleclick.net/	1970-01-20 13:21:31	Name: IDE Value: AHWqTUkJzcXTc-PnW01v-1eGq8gN1_ijkMSrsif9Bf1LQrSk3c2r5qbk-pMjj4kyEDc
.adnxs.com/	1970-01-20 06:09:31	Name: uuid2 Value: 3221481021941392353
.analytics.yahoo.com/	1970-01-20 12:45:31	Name: IDSYNC Value: 18zh~25me
.turn.com/	1970-01-20 08:19:07	Name: uid Value: 2800566003983153735
.bidswitch.net/	1970-01-20 12:45:31	Name: tuuid Value: c7d6e8ae-8d66-463f-8ede-52989e601765
.bidswitch.net/	1970-01-20 12:45:31	Name: c Value: 1655995997
.bidswitch.net/	1970-01-20 12:45:31	Name: tuuid_lu Value: 1655995997
.casalemedia.com/	1970-01-20 12:45:31	Name: CMID Value: YrR.XYKsbFDmbiGsvWDk6wAA
.casalemedia.com/	1970-01-20 06:09:31	Name: CMPS Value: 3234
.casalemedia.com/	1970-01-20 06:09:31	Name: CMPRO Value: 3234
.revcontent.com/	1970-02-07 09:59:55	Name: __ID Value: e264c2f5eb194ffdbd7eb14cc85c0035
.revcontent.com/	1970-01-20 04:43:07	Name: v1_151 Value: 1
.media.net/	1970-01-20 12:45:31	Name: visitor-id Value: 2989975977578478000V10
.media.net/	1970-01-20 04:43:07	Name: data-c-ts Value: 1655995997
.media.net/	1970-01-20 04:43:07	Name: data-c Value: k-bDj5Tr-QHnSJUaZJNgwPglXlsIhrn7WVMvMS3A~~3
.adnxs.com/	1970-01-20 06:09:31	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2GVRpQp$W!fss0=Rro*E7VW]Fp9RN+Sr^'v@2%2o==rf0>[>ZZ6dJdpA#EJL^45iVhPzLL`H(oZ%q+[J+ea!#DI2Z#DIgl#XsfRJwn]H
.outbrain.com/	1970-01-20 06:09:31	Name: obuid Value: 7c0dd788-a2af-4499-80d8-41143d8a972a
.outbrain.com/	1970-01-20 04:20:05	Name: criteo Value: k-pILNir-QHnSJUaZJNgwPglXlsIhnrRX46Miezg
.addthis.com/	1970-01-20 13:21:31	Name: ouid Value: 62b47e5d0001a651e1e08235c7f2f23593536e6749c01a3a37a3
.addthis.com/	1970-01-20 13:21:31	Name: uid Value: 62b47e5d0f1996b3
.addthis.com/	1970-01-20 13:21:31	Name: na_id Value: 2022062314531753200592159213
.360yield.com/	1970-01-20 06:09:31	Name: tuuid Value: a772dfc5-cd2a-4eb1-b093-3046d7515ae2
.360yield.com/	1970-01-20 06:09:31	Name: tuuid_lu Value: 1655995997
ads.stickyadstv.com/	1970-01-20 04:43:07	Name: UID Value: 78c981396dab767d8be9d898afb5764
ads.stickyadstv.com/	1970-01-20 04:43:07	Name: uid-bp-11554 Value: k-CikNXL-QHnSJUaZJNgwPglXlsIjDzec0wemk2g
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 1340b2351d68a59fd68fc8f374168c
.360yield.com/	1970-01-20 06:09:31	Name: um Value: !38,54O2UW8s-6snk6d5gh-lcE1KCmlxF8jrIDYV3c1SPjO3r9HD6EgLIxjvCZ4KhuSBP0NeEQhL,1663771997
.360yield.com/	1970-01-20 06:09:31	Name: umeh Value: !38,0,1718203997,-1
.postrelease.com/	1970-01-20 12:45:31	Name: opt_out Value: 1
.liadm.com/	1970-01-20 21:31:07	Name: lidid Value: b922581d-bc8a-4964-ad6b-280497ebfd3c

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	info	URL: blob:https://fast.wistia.net/dd1cbe7e-b157-46d7-828b-8a6f5bb58a3d Message: [log] >
network	error	URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-3-v1-a1.ts Message: Failed to load resource: net::ERR_QUIC_PROTOCOL_ERROR
other	warning	URL: https://static.criteo.net/js/ld/ld.js Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=2HR2nGhmX6nXwqbfrbp1NVsAhCjyjv9M Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-nhnnNr-QHnSJUaZJNgwPglXlsIhjQZnFj6ngFw Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessibilityserver.org
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
amplify.outbrain.com
api.getblueshift.com
api.userway.org
bat.bing.com
c.lytics.io
cdn.getblueshift.com
cdn.jsdelivr.net
cdn.optimizely.com
cdn.stickyadstv.com
cdn.userway.org
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d.turn.com
dis.criteo.com
distillery.wistia.com
dnzkifeab6.execute-api.us-east-1.amazonaws.com
e-10348.adzerk.net
eb2.3lift.com
embedwistia-a.akamaihd.net
events-b.mb.wealthyretirement.com
fast.wistia.com
fast.wistia.net
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
jadserve.postrelease.com
match.sharethrough.com
mug.criteo.com
partner.mediawallahscript.com
pipedream.wistia.com
pixel.rubiconproject.com
portrait-tracker.s3.amazonaws.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.yimg.com
s3.amazonaws.com
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
sync-t1.taboola.com
sync.outbrain.com
tr.outbrain.com
trc.taboola.com
trends.revcontent.com
ups.analytics.yahoo.com
vars.hotjar.com
wealthyretirement.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
104.102.29.65
104.111.242.245
104.75.88.126
13.107.42.14
13.248.245.213
141.226.228.48
142.250.184.194
142.250.186.130
143.204.215.118
143.204.215.5
178.250.2.146
178.250.2.151
18.156.0.31
18.198.158.44
18.205.143.103
18.233.27.104
185.64.189.110
185.86.139.113
2.18.234.233
2.18.235.93
2.21.20.143
2001:4de0:ac18::1:a:1a
2001:4de0:ac19::1:b:2a
2001:678:cb4:bbbb::13
212.82.100.181
23.35.229.86
2600:1f18:444a:4602:f850:4eec:7dd:fbc1
2600:1f18:612b:4200:c26a:81b8:fdad:e020
2600:9000:2057:2600:1b:5138:8a40:93a1
2606:4700:20::681a:216
2606:4700::6810:5814
2606:4700::6810:cf3f
2620:1ec:22::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:80f::2010
2a00:1450:4001:812::2008
2a00:1450:4001:813::2004
2a00:1450:400c:c07::9a
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:3500:16::215:14a0
2a02:26f0:ef:295::13b8
2a02:6ea0:c700::18
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:200::300
2a04:4e42:200::622
2a04:4e42:600::622
3.125.77.13
35.244.174.68
37.252.173.22
37.252.173.62
44.198.216.154
44.227.121.110
44.240.141.78
52.209.107.65
52.217.169.56
52.51.216.125
52.72.41.193
54.164.14.138
54.229.131.207
54.231.130.17
54.77.1.80
54.84.45.101
64.202.112.191
65.9.66.123
65.9.66.22
65.9.66.92
69.173.144.138
74.119.119.150
99.86.4.101
06ed9b8d58cebf0c857d894b0d017357625b537ded3a1b6f9908349083758a67
079bd4d4fef241ce4d4e7234f6ed40b2f66a2b52a843af0e61f0e18368e856c5
09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d
0c4f2068d91add4ccb80c76ec35eb938db206281684194bb65a8f6fa83c4ff59
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0dd7294f8dea6522592417618be6658cea6907e8c12d4751567f5e10c3344059
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06
0f2ffc2a01a717d97125724a3347b0b35eb3ef050b9c3c1b7906ad80d8a4ba61
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10a7751411018f211fb1d5ec7127084a6a4975087bc621baefb3f2430b9c1094
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1b3a37696517a2b95324367430f0cd519c4751ca6ed766c22c6a80ba76c6674e
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1f2229cc3f7dc6236b7ce778db2eea947be52ac6b615f668d01b8880460a1e09
1ff3c35ccc08c1509db11fc59fc84e6ab0171440edb40b84300ff2ada544bce5
229d6077e7d50edc21b4fbde98ddd834327691ca0c12f91e99a38ae42e1a9116
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
25294875032f9525d068cd8a2f5764cf60ac8a5927fee1c4e0cb8f560363c3a5
26a74aa295ceeba34b3ced6606085d0d0ddb1f2120ab099e6aa5aba3620750de
28e8d8be570040b96e09d271d1dd8a6ba68f4805538239eef9bb61da0a659202
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3c3c65f927da48a919f53c62fbfb1c76bef32c8766923e8a02b618d7f793c42c
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
415422ec9a8645bc4a15ba4a860e5a7cb133038c69b28d7a23f3febfc40f9242
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
454e7d6de52bab068a3456f54a7911b531aca5a3966734e4d357db1ffb06a687
45e16c099f70d0a28b59ef206ca26fc1770ca1dc75b9139ffb03fbccf1eb4a9e
4a8192adab342bc70a40ed0b25bc563deb361afd2fdbdb2dedc1ce26bb0c4aee
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52ada88a3283f8f7e92824680aa1193016922892c8d46b728e9edc225b3e3996
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55aecb1f1ef9bc1194c8c9226a1ebffe6b1e5dc0906e02e9da110930bb684e49
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a41d57891295c41db15219348cd6ea25b905786b4485bef3ba4a692c0af7655
5bd4396a3292bf7e009ee924ea3fb8c9b402743714acb7f3ba5f55c27cf532f2
5ce2ba7ca96349b557bad51a18e809d4731a541b1c494143f97e1358d7ad959c
5da28b2486d927ff0a4b85113593877fe6222e0309ce1dce25ad6feef9cf684e
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
651078c24196c6c79ae72674bf04fe8cd86d36adae3d14f86f1b1cd92adee585
65a20c69e67c35a92602f8caefd13afeee999ee6267c87a78e212ef431d51b69
688de2863882cd4e85e4b6316aefb8f610ea02b62ca386fad5b735951e5d6125
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c86d711931baa8aafe66a40ef8c65862dd035c8482fd09d7801aab87ef4fc99
6eeafa097dc79b4a24f8f1c4b4015d24bcacb5cb9d2b11ea1f97a8b0a1799513
70ec22c08951852f4567a4ab812564fa646d41c7925ebad477b37ceaef302e86
821b95ee2680967cd414f8595b8b56e6c75ec0d5518b736e64aca1519ee7d2f3
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8555082c4a2ca4bb86287570748c1aa113f357363240cd2bd6617314aad4c807
88a9252da7c1ef7ef3071dc8bb05a9153d322558b8194721a258494a781501ba
89f6089a08cc1c82d297577a431c69927082a16305c59bea96ae51b58a14156b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
937bec9cb281be602f0cee942df7c076b247a2139d171cf6bba92de6e2dea48a
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
9b6554e3dbe9e11702720eb95ef8808b4e1e307bbec908ab5e6d0e1da2294470
9b70d6dc0d9eebb8a7a0bb4bcaf40f7f5ce562403293c4505110c3b817a31d04
9d2a3bff45e30cac4ea8f689c481cb7efe307cac8d753cdb6ae582f26ff96346
9f1e7f4aec0ef790fc7568dd497d278a2cb6488d8961792f7d6421b83b83ccf7
9f72ed2dfeef063e009cb45581ae6df3d43bd0cf04c299cbde9ed456ae594f8b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a32b5669bc3ce0ecd85ee26f648a5bf1017b15d67f6fd68e363fa739e9d3f054
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ab583e1e1c81587c0efb344e14ae7f0b60e855bd12c3e22f30258d43f96f9bc8
acce289cbfc3ffaa97f344e97a96555bfb5fc8623616888f7bf69556108e409f
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f8cb21725d4ff2ea1bbf3d993a6b1f19c5071225247fe3c62dc7a085298203
b73e8cea8c2d00154464c6ddab3078070dc6bcea7c690aa0e2b1f1a716c5e0ed
b79c62d58312e2647a45edd5989fa8642f40677c669ae4c21abce2c9e51d0cb7
b7b00664204e0061836b1c143cf0458a6d789571814ac850c98a3c8faf8c2720
b9b215bbdb26978ced9af85ac38f07275fee2a8488b2849e0731373f922a3aa4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9d2e9db7611ec45ec27b7bfbf174b6b26c18215b64502b8756711ac3b1c767
c38af5b241a5b0d3e570a4e083533b0020c1779aacad57ca3303c561444a46b4
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c85d1db883c4b08296fcd7e9f258fcd647d725aca193a2dc51a4f1753ecda00c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf7d57ea3d0af25b0dc6bfd80b3de5ca909d7600ed0f915bfabcb754eebee45f
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d4b281b8cb77be7ba0158b1755a7f5724504036b5f2801ef9730b470b765d0e8
d7b235a7e6c9b69611f807670589a15c1be255219367cdbedf1bc92fa82c9dd8
da678e4dd0118222f0c9cb9df67d285e587318777e75e4d4c17abee8c894752b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
e362df2ea96fdc17d900cf0a82c64cb70aac2f8f7f5e2c2726b359913221d6c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ed5d8cd4489c9f70341dd6246fd8207587c1f00e9acd38bccf298275bb537d
e8fe9a0948006991a6946eaebeb921f18d0aaca6eb80e4ee304ff6d502654c31
ea19442df750c76d1acce0c19123c0a7d4a8ea6173068f315e989d46b12a30e5
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ec1f3c07d25a962ec076fe26202cf1b2bde20f0f55f8ce64b70e61c635bdd533
ed3cc403630558032e2d1ae7513970ed92ef6224193eff9448f957f30876a11d
ed8563d664c24e70f971438ff51b6df46d922bce46c60a32e2bfc2e0ef5ae92e
ef01295b57dda4382e21080c16dcaecadba40fd052d48f1dbba277930d294195
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef29e96ffb08bbf4f543dda5bf5fb8db8b2c067232e6033b3c10ba0ccecb10d5
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f1461e6250c102c626aa8164bdaea6967e81fa88c4fc15bdec491d852d4f6bdf
f27782c652bc608717ddc8d7989a6654abe0bd23d4826298feb66eddb53d015e
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

wealthyretirement.com Open in urlscan Pro 18.233.27.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

91 %HTTPS

39 %IPv6

53 Domains

79 Subdomains

69 IPs

8 Countries

5769 kBTransfer

8837 kBSize

68 Cookies

4 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wealthyretirement.com Open in urlscan Pro
18.233.27.104 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

91 %
HTTPS

39 %
IPv6

53
Domains

79
Subdomains

69
IPs

8
Countries

5769 kB
Transfer

8837 kB
Size

68
Cookies

173 HTTP transactions
1 data transactions