voice.thewealthadvisor.com Open in urlscan Pro
192.29.69.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lp.tamps.com/rs/666-PHA-958/images/photo1688360700
Effective URL:
https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard
Submission: On August 06 via api (August 6th 2023, 6:23:58 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 13 domains to perform 43 HTTP transactions. The main IP is 192.29.69.83, located in Toronto, Canada and belongs to ORACLE-BMC-31898, US. The main domain is voice.thewealthadvisor.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 26th 2023. Valid for: a year.

This is the only time voice.thewealthadvisor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.21.33.16 52.21.33.16	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.184.197.212 18.184.197.212	16509 (AMAZON-02) (AMAZON-02)
1	192.29.69.83 192.29.69.83	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	104.126.37.178 104.126.37.178	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
2	184.25.216.9 184.25.216.9	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	192.29.64.60 192.29.64.60	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
4	52.4.229.229 52.4.229.229	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2620:1ec:bdf::44 2620:1ec:bdf::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	108.138.7.118 108.138.7.118	() ()
43	19

1 104.17.73.206 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lp.tamps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.33.16 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: us-ip-1.short.io

tamps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.197.212 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: eu-ip-2.short.io

tamps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.29.69.83 (Toronto, Canada)

ASN31898 (ORACLE-BMC-31898, US)

voice.thewealthadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.37.178 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-178.deploy.static.akamaitechnologies.com

images.trust.thewealthadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.25.216.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-216-9.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.29.64.60 (Toronto, Canada) 2 redirects

ASN31898 (ORACLE-BMC-31898, US)

s187370.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.4.229.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-229-229.compute-1.amazonaws.com

airtable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7e6c57fd0147ee3c33419cb36daa8921.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.138.7.118 (None, )

ASN- ()

static.airtable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	airtable.com airtable.com — Cisco Umbrella Rank: 14328 static.airtable.com	142 KB
5	googlesyndication.com 7e6c57fd0147ee3c33419cb36daa8921.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 158 pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	72 KB
5	eloqua.com 2 redirects s187370.t.eloqua.com	3 KB
5	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3010 www.linkedin.com — Cisco Umbrella Rank: 539	324 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212	178 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 431 mug.criteo.com — Cisco Umbrella Rank: 2526	7 KB
3	thewealthadvisor.com voice.thewealthadvisor.com images.trust.thewealthadvisor.com	159 KB
3	tamps.com 3 redirects lp.tamps.com tamps.com	998 B
2	licdn.com static.licdn.com — Cisco Umbrella Rank: 1945	59 KB
2	en25.com img.en25.com — Cisco Umbrella Rank: 6540	7 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	57 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 623	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 369	1 KB
43	13

	Domain	Requested by
8	static.airtable.com	airtable.com
5	s187370.t.eloqua.com	2 redirects voice.thewealthadvisor.com img.en25.com
5	securepubads.g.doubleclick.net	voice.thewealthadvisor.com securepubads.g.doubleclick.net www.googletagservices.com
4	airtable.com	voice.thewealthadvisor.com airtable.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	www.linkedin.com	platform.linkedin.com voice.thewealthadvisor.com
2	static.licdn.com	www.linkedin.com
2	gum.criteo.com	1 redirects static.criteo.net
2	img.en25.com	voice.thewealthadvisor.com
2	platform.linkedin.com	voice.thewealthadvisor.com www.linkedin.com
2	images.trust.thewealthadvisor.com	voice.thewealthadvisor.com
2	tamps.com	2 redirects
1	pagead2.googlesyndication.com	www.googletagservices.com
1	mug.criteo.com	voice.thewealthadvisor.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	7e6c57fd0147ee3c33419cb36daa8921.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	voice.thewealthadvisor.com
1	lp.tamps.com	1 redirects
43	20

This site contains no links.

Subject Issuer	Validity	Valid
trust.thewealthadvisor.com Go Daddy Secure Certificate Authority - G2	`2023-01-26` - `2024-01-26`	a year	crt.sh
images.trust.thewealthadvisor.com Go Daddy Secure Certificate Authority - G2	`2023-02-01` - `2024-03-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-07-11` - `2024-07-10`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-21` - `2024-05-20`	a year	crt.sh
airtable.com Amazon RSA 2048 M01	`2023-03-20` - `2024-04-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.t.eloqua.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-04-10`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-06-02` - `2023-12-02`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
static.licdn.com DigiCert SHA2 Secure Server CA	`2023-06-22` - `2023-12-22`	6 months	crt.sh
static.airtable.com Amazon RSA 2048 M01	`2023-03-19` - `2024-04-16`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard
Frame ID: 335586C95AFC9E4D2E158C34260DE5D0
Requests: 15 HTTP requests in this frame

Frame: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=gray&viewControls=on
Frame ID: 3802F4BB8634C9EFDD5D2186EDDF4E8F
Requests: 6 HTTP requests in this frame

Frame: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=blue&viewControls=on
Frame ID: 526A422673854773CE18C8B9DF7E00A3
Requests: 6 HTTP requests in this frame

Frame: https://7e6c57fd0147ee3c33419cb36daa8921.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E040DDC4681EC129766A318B6D02473B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKYRJfYmoft_0wpscvGHr1YtlTixuyH5wZEndjBjwlC_8y3AHKwaG-b0bdBHS1OaNCx4pjTEwZNM47m2T8pTOjfVhtkm-I7bG0rn56qHlr72ToJ8SfGWPgRCSKXkQ_lVMxJ3yqTR8f1-hJ8VZVLNYwwdcBz30XK6RM-FRHaKBP9s1nvfII9oH80SH_04v4bv5bhwlszykaDXocEDZbC365IBcDUCbDUe1h8pokwZme649TUCFa22yDZeYJYNXxv7jkst6l4e4xlf5dWofzwGfyPTNEI8X05TVTqGV9VZEWsauNDGx-ZOCKPvKNQoOk8mejnn2yUkkCOvRjNPX3-bc9cnrAKw6Ls8pHgqLSm9P7g324pIo&sai=AMfl-YQ-dcexo-SXBIKr3WqOdcPOdQUtMxiqPHNpDtD_0VphGIn60WIUbwKFOM1O0bHxLtd84cK4aPnisXRlvsaAafGjb8KXEQPhccispAd6ClVQqsVHVtSaWM5Rsa0TD1wg79fjof8N4wtvvedGTEc&sig=Cg0ArKJSzNOz1kufCusIEAE&uach_m=[UACH]&adurl=
Frame ID: 673BEE8FA5BE82221B7BA2AF62287A3A
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=voice.thewealthadvisor.com
Frame ID: 068A01D2CCB3612944BCC375EC16CEB0
Requests: 2 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=2794079&counter=right&xdOrigin=https%3A%2F%2Fvoice.thewealthadvisor.com&xdChannel=187aad65-9701-432b-8a48-90f085c2117c&xd_origin_host=https%3A%2F%2Fvoice.thewealthadvisor.com
Frame ID: CAF9952850680A55467157CF065421D7
Requests: 1 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=2794079&counter=right&xdOrigin=https%3A%2F%2Fvoice.thewealthadvisor.com&xdChannel=187aad65-9701-432b-8a48-90f085c2117c&xd_origin_host=https%3A%2F%2Fvoice.thewealthadvisor.com
Frame ID: 016A3337DDBBA6734DB22CD02E811FA5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Americas Best TAMPS 2023 Digital Dashboard

Page URL History Show full URLs

https://lp.tamps.com/rs/666-PHA-958/images/photo1688360700 HTTP 302
http://tamps.com/ HTTP 301
https://tamps.com/ HTTP 302
https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

43
Requests

93 %
HTTPS

52 %
IPv6

13
Domains

20
Subdomains

19
IPs

5
Countries

1022 kB
Transfer

4307 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lp.tamps.com/rs/666-PHA-958/images/photo1688360700 HTTP 302
http://tamps.com/ HTTP 301
https://tamps.com/ HTTP 302
https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://s187370.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=187370&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=73&PURLRecordID=0&PURLGUID=2E12340AB71E413E94CC4D870B09B861&UseRelativePath=True&elq={00000000-0000-0000-0000-000000000000}&elq_ck=0 HTTP 302
https://s187370.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=187370&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=73&PURLRecordID=0&PURLGUID=2E12340AB71E413E94CC4D870B09B861&UseRelativePath=True&elq={00000000-0000-0000-0000-000000000000}&elq_ck=0&elqCookie=1 HTTP 302
https://s187370.t.eloqua.com/eloquaimages/tinydot.gif

Request Chain 26

https://gum.criteo.com/sid/json?origin=publishertagids&domain=thewealthadvisor.com&sn=ChromeSyncframe&so=0&topUrl=voice.thewealthadvisor.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=x3aNw3xwOFI2OHNVcWZ0WE9rMVdrY1l2T2YxZDEyMmpFY3gyVS9Fc3BzK3Izb1JNbHplcnZBRnRVSjZoVDYwSTl4QkY2b2djRzV1TGcyT3NjWnc5azNDbEJWcFhZVi9tb2xnNUo1YlZUUjZPRkZ0SHZrTnR0UjFyZGtrQzBKdzVodXRSWllZWWNCQWZLY1lOODdnWnppUjhJV05XSkRiZWgvaGI0b3ZTS1lrd3hVelVrWVA3dXV2NWhjSW5UZnpwWUtJNDU5K2Vwc3ZHNnZRZ0NEUEJoUlBXblkxQys2a3Z1emZrcGpoMkw1SFMwSW5GUWRIVjA5MkFoTk1zSldtdDUybVhMT1g3ZEdsUlBrejNmZFlHc0Z6VTJ1T1BHbHJCcU9XZmlhNVc1cTR6eGRqST18&cppv=2

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request ABT-2023-Digital-Dashboard Show response
voice.thewealthadvisor.com/
Redirect Chain

https://lp.tamps.com/rs/666-PHA-958/images/photo1688360700
http://tamps.com/
https://tamps.com/
https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

56 KB
14 KB

735ms
247ms

Document
text/html

192.29.69.83
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.29.69.83 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

ece8b2b07ead69e113e9f2ffff845abaadafebd6109ec8f133cc691042cb4960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Content-Encoding: gzip
Content-Length: 13970
Content-Type: text/html; charset=utf-8
Date: Sun, 06 Aug 2023 18:23:52 GMT
Expires: -1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 06 Aug 2023 18:23:51 GMT
location: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard
x-powered-by: Short.io/Edge
x-ratelimit-limit: 100
x-ratelimit-remaining: 100
x-ratelimit-reset: 1691346240

GET
H/1.1 200
OK %7B010b2833-cf5f-4e1c-bcb4-77452dc780ad%7D_ABT2023_TITLESTRIP.png
images.trust.thewealthadvisor.com/EloquaImages/clients/thewealthadvisor/ 7 KB
7 KB 240ms
63ms Image
image/png 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.trust.thewealthadvisor.com/EloquaImages/clients/thewealthadvisor/%7B010b2833-cf5f-4e1c-bcb4-77452dc780ad%7D_ABT2023_TITLESTRIP.png

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

c665d7f0221234553eab4c092f3034a356c7ccd0d0edb7ab00e43c00cab09455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 18:23:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 7186
X-Xss-Protection: 1; mode=block
Expires: Sun, 06 Aug 2023 18:23:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 186ms
99ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb68e67239cb256abccabb4e3adf80ddbf1081c477ada48ea86b9d067833a61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27915
x-xss-protection: 0
server: cafe
etag: 895 / 19575 / m202308010101 / config-hash: 16920917814545374618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 18:23:52 GMT

GET
H/1.1 200
OK %7B049b8ea8-ffc6-4060-a9da-92faba1bd03d%7D_2023ABT_DashBoardPOPUP.png
images.trust.thewealthadvisor.com/EloquaImages/clients/thewealthadvisor/ 137 KB
137 KB 211ms
70ms Image
image/png 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.trust.thewealthadvisor.com/EloquaImages/clients/thewealthadvisor/%7B049b8ea8-ffc6-4060-a9da-92faba1bd03d%7D_2023ABT_DashBoardPOPUP.png

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

532e06b547a2da872969786d8b2e985154a6c604dc7a2b038c656953b0545506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 18:23:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 140141
X-Xss-Protection: 1; mode=block
Expires: Sun, 06 Aug 2023 18:23:52 GMT

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 199ms
41ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE6) /

Resource Hash

895f3740444229279a90a0cad4551410a2ea285de9654be552f579b5f5444098

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 2889
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163643
x-li-uuid: AAYCRI82mXILkBO+bJuYZA==
last-modified: Sun, 06 Aug 2023 17:35:44 GMT
server: ECAcc (frc/4CE6)
x-li-pop: prod-lva1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Sun, 6 Aug 2023 18:35:44 GMT

GET
H/1.1 200
OK livevalidation_standalone.compressed.js Show response
img.en25.com/i/ 13 KB
4 KB 157ms
50ms Script
application/x-javascript 184.25.216.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/livevalidation_standalone.compressed.js

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.25.216.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-216-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

36ef1cf6246ce3d596a572d7b0e947a7088eefb1af6373f1a0669c9189a6728e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 06 Aug 2023 18:23:52 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 3717
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 06 Apr 2023 15:05:41 GMT
ETag: "6a86f2409968d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Sun, 06 Aug 2023 18:23:52 GMT

GET
H/1.1

200
OK

tinydot.gif
s187370.t.eloqua.com/eloquaimages/
Redirect Chain

https://s187370.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=187370&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=73&PURLRecordID=0&PURLGUID=2E12340AB71E413E94CC4D870B09B861&U...
https://s187370.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=187370&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=73&PURLRecordID=0&PURLGUID=2E12340AB71E413E94CC4D870B09B...
https://s187370.t.eloqua.com/eloquaimages/tinydot.gif

49 B
542 B

138ms
138ms

Image
image/gif

192.29.64.60
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s187370.t.eloqua.com/eloquaimages/tinydot.gif

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

HTTP/1.1

Server

192.29.64.60 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Sun, 06 Aug 2023 18:23:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2023 19:34:30 GMT
ETag: "11affb4e5b8d91:0"
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Sun, 06 Aug 2023 18:23:53 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Location: /eloquaimages/tinydot.gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 142
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 shrfOLmKwN4geSmGO Show response
airtable.com/embed/ Frame 3802 69 KB
19 KB 4284ms
4038ms Document
text/html 52.4.229.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=gray&viewControls=on

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.229.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-229-229.compute-1.amazonaws.com

Software

Tengine /

Resource Hash

bbe3e167581dafd410a87a11647122858a5a172139ea51b731d02aa12d9beb90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://voice.thewealthadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 06 Aug 2023 18:23:56 GMT
document-policy: js-profiling
etag: W/"1149a-0NBN5+XriLzAjy8w7QellRNm0so"
expires: Sun Aug 06 2023 18:23:53 GMT+0000 (Coordinated Universal Time)
referrer-policy: same-origin
reporting-endpoints: default="https://airtable.com/browserReports"
server: Tengine
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ 398 KB
126 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25098
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 05 Aug 2024 11:25:34 GMT

GET
H2 200 shrfOLmKwN4geSmGO Show response
airtable.com/embed/ Frame 526A 69 KB
19 KB 4090ms
4090ms Document
text/html 52.4.229.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=blue&viewControls=on

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.229.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-229-229.compute-1.amazonaws.com

Software

Tengine /

Resource Hash

a120f65a63cbf88922785f0e6e2d53486dfd4db031354ad1cad3c1d90d9f9a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://voice.thewealthadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 06 Aug 2023 18:23:57 GMT
document-policy: js-profiling
etag: W/"1149a-uF5dC2fH65tOmzjc6m28s7wYSCw"
expires: Sun Aug 06 2023 18:23:53 GMT+0000 (Coordinated Universal Time)
referrer-policy: same-origin
reporting-endpoints: default="https://airtable.com/browserReports"
server: Tengine
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 47ms
46ms Script
application/x-javascript 184.25.216.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.25.216.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-216-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 06 Aug 2023 18:23:53 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 06 Apr 2023 15:05:41 GMT
ETag: "12a0ef409968d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Sun, 06 Aug 2023 18:23:53 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 146ms
46ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 288
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwdZHDgJInVBu9UpEHhfSLk3xt0bsIRdJZgJSpLAMXBBoWVA3HtRDlcncKGK2wvIGF%2BHB3cKkXgUseV%2F4wc1akQqz7YtYW3eHHX1MDy3XAQFe%2BArCTJbPFVotYDoyb2Cu8EhNxzHHMDCDuDeLrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f295045cf43696a-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 163ms
59ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 07 Aug 2023 18:23:53 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 91ms
90ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1022623152794641&correlator=130524508889723&eid=31072020%2C31075148&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=21841313772%3A15353089%2Cwealth_advisor%2Ctamp_dashboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x66&ifi=1&adks=1576785518&didk=928590847&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691346233141&lmt=1691346233&adxs=515&adys=63&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fvoice.thewealthadvisor.com%2FABT-2023-Digital-Dashboard&frm=20&vis=1&psz=1180x0&msz=970x0&fws=0&ohw=0&ga_vid=2052902260.1691346233&ga_sid=1691346233&ga_hid=704258885&ga_fc=false&dlt=1691346232717&idt=388

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d29bc932f8dc6f882cdaea1a6814bb9bdf9061a66a555c01f328792c66170f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24820
x-xss-protection: 0
google-lineitem-id: 6230736671
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424132477
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://voice.thewealthadvisor.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7e6c57fd0147ee3c33419cb36daa8921.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E040 6 KB
3 KB 149ms
47ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e6c57fd0147ee3c33419cb36daa8921.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://voice.thewealthadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 18:23:53 GMT
expires: Mon, 05 Aug 2024 18:23:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK svrGP Show response
s187370.t.eloqua.com/visitor/v200/ 0
440 B 338ms
149ms Script
application/javascript 192.29.64.60
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://s187370.t.eloqua.com/visitor/v200/svrGP?pps=50&siteid=187370&DLKey=4494db0bd560442fbb368a39bad767cc&DLLookup=%3CC_EmailAddress%3EEnter_Email%20Address_here%3C%2FC_EmailAddress%3E&ms=155

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.29.64.60 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Sun, 06 Aug 2023 18:23:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 0
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK svrGP
s187370.t.eloqua.com/visitor/v200/ 49 B
477 B 405ms
141ms Image
image/gif 192.29.64.60
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s187370.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=187370&ref2=elqNone&tzo=0&ms=155&optin=disabled

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.29.64.60 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Sun, 06 Aug 2023 18:23:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 FollowCompany.js Show response
www.linkedin.com/pages-extensions/ 1 KB
3 KB 274ms
164ms Script
application/javascript 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/pages-extensions/FollowCompany.js?version=0.1.176

Requested by

Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' .licdn.com .linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ .microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: ; font-src data: ; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src .licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' .licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors ; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: *; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src *.licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' *.licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors *; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
date: Sun, 06 Aug 2023 18:23:52 GMT
x-cache: CONFIG_NOCACHE
content-length: 487
x-li-uuid: AAYCRTtuggJwy+BJfCq2VA==
pragma: no-cache
last-modified: Fri, 01 Feb 1980 00:00:00 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CC8A94EEC9A244199CB721A14A49B57F Ref B: DUS30EDGE0917 Ref C: 2023-08-06T18:23:53Z
etag: "b2d9743c7c39ea585f6fc9a642bbac8a623d087e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-li-fabric: prod-lva1
cache-control: no-cache, no-store
x-li-proto: http/2
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 673B 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKYRJfYmoft_0wpscvGHr1YtlTixuyH5wZEndjBjwlC_8y3AHKwaG-b0bdBHS1OaNCx4pjTEwZNM47m2T8pTOjfVhtkm-I7bG0rn56qHlr72ToJ8SfGWPgRCSKXkQ_lVMxJ3yqTR8f1-hJ8VZVLNYwwdcBz30XK6RM-FRHaKBP9s1nvfII9oH80SH_04v4bv5bhwlszykaDXocEDZbC365IBcDUCbDUe1h8pokwZme649TUCFa22yDZeYJYNXxv7jkst6l4e4xlf5dWofzwGfyPTNEI8X05TVTqGV9VZEWsauNDGx-ZOCKPvKNQoOk8mejnn2yUkkCOvRjNPX3-bc9cnrAKw6Ls8pHgqLSm9P7g324pIo&sai=AMfl-YQ-dcexo-SXBIKr3WqOdcPOdQUtMxiqPHNpDtD_0VphGIn60WIUbwKFOM1O0bHxLtd84cK4aPnisXRlvsaAafGjb8KXEQPhccispAd6ClVQqsVHVtSaWM5Rsa0TD1wg79fjof8N4wtvvedGTEc&sig=Cg0ArKJSzNOz1kufCusIEAE&uach_m=[UACH]&adurl=

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Aug 2023 18:23:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 673B 23 KB
9 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 673B 3 KB
1 KB 133ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 673B 179 KB
57 KB 141ms
54ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 18:23:53 GMT

GET
H2 200 15257499754966774388
tpc.googlesyndication.com/simgad/ Frame 673B 58 KB
58 KB 181ms
94ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15257499754966774388

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a248940684d1e84ac3a36f7dfaa681afd74f111dc6800c7e79711ea8cd9da4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59201
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 16:24:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Aug 2024 18:23:53 GMT

GET
DATA 200
OK truncated
/ Frame 673B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a31fd830a1cd74ca7b130141b6b97122059b26f3bee709fb8de7958f1c26b07

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 068A 15 KB
6 KB 132ms
45ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=voice.thewealthadvisor.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://voice.thewealthadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 18:23:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 319001
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET FollowCompany
www.linkedin.com/pages-extensions/ Frame CAF9 0
0

GET
H2 200 FollowCompany Show response
www.linkedin.com/pages-extensions/ Frame 016A 2 KB
1 KB 182ms
181ms Document
text/html 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/pages-extensions/FollowCompany?id=2794079&counter=right&xdOrigin=https%3A%2F%2Fvoice.thewealthadvisor.com&xdChannel=187aad65-9701-432b-8a48-90f085c2117c&xd_origin_host=https%3A%2F%2Fvoice.thewealthadvisor.com

Requested by

Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ba37eb759b9dcde015fe89ea057eb6ec46cd8d8e6b78e6114c7a5700b970ac39

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' .licdn.com .linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ .microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: ; font-src data: ; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src .licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' .licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors ; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.thewealthadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 809
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: *; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src *.licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' *.licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors *; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
content-type: text/html; charset=utf-8
date: Sun, 06 Aug 2023 18:23:53 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAYCRTtxOJws3FboG4a9yw==
x-msedge-ref: Ref A: 01A91886AE274220953B034C81F62175 Ref B: DUS30EDGE0917 Ref C: 2023-08-06T18:23:53Z

GET
H2

200

sid Show response
mug.criteo.com/ Frame 068A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=thewealthadvisor.com&sn=ChromeSyncframe&so=0&topUrl=voice.thewealthadvisor.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=x3aNw3xwOFI2OHNVcWZ0WE9rMVdrY1l2T2YxZDEyMmpFY3gyVS9Fc3BzK3Izb1JNbHplcnZBRnRVSjZoVDYwSTl4QkY2b2djRzV1TGcyT3NjWnc5azNDbEJWcFhZVi9tb2xnNUo1YlZUUjZPRkZ0SHZrTnR0UjFyZGtrQz...

463 B
677 B

144ms
41ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=x3aNw3xwOFI2OHNVcWZ0WE9rMVdrY1l2T2YxZDEyMmpFY3gyVS9Fc3BzK3Izb1JNbHplcnZBRnRVSjZoVDYwSTl4QkY2b2djRzV1TGcyT3NjWnc5azNDbEJWcFhZVi9tb2xnNUo1YlZUUjZPRkZ0SHZrTnR0UjFyZGtrQzBKdzVodXRSWllZWWNCQWZLY1lOODdnWnppUjhJV05XSkRiZWgvaGI0b3ZTS1lrd3hVelVrWVA3dXV2NWhjSW5UZnpwWUtJNDU5K2Vwc3ZHNnZRZ0NEUEJoUlBXblkxQys2a3Z1emZrcGpoMkw1SFMwSW5GUWRIVjA5MkFoTk1zSldtdDUybVhMT1g3ZEdsUlBrejNmZFlHc0Z6VTJ1T1BHbHJCcU9XZmlhNVc1cTR6eGRqST18&cppv=2

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9c3e932abb29b01357cb0cfe040d373149ab6cf1faa5873d967b7e31eb572e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 18:23:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1170613
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 18:23:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=x3aNw3xwOFI2OHNVcWZ0WE9rMVdrY1l2T2YxZDEyMmpFY3gyVS9Fc3BzK3Izb1JNbHplcnZBRnRVSjZoVDYwSTl4QkY2b2djRzV1TGcyT3NjWnc5azNDbEJWcFhZVi9tb2xnNUo1YlZUUjZPRkZ0SHZrTnR0UjFyZGtrQzBKdzVodXRSWllZWWNCQWZLY1lOODdnWnppUjhJV05XSkRiZWgvaGI0b3ZTS1lrd3hVelVrWVA3dXV2NWhjSW5UZnpwWUtJNDU5K2Vwc3ZHNnZRZ0NEUEJoUlBXblkxQys2a3Z1emZrcGpoMkw1SFMwSW5GUWRIVjA5MkFoTk1zSldtdDUybVhMT1g3ZEdsUlBrejNmZFlHc0Z6VTJ1T1BHbHJCcU9XZmlhNVc1cTR6eGRqST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 258064
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 673B 0
0 157ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsut3ulqLI_BwnywQGtpuhNjBDXrYXi7TZYQYTMxQCG7DeSKf4WsD0IFTM2O9pTTzbLtszvCJLhfiwJ8QL0TfuFfR2BLCfTDCUJcYYzhcEcQ6pASEAHViQraVsAhhpSe2vVIRIZnkR0I9TeXGoRv1WUduw27IXunPSiQ7YcVnePaHz8WZi8mdLOqGpU6vW6y-oNXb3vBIHHbFb0ReJ2_vGpLr5NS8qgD1GgWlZqNk83WZtFv-jYZgYeCSh5cuH26DNsFSXXrEJi6nsKendpoZuaGxiyCvu2otrn2j5_CKZtcDj5IATxHuJ9SKM7KzCXhDVTBj2EylBAXL97hzeoK-PgpTHfcg51FAXd8NqX1dsWFdWvDy_w0XQ&sai=AMfl-YQsPvLYjMiB9e98AXn42BstBF0XtzFpCZxZRaT9ZeilUhMSX6bBJCdmWWHZcsiSP3BRAQdlBY48l5U0kTDh_xQwpc7CoF4YvcuEyZJ4_AAvIFK3SSn75ihggriQ4fhCDJa15b1G76h5R6_69ao&sig=Cg0ArKJSzGR3oFqgtB6MEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Aug 2023 18:23:53 GMT

GET
H2 200 9go7ur7ucj3w3rmq7km3m4jxl
static.licdn.com/aero-v1/sc/h/ Frame 016A 298 KB
57 KB 228ms
81ms Stylesheet
text/css 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.licdn.com/aero-v1/sc/h/9go7ur7ucj3w3rmq7km3m4jxl

Requested by

Host: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=2794079&counter=right&xdOrigin=https%3A%2F%2Fvoice.thewealthadvisor.com&xdChannel=187aad65-9701-432b-8a48-90f085c2117c&xd_origin_host=https%3A%2F%2Fvoice.thewealthadvisor.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cb53d47900644571f51c6c7b572f6771f52c250adcb80472f0a68e1838f076b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linkedin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-ambry-target-account-name: aero
x-cdn: AZUR
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-ambry-blob-size: 305483
content-disposition: attachment
x-li-uuid: AAYCCB3omyhSoZdE+eA/hg==
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0016430684; STORAGE_IN_GB=0.0
last-modified: Wed, 02 Aug 2023 23:07:32 GMT
x-li-pop: prod-ltx1-x
vary: Accept-Encoding
x-azure-ref: 20230806T182353Z-nh915w32vx1rb9uzrn3p0v80k400000006m00000000188p6
content-type: text/css
x-li-fabric: prod-ltx1
access-control-allow-origin: *
access-control-expose-headers: X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto, X-Cache, X-CDN-RCODE
cache-control: max-age=604800, immutable
x-li-proto: http/1.1
x-ambry-target-container-name: assets
timing-allow-origin: *
x-fs-uuid: 000602081de89b2852a19744f9e03f86
expires: Thu, 10 Aug 2023 17:29:05 GMT

GET
H2 200 in.js Show response
platform.linkedin.com/xdoor/scripts/ Frame 016A 510 KB
160 KB 40ms
40ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/xdoor/scripts/in.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF0) /

Resource Hash

a38357f7e06730a664bbae83c01589b06da7881efca39c029cb3f647ece39e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linkedin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 1688
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163639
x-li-uuid: AAYCRNbcGNAoGI7+Ebkz3w==
last-modified: Sun, 06 Aug 2023 17:55:46 GMT
server: ECAcc (frc/4CF0)
x-li-pop: prod-ltx1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-ltx1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Sun, 6 Aug 2023 18:55:46 GMT

GET
H2 200 cwphtfsvdwm4k6n91alllgs6q Show response
static.licdn.com/aero-v1/sc/h/ Frame 016A 4 KB
2 KB 266ms
120ms Script
text/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.licdn.com/aero-v1/sc/h/cwphtfsvdwm4k6n91alllgs6q

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3474d77e56176d1b865553eee382eaeea05dd8ab5c6579d1b2412988c530506

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linkedin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-ambry-target-account-name: aero
x-cdn: AZUR
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-ambry-blob-size: 4448
content-disposition: attachment
x-li-uuid: AAYB8CC5r8izjxbVKotuhg==
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0042238864; STORAGE_IN_GB=0.0
last-modified: Mon, 13 Feb 2023 20:32:05 GMT
x-li-pop: prod-lva1-x
vary: Accept-Encoding
x-azure-ref: 20230806T182353Z-nh915w32vx1rb9uzrn3p0v80k400000006m00000000188p7
content-type: text/javascript
x-li-fabric: prod-lva1
access-control-allow-origin: *
access-control-expose-headers: X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto, X-Cache, X-CDN-RCODE
cache-control: max-age=604800, immutable
x-li-proto: http/1.1
x-ambry-target-container-name: assets
timing-allow-origin: *
x-fs-uuid: 000601f020b9afc8b38f16d52a8b6e86
expires: Wed, 09 Aug 2023 12:51:53 GMT

POST
H2 200 csp
www.linkedin.com/security/ Frame 016A 0
272 B 160ms
160ms Other
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/security/csp?f=gnf

Requested by

Host: voice.thewealthadvisor.com
URL: https://voice.thewealthadvisor.com/ABT-2023-Digital-Dashboard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.linkedin.com/pages-extensions/FollowCompany?id=2794079&counter=right&xdOrigin=https%3A%2F%2Fvoice.thewealthadvisor.com&xdChannel=187aad65-9701-432b-8a48-90f085c2117c&xd_origin_host=https%3A%2F%2Fvoice.thewealthadvisor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 18:23:53 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C34A7BD1903D428A8806FEF51BC6EE4F Ref B: DUS30EDGE0917 Ref C: 2023-08-06T18:23:53Z
x-frame-options: sameorigin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
cache-control: no-cache, no-store
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCRTt4P4/YDKWgUVjLbg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 673B 42 B
404 B 235ms
142ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn_YmQpAvzIKQxpnG3JLIGmVTLHYEdwDBNp62vdlmTiKItSrkM5YSeP7Iac9eJ81fwFqjoNln2f312PrsENlC9taS9SboF_LOs7BUPd6DRVmjXjIEi&sig=Cg0ArKJSzFSVtpU7UK8UEAE&id=lidar2&mcvt=1000&p=62,515,128,1485&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230802&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1576785518&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691346233285&rpt=266&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voice.thewealthadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 18:23:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.css
airtable.com/css/compiled/ Frame 3802 1 MB
0 132ms
130ms Stylesheet
text/css 52.4.229.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://airtable.com/css/compiled/all.css?v=3457bc0ee6b9d2e3-7

Requested by

Host: airtable.com
URL: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=gray&viewControls=on

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.229.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-229-229.compute-1.amazonaws.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 03 Aug 2023 19:51:17 GMT
server: Tengine
etag: W/"135f6e-189bcf457ce"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 regenerator-runtime.min.js
static.airtable.com/js/lib/ Frame 3802 6 KB
3 KB 279ms
43ms Script
application/javascript 108.138.7.118

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airtable.com/js/lib/regenerator-runtime.min.js
Requested by: Host: airtable.com
URL: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=gray&viewControls=on
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.118 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Origin: https://airtable.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
date: Sun, 06 Aug 2023 02:16:35 GMT
x-amz-cf-pop: FRA56-P6
age: 58042
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 09 Feb 2018 02:02:17 GMT
server: AmazonS3
etag: W/"ec248752962b887495c894a84e31035e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 7XRBIjiSWpsE2Iiw8Yr39ag2EJmHWJUcSMKF3aahEr1ll5bqMxaP7Q==

GET
H2 200 jquery.min.js
static.airtable.com/js/lib/jquery/2.1.4/ Frame 3802 82 KB
29 KB 285ms
49ms Script
application/javascript 108.138.7.118

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airtable.com/js/lib/jquery/2.1.4/jquery.min.js
Requested by: Host: airtable.com
URL: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=gray&viewControls=on
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.118 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Origin: https://airtable.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
date: Sun, 06 Aug 2023 03:37:25 GMT
x-amz-cf-pop: FRA56-P6
age: 53202
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 09 Feb 2018 01:53:38 GMT
server: AmazonS3
etag: W/"4a356126b9573eb7bd1e9a7494737410"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: VvIY8sAb_NSd1kPDDpRGJYZCtTDTdIjoglrUMhyWhuywfk2HbTgpKA==

GET
H2 200 jquery-ui-1.11.4.custom.mod6.min.js
static.airtable.com/js/lib/jquery/ Frame 3802 127 KB
33 KB 319ms
83ms Script
application/javascript 108.138.7.118

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airtable.com/js/lib/jquery/jquery-ui-1.11.4.custom.mod6.min.js
Requested by: Host: airtable.com
URL: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=gray&viewControls=on
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.118 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Origin: https://airtable.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
date: Sun, 06 Aug 2023 08:50:50 GMT
x-amz-cf-pop: FRA56-P6
age: 34400
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 06 Feb 2020 03:34:27 GMT
server: AmazonS3
etag: W/"95f787d1071f17db3f7cf1b946468e34"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: Aqy9dkS29K2hiNQm_yly62OoYysrLE4QtcxWPNP-jY7hPbQNzpvO9w==

GET
H2 200 run_share.js
static.airtable.com/esbuild/by_sha/3457bc0e/br/client/ Frame 3802 12 KB
4 KB 327ms
92ms Script
application/javascript 108.138.7.118

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airtable.com/esbuild/by_sha/3457bc0e/br/client/run_share.js
Requested by: Host: airtable.com
URL: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=gray&viewControls=on
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.118 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Origin: https://airtable.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 19:49:33 GMT
content-encoding: br
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
x-amz-version-id: v_sqqax5OlhUFNzxqE_gXUJmcyeHvO9i
x-amz-cf-pop: FRA56-P6
age: 254065
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3201
last-modified: Thu, 03 Aug 2023 19:22:59 GMT
server: AmazonS3
etag: "4dbb5bd97d04b8a309ff2f9c857bcbd3"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: https://airtable.com
x-amz-cf-id: LFljFuu_86WbVSAJ4zgC7GtlekyGZf8FTLUpY8fjzw0LlZL4X0WnyA==

GET
H2 200 all.css
airtable.com/css/compiled/ Frame 526A 164 KB
0 226ms
225ms Stylesheet
text/css 52.4.229.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://airtable.com/css/compiled/all.css?v=f633c7db390979d8-7

Requested by

Host: airtable.com
URL: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=blue&viewControls=on

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.229.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-229-229.compute-1.amazonaws.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:23:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 03 Aug 2023 19:52:03 GMT
server: Tengine
etag: W/"135f6e-189bcf50b02"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 regenerator-runtime.min.js
static.airtable.com/js/lib/ Frame 526A 6 KB
3 KB 306ms
93ms Script
application/javascript 108.138.7.118

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airtable.com/js/lib/regenerator-runtime.min.js
Requested by: Host: airtable.com
URL: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=blue&viewControls=on
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.118 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Origin: https://airtable.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
date: Sun, 06 Aug 2023 02:16:35 GMT
x-amz-cf-pop: FRA56-P6
age: 58042
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 09 Feb 2018 02:02:17 GMT
server: AmazonS3
etag: W/"ec248752962b887495c894a84e31035e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: La-oHOd-fCCdNF5xY40mBAIteiK-XK0D4rix4m5Ryv3oulMVety3Vg==

GET
H2 200 jquery.min.js
static.airtable.com/js/lib/jquery/2.1.4/ Frame 526A 82 KB
29 KB 312ms
99ms Script
application/javascript 108.138.7.118

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airtable.com/js/lib/jquery/2.1.4/jquery.min.js
Requested by: Host: airtable.com
URL: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=blue&viewControls=on
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.118 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Origin: https://airtable.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
date: Sun, 06 Aug 2023 03:37:25 GMT
x-amz-cf-pop: FRA56-P6
age: 53202
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 09 Feb 2018 01:53:38 GMT
server: AmazonS3
etag: W/"4a356126b9573eb7bd1e9a7494737410"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: Omih0pRns5V4JL1YXsIwehp5uVqT7tbB_npAdDGGNECLIZLim2RmXg==

GET
H2 200 jquery-ui-1.11.4.custom.mod6.min.js
static.airtable.com/js/lib/jquery/ Frame 526A 127 KB
0 336ms
123ms Script
application/javascript 108.138.7.118

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airtable.com/js/lib/jquery/jquery-ui-1.11.4.custom.mod6.min.js
Requested by: Host: airtable.com
URL: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=blue&viewControls=on
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.118 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Origin: https://airtable.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
date: Sun, 06 Aug 2023 08:50:50 GMT
x-amz-cf-pop: FRA56-P6
age: 34400
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 06 Feb 2020 03:34:27 GMT
server: AmazonS3
etag: W/"95f787d1071f17db3f7cf1b946468e34"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: oUOih3xare7truAZMOowDNyvD3EXI4fdd_IN04j7bPjs7onYuOQcfA==

GET
H2 200 run_share.js
static.airtable.com/esbuild/by_sha/f633c7db/br/client/ Frame 526A 12 KB
4 KB 345ms
132ms Script
application/javascript 108.138.7.118

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airtable.com/esbuild/by_sha/f633c7db/br/client/run_share.js
Requested by: Host: airtable.com
URL: https://airtable.com/embed/shrfOLmKwN4geSmGO?backgroundColor=blue&viewControls=on
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.118 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Origin: https://airtable.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 19:26:59 GMT
content-encoding: br
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
x-amz-version-id: er7j50vAOnI_KRIXQzKpogtFMOsCvlJK
x-amz-cf-pop: FRA56-P6
age: 169019
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="MBVrHwYPgIBBOaYGuexlXnKFQNHVRxvwoO2Aqmr_0BalF30Vu6SwRA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
content-length: 3201
last-modified: Fri, 04 Aug 2023 18:01:53 GMT
server: AmazonS3
etag: "4dbb5bd97d04b8a309ff2f9c857bcbd3"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: https://airtable.com
x-amz-cf-id: MBVrHwYPgIBBOaYGuexlXnKFQNHVRxvwoO2Aqmr_0BalF30Vu6SwRA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=2794079&counter=right&xdOrigin=https%3A%2F%2Fvoice.thewealthadvisor.com&xdChannel=187aad65-9701-432b-8a48-90f085c2117c&xd_origin_host=https%3A%2F%2Fvoice.thewealthadvisor.com

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lp.tamps.com/	1969-12-31 23:59:59	Name: BIGipServerab62web-nginx-app_https Value: !PhrWZgsPiz+bIcukCIQPm+cqSAXSEUboINAFJB8JK4ggsOJRPGQskNPlFTIgdkE/WWQ1Hw7m14JEdbA=
.lp.tamps.com/	1970-01-20 13:49:08	Name: __cf_bm Value: fy3NeK0l37_EjBKrChZOaEKC4c8Hz95VZGQ6KXcbKEo-1691346231-0-Ae447k7uIuUnSB+Nf/9uLBRaBj02qOdwkUccWlBs7v2TtHG6taEMKBh5EeVsWl6NA5NS1PQdwuH6AzY456Uz7j4=
.voice.thewealthadvisor.com/	1970-01-20 23:20:47	Name: ELOQUA Value: GUID=2E12340AB71E413E94CC4D870B09B861
.thewealthadvisor.com/	1970-01-20 23:10:42	Name: __gads Value: ID=1682d1481f7b68d6:T=1691346233:RT=1691346233:S=ALNI_MYTyhKxxu5hrFsCtNaapwPlj8FDgQ
.thewealthadvisor.com/	1970-01-20 23:10:42	Name: __gpi Value: UID=00000c7a0b7e77a2:T=1691346233:RT=1691346233:S=ALNI_Ma5C6xOyZcnmCjgrLElvq0MGedrTQ
.eloqua.com/	1970-01-20 23:20:47	Name: ELOQUA Value: GUID=95956C0B304A44DA83B2BB1875816D98
.eloqua.com/	1970-01-20 23:20:47	Name: ELQSTATUS Value: OK
.doubleclick.net/	1970-01-20 23:10:42	Name: IDE Value: AHWqTUkKozLczv3BPffCjIgFH_ffjDPgG279w1lvjwh3gYTKJp3yoPM8-USAYeuq43Y
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.linkedin.com/	1970-01-20 22:34:42	Name: bcookie Value: "v=2&3863cc22-0a9f-4943-8e1e-54b7c71e0780"
.www.linkedin.com/	1970-01-20 22:34:42	Name: bscookie Value: "v=1&202308061823538d966b15-b033-4ecb-8478-2a169719836eAQHQNnOJ_OAi05VSqsPc6DSt4qzs1D5v"
.linkedin.com/	1970-01-20 18:08:18	Name: li_gc Value: MTswOzE2OTEzNDYyMzM7MjswMjEzYSo6JIndiyZv6wrMP30TNnnR4FVWoRQJBTjT9NqedA==
.linkedin.com/	1970-01-20 13:50:32	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2954:u=1:x=1:i=1691346233:t=1691432633:v=2:sig=AQGfkM5qseMgf-cYlAZqPmXoO7a5TmFw"
.criteo.com/	1970-01-20 23:10:42	Name: uid Value: 6e699512-7266-40df-bfdf-38519330900d
.www.linkedin.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: ajax:6710674665728301981
.thewealthadvisor.com/	1970-01-20 23:10:42	Name: cto_bundle Value: AsH5W19MNHJyeEZBRzhxVVhyY3MybjdEck9WdktNQVp1QyUyRmROMVpRTGxaRjNFRG5PSTBqJTJCTGtMa3o4eThBcFE1eUxjYkxHUEF3bFU2dE9aVyUyQnJWMm9XJTJGWGloJTJGNXMlMkJ5ZEthWWludjRQaTNLU2dzNndMTkJNdjJWMlBrTDZBSUdWeDNtTXZvUld1SkJGYm1LanFUUDVERkM5bjVxbXNJaENqeUdrZCUyQlVYYnhDeTJYOCUzRA
airtable.com/	1970-01-20 13:59:11	Name: AWSALBCORS Value: AnD3oCR00hIL2FgL3Q5SXge5mgZl6ZG+EJXh8kdIuIXGtvP5LchPGh//mjLDYHXHcCQYlY3KP5Xa6C3X7uVhUhZ/1g+lW3AYv0HhM1PboRa+8KPTj+3FzBQj1G3B
.airtable.com/	1970-01-20 22:36:08	Name: brw Value: brwiGwcP3YlKQP2zw
airtable.com/	1970-01-20 22:36:08	Name: __Host-airtable-session Value: eyJzZXNzaW9uSWQiOiJzZXNONFZnb1dNN1JzR3M0ZyIsImNzcmZTZWNyZXQiOiJTY1FiMXJ3TFdEUXZNcnM1ckhwRXd6NTYifQ==
airtable.com/	1970-01-20 22:36:08	Name: __Host-airtable-session.sig Value: 9WPLA0RbiATYDNuHo7w-Zro0NN8ua72S4qB0e27a2T0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7e6c57fd0147ee3c33419cb36daa8921.safeframe.googlesyndication.com
airtable.com
cdn.jsdelivr.net
gum.criteo.com
images.trust.thewealthadvisor.com
img.en25.com
lp.tamps.com
mug.criteo.com
pagead2.googlesyndication.com
platform.linkedin.com
s187370.t.eloqua.com
securepubads.g.doubleclick.net
static.airtable.com
static.criteo.net
static.licdn.com
tamps.com
tpc.googlesyndication.com
voice.thewealthadvisor.com
www.googletagservices.com
www.linkedin.com
www.linkedin.com
104.126.37.178
104.17.73.206
108.138.7.118
178.250.1.11
18.184.197.212
184.25.216.9
192.29.64.60
192.29.69.83
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:4700::6810:5514
2620:1ec:21::14
2620:1ec:bdf::44
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2002
2a00:1450:4001:82b::2001
2a02:2638:3::c
2a02:2638:d::2
52.21.33.16
52.4.229.229
275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37
2a31fd830a1cd74ca7b130141b6b97122059b26f3bee709fb8de7958f1c26b07
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
36ef1cf6246ce3d596a572d7b0e947a7088eefb1af6373f1a0669c9189a6728e
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
532e06b547a2da872969786d8b2e985154a6c604dc7a2b038c656953b0545506
895f3740444229279a90a0cad4551410a2ea285de9654be552f579b5f5444098
8a248940684d1e84ac3a36f7dfaa681afd74f111dc6800c7e79711ea8cd9da4e
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
9c3e932abb29b01357cb0cfe040d373149ab6cf1faa5873d967b7e31eb572e2d
a120f65a63cbf88922785f0e6e2d53486dfd4db031354ad1cad3c1d90d9f9a3d
a38357f7e06730a664bbae83c01589b06da7881efca39c029cb3f647ece39e72
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
ba37eb759b9dcde015fe89ea057eb6ec46cd8d8e6b78e6114c7a5700b970ac39
bb68e67239cb256abccabb4e3adf80ddbf1081c477ada48ea86b9d067833a61a
bbe3e167581dafd410a87a11647122858a5a172139ea51b731d02aa12d9beb90
c665d7f0221234553eab4c092f3034a356c7ccd0d0edb7ab00e43c00cab09455
cb53d47900644571f51c6c7b572f6771f52c250adcb80472f0a68e1838f076b5
d29bc932f8dc6f882cdaea1a6814bb9bdf9061a66a555c01f328792c66170f4d
e3474d77e56176d1b865553eee382eaeea05dd8ab5c6579d1b2412988c530506
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece8b2b07ead69e113e9f2ffff845abaadafebd6109ec8f133cc691042cb4960
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

voice.thewealthadvisor.com Open in urlscan Pro 192.29.69.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

93 %HTTPS

52 %IPv6

13 Domains

20 Subdomains

19 IPs

5 Countries

1022 kBTransfer

4307 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

voice.thewealthadvisor.com Open in urlscan Pro
192.29.69.83 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

93 %
HTTPS

52 %
IPv6

13
Domains

20
Subdomains

19
IPs

5
Countries

1022 kB
Transfer

4307 kB
Size

20
Cookies

43 HTTP transactions
1 data transactions