www.savingmyretirement-native.com Open in urlscan Pro
3.69.136.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rs-stripe.tradebriefs.com/stripe/redirect?cs_email=63272bf9ab331&cs_stripeid=123366&cs_sendid=2022-09-18&cs_offset=1&cs_es...
Effective URL:
https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_s...
Submission: On September 18 via api (September 18th 2022, 10:09:13 pm UTC) from US — Scanned from DE

Summary HTTP 66 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 32 domains to perform 66 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.savingmyretirement-native.com.
TLS certificate: Issued by R3 on September 12th 2022. Valid for: 3 months.

This is the only time www.savingmyretirement-native.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	13.84.54.237 13.84.54.237	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	18.193.209.105 18.193.209.105	16509 (AMAZON-02) (AMAZON-02)
1	3.69.136.55 3.69.136.55	16509 (AMAZON-02) (AMAZON-02)
4	13.32.99.104 13.32.99.104	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:9e00:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.111.80.119 34.111.80.119	15169 (GOOGLE) (GOOGLE)
2	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.92.148.0 52.92.148.0	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	143.204.214.231 143.204.214.231	16509 (AMAZON-02) (AMAZON-02)
1	54.236.100.80 54.236.100.80	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.215.45 143.204.215.45	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2600:9000:230... 2600:9000:2304:5000:9:d7ff:bd00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	18.235.166.21 18.235.166.21	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.33.198.133 52.33.198.133	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
66	36

2 13.84.54.237 (San Antonio, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rs-stripe.tradebriefs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.rev-stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.209.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com

track.roitrketer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com

www.savingmyretirement-native.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.99.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-104.fra60.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:9e00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.80.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.80.111.34.bc.googleusercontent.com

www.gcjdjhs3e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

0f45c382aad447eca80d744b72deadb8.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.148.0 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.214.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-231.fra53.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.100.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-100-80.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-45.fra53.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:5000:9:d7ff:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn1.decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

0f45c382aad447eca80d744b72deadb8.pages.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.166.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-166-21.compute-1.amazonaws.com

0f45c382aad447eca80d744b72deadb8.events.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.33.198.133 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-198-133.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	171 KB
6	gstatic.com fonts.gstatic.com	183 KB
5	ubembed.com 0f45c382aad447eca80d744b72deadb8.js.ubembed.com — Cisco Umbrella Rank: 743638 assets.ubembed.com — Cisco Umbrella Rank: 9660 df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com — Cisco Umbrella Rank: 657539 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com 0f45c382aad447eca80d744b72deadb8.events.ubembed.com	55 KB
4	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 25023 track.hubspot.com — Cisco Umbrella Rank: 2260 api.hubspot.com — Cisco Umbrella Rank: 4617	22 KB
4	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 17883	73 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2418 tr.outbrain.com — Cisco Umbrella Rank: 2246	4 KB
2	alocdn.com 1 redirects p.alocdn.com — Cisco Umbrella Rank: 5868	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6352	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	655 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	2 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2590
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	34 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	144 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4786	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2156	16 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 7897	865 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	297 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 538	356 B
1	t.co t.co — Cisco Umbrella Rank: 489	338 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2495	6 KB
1	decide.dev cdn1.decide.dev — Cisco Umbrella Rank: 26055	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 613	15 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 26515	245 B
1	amazonaws.com s3-us-west-2.amazonaws.com	33 KB
1	gcjdjhs3e.com www.gcjdjhs3e.com — Cisco Umbrella Rank: 567088	18 KB
1	savingmyretirement-native.com www.savingmyretirement-native.com	11 KB
1	roitrketer.com 1 redirects track.roitrketer.com	695 B
1	rev-stripe.com 1 redirects tr.rev-stripe.com — Cisco Umbrella Rank: 137766	597 B
1	tradebriefs.com 1 redirects rs-stripe.tradebriefs.com	473 B
66	32

	Domain	Requested by
9	d9hhrg4mnvzow.cloudfront.net	www.savingmyretirement-native.com 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
6	fonts.gstatic.com	fonts.googleapis.com
4	builder-assets.unbounce.com	www.savingmyretirement-native.com 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
2	api.hubspot.com	js.usemessages.com
2	p.alocdn.com	1 redirects
2	www.google.de	www.savingmyretirement-native.com
2	www.google.com	www.savingmyretirement-native.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	tr.outbrain.com	amplify.outbrain.com www.savingmyretirement-native.com
2	connect.facebook.net	www.savingmyretirement-native.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	builder-assets.unbounce.com
2	www.googletagmanager.com	www.savingmyretirement-native.com www.googletagmanager.com
2	d34qb8suadcc4g.cloudfront.net	www.savingmyretirement-native.com d34qb8suadcc4g.cloudfront.net
1	js.usemessages.com	js-na1.hs-scripts.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hubspot.com
1	0f45c382aad447eca80d744b72deadb8.events.ubembed.com	assets.ubembed.com
1	www.facebook.com	www.savingmyretirement-native.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	analytics.twitter.com	www.savingmyretirement-native.com
1	t.co	www.savingmyretirement-native.com
1	www.googleadservices.com	www.googletagmanager.com
1	0f45c382aad447eca80d744b72deadb8.pages.ubembed.com	assets.ubembed.com
1	cdn.pdst.fm	www.savingmyretirement-native.com
1	cdn1.decide.dev	www.googletagmanager.com
1	static.ads-twitter.com	www.savingmyretirement-native.com
1	df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	assets.ubembed.com	0f45c382aad447eca80d744b72deadb8.js.ubembed.com
1	events.ub-analytics.com	www.savingmyretirement-native.com
1	s3-us-west-2.amazonaws.com	www.savingmyretirement-native.com
1	js.hubspot.com	www.savingmyretirement-native.com
1	0f45c382aad447eca80d744b72deadb8.js.ubembed.com	www.savingmyretirement-native.com
1	www.gcjdjhs3e.com	www.savingmyretirement-native.com
1	www.savingmyretirement-native.com
1	track.roitrketer.com	1 redirects
1	tr.rev-stripe.com	1 redirects
1	rs-stripe.tradebriefs.com	1 redirects
66	41

This site contains links to these domains. Also see Links.

Domain
goldco.com
submit.optout-goldco.com

Subject Issuer	Validity	Valid
www.savingmyretirement-native.com R3	`2022-09-12` - `2022-12-11`	3 months	crt.sh
*.unbounce.com Amazon	`2022-02-08` - `2023-03-09`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
gcjdjhs3e.com Starfield Secure Certificate Authority - G2	`2022-05-13` - `2023-05-13`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.ub-analytics.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-28` - `2022-09-26`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.decide.dev Amazon	`2022-01-24` - `2023-02-22`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2022-08-08` - `2022-11-06`	3 months	crt.sh
*.pages.ubembed.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-28` - `2023-03-31`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.events.ubembed.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Frame ID: 0C03B77EE6769634AF0AB8D188312CCE
Requests: 51 HTTP requests in this frame

Frame: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ae.html?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF&closedAt=0
Frame ID: 1BE625FB06A8CB8D593986F85EA72522
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

This Could Be The Most Important Message You Read All Year! | Goldco

Page URL History Show full URLs

http://rs-stripe.tradebriefs.com/stripe/redirect?cs_email=63272bf9ab331&cs_stripeid=123366&cs_sendid=2022-09-... HTTP 301
http://tr.rev-stripe.com/stripe/redirect?cs_email=63272bf9ab331&cs_stripeid=123366&cs_sendid=2022-09-... HTTP 303
https://track.roitrketer.com/21ed1c26-2621-4e24-a1d8-70cbf00d2d74?tardev=email_&pub=3328&cst=0.76&pi_adid... HTTP 302
https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&c... Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

66
Requests

95 %
HTTPS

46 %
IPv6

32
Domains

41
Subdomains

36
IPs

4
Countries

853 kB
Transfer

2020 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://goldco.com/privacy-policy/?__hstc=233391809.96b0e8af0212123f70e197554d9fa4f1.1663538948561.1663538948561.1663538948561.1&__hssc=233391809.1.1663538948562&__hsfp=492729889
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://goldco.com/terms-and-conditions/?__hstc=233391809.96b0e8af0212123f70e197554d9fa4f1.1663538948561.1663538948561.1663538948561.1&__hssc=233391809.1.1663538948562&__hsfp=492729889
Title: T&C

Search URL Search Domain Scan URL

URL: http://submit.optout-goldco.com/unsub/7zE6qafxRd2XIqW3mSzrRQXx3bQCQKYFOgTICRC2R0rB13u8MSMyfumxJe2N3lcp
Title: click here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rs-stripe.tradebriefs.com/stripe/redirect?cs_email=63272bf9ab331&cs_stripeid=123366&cs_sendid=2022-09-18&cs_offset=1&cs_esp=custom&articletb=tb_banner HTTP 301
http://tr.rev-stripe.com/stripe/redirect?cs_email=63272bf9ab331&cs_stripeid=123366&cs_sendid=2022-09-18&cs_offset=1&cs_esp=custom&articletb=tb_banner HTTP 303
https://track.roitrketer.com/21ed1c26-2621-4e24-a1d8-70cbf00d2d74?tardev=email_&pub=3328&cst=0.76&pi_adid=813607&pi_clickid=d7183c6598b84cf1aaa0d0d8e5fdc991 HTTP 302
https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.0%2522%252C%2522guid%2522%253A%2522b29eb0fc-55be-42fa-893b-a9e091569b93%2522%257D&title=This%20Could%20Be%20The%20Most%20Important%20Message%20You%20Read%20All%20Year!%20%7C%20Goldco&url=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF HTTP 302
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.0%2522%252C%2522guid%2522%253A%2522b29eb0fc-55be-42fa-893b-a9e091569b93%2522%257D&title=This%20Could%20Be%20The%20Most%20Important%20Message%20You%20Read%20All%20Year%21%20%7C%20Goldco&url=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&tdc=1

66 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.savingmyretirement-native.com/biden-warning-shot-122921/
Redirect Chain

http://rs-stripe.tradebriefs.com/stripe/redirect?cs_email=63272bf9ab331&cs_stripeid=123366&cs_sendid=2022-09-18&cs_offset=1&cs_esp=custom&articletb=tb_banner
http://tr.rev-stripe.com/stripe/redirect?cs_email=63272bf9ab331&cs_stripeid=123366&cs_sendid=2022-09-18&cs_offset=1&cs_esp=custom&articletb=tb_banner
https://track.roitrketer.com/21ed1c26-2621-4e24-a1d8-70cbf00d2d74?tardev=email_&pub=3328&cst=0.76&pi_adid=813607&pi_clickid=d7183c6598b84cf1aaa0d0d8e5fdc991
https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T00000...

57 KB
11 KB

221ms
48ms

Document
text/html

3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de7c0106609ecdd4f366663e38fecc53224c2ae10b6450da01332a5680c179df

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-location: https://www.savingmyretirement-native.com/biden-warning-shot-122921/
content-type: text/html; charset=UTF-8
date: Sun, 18 Sep 2022 22:09:06 GMT
etag: "o:e07d7d632e6d892d58ea32c0a17f073b"
last-modified: Fri, 16 Sep 2022 22:01:53 GMT
link: <https://www.savingmyretirement-native.com/biden-warning-shot-122921/>; rel="canonical"
p3p: CP="This is not a privacy policy."
transfer-encoding: chunked
x-proxy-backend: page-server
x-unbounce-pageid: d18ee5ff-ee53-46d2-8a27-d1705756d9b5
x-unbounce-variant: o
x-unbounce-visitorid: c815d0ab-1495-44f3-b749-6e5212505a3b

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Sun, 18 Sep 2022 22:09:06 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
pragma: no-cache
server: nginx

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 152ms
38ms Stylesheet
text/css 13.32.99.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 01:12:18 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 22:28:54 GMT
server: AmazonS3
age: 19515409
etag: "43729a62fb549c1f6784cd5cc32082e0"
x-cache: Hit from cloudfront
x-amz-version-id: kJDetr_gaa4mXuLbtL4sIGZNSy2Uu.RY
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: nUA61EjerEFtzyTi9_s7S2CgBanXZL9kJ0u7JLG4T6VbgCsTmQtdHA==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 132ms
37ms Script
application/javascript 2600:9000:2057:9e00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9e00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 10:29:43 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
server: AmazonS3
age: 8422764
etag: "f6420c864830b5860bfaadd47a2bb21b"
x-cache: Hit from cloudfront
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 1856
x-amz-cf-id: yteCetW-whF36qrlAj1ifm1bxhTrOemmzok8LJ8LU0ywu5wcgh6Gkg==

GET
H2 200 everflow.js Show response
www.gcjdjhs3e.com/scripts/sdk/ 58 KB
18 KB 282ms
141ms Script
text/javascript 34.111.80.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gcjdjhs3e.com/scripts/sdk/everflow.js
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.80.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.80.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 64966b8bc82723ee6064484ecfaf675b1fcaf327b78eaab6728dc451d218c490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:06 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=14400
x-eflow-request-id: 586f870f-461d-4042-889b-b8bdf925ab9b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 main.bundle-384ff03.z.js Show response
builder-assets.unbounce.com/published-js/ 103 KB
33 KB 45ms
45ms Script
application/javascript 13.32.99.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:18:57 GMT
content-encoding: gzip
last-modified: Mon, 04 Jul 2022 16:47:26 GMT
server: AmazonS3
age: 6583810
etag: "1825a0c47b2e38b6cf30a4072987bce1"
x-cache: Hit from cloudfront
x-amz-version-id: 8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: application/javascript
content-length: 33495
x-amz-cf-id: KcnvUPO4YK92UuC3aADDuXI6nFosI-b3kADqKA3YK9az5L0R-O-Opg==

GET
H2 200 / Show response
0f45c382aad447eca80d744b72deadb8.js.ubembed.com/ 2 KB
2 KB 263ms
144ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://0f45c382aad447eca80d744b72deadb8.js.ubembed.com/
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ea2e0ea8742d4db015d40ec77e2a976a553d80f0aa31ec84af7ee30fc113cd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:06 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
etag: W/7ff2dd9534a404f32a2aecb9954e8368-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA56-P3
accept-ranges: none
x-amz-apigw-id: YrSIeGF2joEFsqg=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 304 KB
84 KB 165ms
66ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK

Requested by

Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3931d3e0be47f8b72a4b380a25a19e6569ea516c3578be36f8ded9a87176171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85306
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Sep 2022 22:09:06 GMT

GET
H2 200 3704751.js Show response
js.hubspot.com/analytics/ 63 KB
21 KB 280ms
185ms Script
text/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/analytics/3704751.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6cacf6a0e593a8d63da77cdbbfde95d8e14084c2b2037cbf53fdd55fc60432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z9TD1FYM4KREVW22
x-amz-server-side-encryption: AES256
cf-ray: 74cd6771e8599b28-FRA
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: HnoPyd6XNPYIFQYykr3nodbA3FewzJnyPxVnVPM6mFfAyVTT3s7dMZ2My5asg7wx8ZTQBMUAIKk=
last-modified: Tue, 30 Aug 2022 18:57:07 GMT
server: cloudflare
etag: W/"4615051aa7dc1a39e4e7fd93e3851e1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FVkX3w3jrprLian4DMDikwHDlp8cV%2FIr%2BEaXZZCJqRDQFIuAdj%2F7LvXJ6i%2BRLVUrDRBp37nihzksDxyYaCHm47dKwTtCK90FjeJ0aKBkStTjvcikL6rZQAayoRbhnBzrO6mr6S4MZvCjSuO"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Sun, 18 Sep 2022 22:14:06 GMT

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 43ms
42ms Script
application/javascript 2600:9000:2057:9e00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9e00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 04:44:06 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 3518701
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: 3DW9X9ZZ0F650bkfJwm4aclLhZmjehumjxExvW-EC-dKOS77ApSPog==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/storejs/a/NXGH2ZQ/ 32 KB
33 KB 655ms
220ms Script
application/javascript 52.92.148.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/storejs/a/NXGH2ZQ/ge.js
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.148.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: fa22679ba975a64c95d4f15e9fb042d9a02f97bc89a1f10b243bd83b3ec15091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 22:09:08 GMT
Last-Modified: Fri, 12 Aug 2022 02:07:03 GMT
Server: AmazonS3
x-amz-request-id: RDAX81BF4B0S0081
ETag: "b8d6d2713acca18465cec1d728d2a5b6"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 33227
x-amz-id-2: yzWkazFSkSr0gSwW5VrJHaU/k9dOElxjKa1d9nhse/Tc1mpZQHZebHBnG4Sdz7Q5GiQd2Z+FvzQ=
Expires: Sun, 11 Sep 2022 02:07:01 GMT

GET
BLOB 200
OK f0136264-fc85-4169-b135-9b4f43a24d07
https://www.savingmyretirement-native.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.savingmyretirement-native.com/f0136264-fc85-4169-b135-9b4f43a24d07
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 143ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular,700,300%7COswald:600,700,300,regular

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79b74ebd2a4f14fd1ee393d789f007bbf79dc3192e89c16f3f4b92d81feca295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 22:09:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 22:09:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 22:09:06 GMT

GET
H2 200 1yrc952-limied-time-offer_103t03p000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/ 2 KB
2 KB 137ms
39ms Image
image/png 143.204.214.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/1yrc952-limied-time-offer_103t03p000000000000028.png
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9b87aa58b2c1a92f5d366c2b120e447d173d03f19f4c45855c6e6e6505fcd83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 05:35:27 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 18:18:57 GMT
server: AmazonS3
age: 1269219
etag: "b85b643121a61f695d669bced918751c"
x-cache: Hit from cloudfront
x-amz-version-id: pKPTAFPETAWmpPLY8EfdvKQGjc18pL4i
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1636
x-amz-cf-id: nhWQUBJD6OFGV-AgVBuafSv5v__ZSJsnsEj8fnCVLy6hKXt79zod9g==

GET
H2 200 1h17tum-white-goldco-logo-gold-flame_104401k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/ 2 KB
2 KB 139ms
41ms Image
image/png 143.204.214.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/1h17tum-white-goldco-logo-gold-flame_104401k000000000000028.png
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcb1c89c13267a94e4f77807a36f80f52c196e9ea0ebbbc0f8b8030a651ff8c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 09:29:27 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Wed, 31 Aug 2022 23:45:27 GMT
server: AmazonS3
age: 1427980
etag: "25143728e2457b11e9b5e181bec3a437"
x-cache: Hit from cloudfront
x-amz-version-id: EH_LyEf2QJCy4GKMKVajXbxKYfj1lowc
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1794
x-amz-cf-id: gxfoS7xvwImOrtTbQ8-2R1HkBKKx0gNYuZ6zxqA-q7TyZX3c2kPHqA==

GET
H2 200 bg034s-goldco-2017-logo_104a01n000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/ 2 KB
2 KB 138ms
41ms Image
image/png 143.204.214.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/bg034s-goldco-2017-logo_104a01n000000000000028.png
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b6e524eadb68ef5ca9f5a116ed3b2ea157ecf1677ba8b5f8ba6017d95fcdf99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 01:31:54 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 22:24:25 GMT
server: AmazonS3
age: 1802233
etag: "8d0269b939a58148cee0c4079e4efbc2"
x-cache: Hit from cloudfront
x-amz-version-id: vdO75c.JnIVlO_p7yOYF.zeXRtAAGzEQ
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1676
x-amz-cf-id: 2g2fqItNvaSPIlmDwstuWAySKUUxpAz147bh4lswrJSV-SDhPM6r_w==

GET
H2 200 4bd15a85-guide-mockup28-2_10db098000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/ 54 KB
54 KB 145ms
48ms Image
image/png 143.204.214.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/4bd15a85-guide-mockup28-2_10db098000000000000028.png
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2de688068f0f7b3d01c177a2144448ec240d2dc2afa227f25311d7131416dd72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 00:10:27 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Mon, 01 Aug 2022 20:41:27 GMT
server: AmazonS3
age: 4139919
etag: "2524e471fa4aa7e9b8448c508ffb0146"
x-cache: Hit from cloudfront
x-amz-version-id: TwPM4MtMjOGgIRG9sPV_nAnu6cCtx7.W
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 55169
x-amz-cf-id: HV_itGTCilG37SPyd8Xk7yFNaqjgqWKJgbOgdVtVcsQOqMxkglTDUA==

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 548ms
129ms Image
image/gif 54.236.100.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1663538946832&e=pv&url=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&page=This%20Could%20Be%20The%20Most%20Important%20Message%20You%20Read%20All%20Year!%20%7C%20Goldco&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=c2630129-1c2e-46de-ae9c-b39f4b61be33&dtm=1663538946831&vp=1600x1200&ds=1600x1695&vid=1&sid=cec8bba0-c068-4408-b0b9-611502b968c7&duid=b9bc39fb-1ad4-4d54-8ebc-5624be81a87e&uid=c815d0ab-1495-44f3-b749-6e5212505a3b&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZDE4ZWU1ZmYtZWU1My00NmQyLThhMjctZDE3MDU3NTZkOWI1IiwidmFyaWFudElkIjoibyIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.100.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-100-80.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 18 Sep 2022 22:09:07 GMT
access-control-allow-credentials: true
server: akka-http/10.0.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 43
content-type: image/gif

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 130ms
43ms Script
application/javascript 143.204.215.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.js.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-45.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 23:09:05 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
age: 1292402
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ggCavmtVR6wnElHAyhEhdTadnWEn2I4Tbgg82ybNvnMMdII0TB3ITw==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 159ms
75ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular,700,300%7COswald:600,700,300,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.savingmyretirement-native.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 530313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:50:34 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 120ms
38ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular,700,300%7COswald:600,700,300,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.savingmyretirement-native.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:18:53 GMT
x-content-type-options: nosniff
age: 521414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:18:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 225ms
37ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4027
date: Sun, 18 Sep 2022 21:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 18 Sep 2022 23:02:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
4 KB 219ms
38ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 22:09:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3249
Expires: Sun, 18 Sep 2022 22:29:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
61 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-964382751

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cbf49165a30b7b009c5671047b1b381ed001905e55155c6e2c78d08ec1581e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61877
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Sep 2022 22:09:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 217ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: oiDQkbqUi+MJuMuZtzN1PGUB9H+hXQBrLk463Pl1O9AG6Em2sqL+h1LdnGTOc2B97w3eTV84Y1q/CuXIZGY97Q==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Sep 2022 22:09:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com/ 479 B
629 B 190ms
156ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6e7f282482c5740f0246beff05f0426296a17c51bced89d17bbb1b7fa33c1919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:07 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
etag: W/c8e9fb4abfbce4447cadff645cbeb56e-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA56-P3
accept-ranges: none
x-amz-apigw-id: YrSIjHkijoEFebg=

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 215ms
37ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:07 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15317
x-served-by: cache-iad-kjyo7100091-IAD, cache-hhn11524-HHN

GET
H2 200 rainmakeradventures_goldco_lander.js Show response
cdn1.decide.dev/tracking/ 4 KB
2 KB 300ms
61ms Script
application/javascript 2600:9000:2304:5000:9:d7ff:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.decide.dev/tracking/rainmakeradventures_goldco_lander.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:5000:9:d7ff:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d160f4c6da67df6a5390596915e5127090fc653b0b11c346170950892032066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: HROO_uQjwgCyBs8myAOA19mBbOuPXKmW
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:12:07 GMT
server: AmazonS3
age: 14395
etag: W/"045ebd5593fd2af4c51068987346c821"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
date: Sun, 18 Sep 2022 18:09:13 GMT
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: qpF7BEtjUQLY7IzKtWEAFY7b8IepRcXjDKmLMFPnMLwQ1A21XgS7uw==

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 217ms
39ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:06:19 GMT
content-encoding: gzip
age: 168
x-guploader-uploadid: ADPycdv_KEL3OvIcXpRhievbeHAFFyyynt9_ZuZHGzVf5X6MFujRdc7_pt9YuSThPQfVmt-_fodH6PA_GIBKDvA_G4pYL7iKVYKv
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Sun, 18 Sep 2022 23:06:19 GMT

GET
H/1.1 200
OK ae.html Show response
0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 23 KB
5 KB 192ms
46ms Document
text/html 3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ae.html?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF&closedAt=0
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0a4972567d9ab811d841f5a31b857c5d6771f3ef25ac3ec3394f9f74a5226b9c

Request headers

Referer: https://www.savingmyretirement-native.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 5175
content-type: text/html; charset=utf-8
date: Sun, 18 Sep 2022 22:09:07 GMT
etag: "1d8a4b8fbedd4ea7855c860fa20accff"
x-proxy-backend: page-server
x-unbounce-pageid: 7a7a3fae-e580-4489-b1bd-795bfbe1f56f

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 162ms
64ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-964382751

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 22:09:07 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 735ms
289ms Script
application/javascript 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e412b58f309996dfc012c5e02415627d
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 22:09:08 GMT
content-encoding: gzip
X-TraceId: 653ccf8819cbc105ed57bac420938815
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 569ms
123ms Image
image/gif 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00e412b58f309996dfc012c5e02415627d&obApiVersion=1.0-gtm&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&optOut=false&bust=016931072908895795&referrer=
Requested by: Host: www.savingmyretirement-native.com
URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 22:09:07 GMT
Cache-Control: no-cache
X-TraceId: f979f0d2669e8eb100a15e6368828877
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 adsct
t.co/i/ 43 B
338 B 393ms
142ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=79de1fd0-1d2f-4fa4-abf2-b2d7db589442&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=829eefeb-b956-4920-b8d3-1c70158a6aac&tw_document_href=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3n8j&type=javascript&version=2.3.27

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 18 Sep 2022 22:09:07 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e836973edab8ef98c96427d60f194712f926ebc01b56db23b892175aad17b5af
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
356 B 1102ms
142ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=79de1fd0-1d2f-4fa4-abf2-b2d7db589442&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=829eefeb-b956-4920-b8d3-1c70158a6aac&tw_document_href=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3n8j&type=javascript&version=2.3.27

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time: 105
date: Sun, 18 Sep 2022 22:09:08 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e0b4d58e6281fca7402de67c8b9a49a7882aaff96ddefa6959873e509b6b9c67
content-length: 43

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 333ms
253ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.savingmyretirement-native.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Sep 2022 22:09:08 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 984e56da39e0e2b41c01c8c89cf5f7b8
function-execution-id: cvutegodli9s
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 312ms
156ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.savingmyretirement-native.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Sun, 18 Sep 2022 22:09:07 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: 5wsdjdqkvipk
server: Google Frontend
x-cloud-trace-context: 0c91082ddcf5498e3e995ed95d43d2bc
x-powered-by: Express

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ Frame 1BE6 15 KB
3 KB 38ms
37ms Stylesheet
text/css 13.32.99.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ae.html?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 01:12:18 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 22:28:54 GMT
server: AmazonS3
age: 19515410
etag: "43729a62fb549c1f6784cd5cc32082e0"
x-cache: Hit from cloudfront
x-amz-version-id: kJDetr_gaa4mXuLbtL4sIGZNSy2Uu.RY
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: nONylK-sffT8e8M_ydOmJv24RT7iXPTVwF-7TvQ4P5__dsVjwYvSJg==

GET
H2 200 main.bundle-384ff03.z.js Show response
builder-assets.unbounce.com/published-js/ Frame 1BE6 103 KB
33 KB 42ms
42ms Script
application/javascript 13.32.99.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ae.html?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:18:57 GMT
content-encoding: gzip
last-modified: Mon, 04 Jul 2022 16:47:26 GMT
server: AmazonS3
age: 6583811
etag: "1825a0c47b2e38b6cf30a4072987bce1"
x-cache: Hit from cloudfront
x-amz-version-id: 8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: application/javascript
content-length: 33495
x-amz-cf-id: qAABzdCquFWH2O5kfRT2NBig8hAY70Tn01MT2Lvp8nHohYRvZJBvnw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 120ms
44ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1193037910&t=pageview&_s=1&dl=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&ul=en-us&de=UTF-8&dt=This%20Could%20Be%20The%20Most%20Important%20Message%20You%20Read%20All%20Year!%20%7C%20Goldco&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1239195398&gjid=1253104776&cid=1643747763.1663538947&tid=UA-27499361-13&_gid=231661189.1663538947&_r=1&gtm=2wg9e0NDSFVDK&z=188548739

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savingmyretirement-native.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 22:09:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.savingmyretirement-native.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 952351091531861 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 126ms
85ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/952351091531861?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

215bbfc7f1f8dd69b61d6f929de0d0cc497553ef79ea820ba82c92e6439a25fc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: xu/d2J1+CKTRsYJBW+4LrCsFfvm9+1JS6O9bi4AnGfTLoNFilzM2oWH6nEgimunxQGmnawvhwE63XuQq1xbo3g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Sep 2022 22:09:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964382751/ 3 KB
2 KB 165ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964382751/?random=1663538947481&cv=9&fst=1663538947481&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&tiba=This%20Could%20Be%20The%20Most%20Important%20Message%20You%20Read%20All%20Year!%20%7C%20Goldco&auid=499471706.1663538947&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a13b7c2a64362e11b17f9489f8d1fe31e37d1728adca8735a309ab2a9966e1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 22:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1195
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1BE6 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ed93cbdc-red-bar-stars-v2_10ud00u0p000u02o00001o.jpg
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 3 KB
4 KB 42ms
41ms Image
image/jpeg 143.204.214.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ed93cbdc-red-bar-stars-v2_10ud00u0p000u02o00001o.jpg
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ae.html?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35850a0a6038486150c986233027528a6371cac0e467ee424be3fee05ff55802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 05:20:45 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 23:44:47 GMT
server: AmazonS3
age: 1097303
etag: "686294e7c2e871baa657c067b2ce523c"
x-cache: Hit from cloudfront
x-amz-version-id: VqMtuY1wDn56wU_KnUsIwVQ2B8unYQPc
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3417
x-amz-cf-id: eP4Co4zsrEnZuQ5gsVX7vGxRiwpAp7jbD5cPAWItj9JVq-yQVVdYSQ==

GET
H2 200 37e1b699-bg-1_116h0nw0p00nw08q00001o.jpg
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 15 KB
15 KB 43ms
42ms Image
image/jpeg 143.204.214.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/37e1b699-bg-1_116h0nw0p00nw08q00001o.jpg
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ae.html?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f82d885df95376603d17b3fe4923d951136d6895afabc827328c70e925e4bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 01:17:25 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 19:25:53 GMT
server: AmazonS3
age: 1025503
etag: "b684869e41e74bc5946aaac2d530529d"
x-cache: Hit from cloudfront
x-amz-version-id: oGKYq0DCU4ukvZPI__ixSZw8.Td01F1v
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 15197
x-amz-cf-id: 36yEdpBAZED-u_LBUhmNVDkaqe_njcitcf8hYL8G3bOW3a8OeSxgTA==

GET
BLOB 200
OK ce4b6690-c136-47a1-ad29-9605e2c3a84a
https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/ Frame 1BE6 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/ce4b6690-c136-47a1-ad29-9605e2c3a84a
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H3 200 css
fonts.googleapis.com/ Frame 1BE6 13 KB
1008 B 125ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:italic,700italic,300,800%7CPassion+One:regular

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f675932b572ee7d57dcfcecdbd50bc252a1e46ed337eda6170eb048b01100b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 22:09:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 22:09:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 22:09:07 GMT

GET
H2 200 784ed609-hannity-edited_10880pv07l0ml00c000028.png
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 45 KB
45 KB 47ms
47ms Image
image/png 143.204.214.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/784ed609-hannity-edited_10880pv07l0ml00c000028.png
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ae.html?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 075fa22ba873c778fc327f926df69522adbc25d9c81b73dcef77fa0ed0b43e37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 00:36:39 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 19:25:53 GMT
server: AmazonS3
age: 941549
etag: "506ee5733e2f587ee45b472b89a1252b"
x-cache: Hit from cloudfront
x-amz-version-id: XvwzwPPtvBpCHlRBkcMg.hn3g9Ldg5QX
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 46067
x-amz-cf-id: -wP91XPt88Dmhf2VECmve4xrHEsD7is2nPjn-HKdZFl8y7Hy7G7Jxg==

GET
H2 200 922c03ab-hannity-square_102x02w02x01800000v028.png
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 2 KB
2 KB 56ms
56ms Image
image/png 143.204.214.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/922c03ab-hannity-square_102x02w02x01800000v028.png
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ae.html?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b043b100b3e73ada9434d2565bedc62cb1b765aa27fa1bd65e9961685d27808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 04:37:46 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 19:25:53 GMT
server: AmazonS3
age: 1013482
etag: "cfcadec36ebbee61b4f26c15124721c7"
x-cache: Hit from cloudfront
x-amz-version-id: IEXeOXmBTIlCVDy_FKCGLIargfsL9rAu
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1550
x-amz-cf-id: XAF7T8-hc3jCx-dmqRiK1GpVzAGEHo3dCQSfgARTR_pSfl0rcY2fgw==

GET
H2 200 2041c23a-asset-5-3x_10ek02z000000000000028.png
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 12 KB
12 KB 57ms
57ms Image
image/png 143.204.214.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/2041c23a-asset-5-3x_10ek02z000000000000028.png
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ae.html?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdbfde36a43a52a8be69a0aae36e40a1ceeec828a15868e940deb9c827b5dfa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 09:29:28 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 23:44:47 GMT
server: AmazonS3
age: 1427980
etag: "a28a2bb97df03188167d86451c2d2be3"
x-cache: Hit from cloudfront
x-amz-version-id: h63j2pngYgAdHWng6unLUR0uHLA7NBBo
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 12123
x-amz-cf-id: TYdzl2zH5yhFPW106MXfyV9qbqJjcqTIJiaPp2fjfDAr8AezeSiksw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
455 B 141ms
46ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27499361-13&cid=1643747763.1663538947&jid=1239195398&gjid=1253104776&_gid=231661189.1663538947&_u=YEBAAEAAAAAAAC~&z=345991472

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savingmyretirement-native.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 18 Sep 2022 22:09:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.savingmyretirement-native.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 176ms
48ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=952351091531861&ev=PageView&dl=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D_removed_%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522cn%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1663538947611&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=28&fbp=fb.1.1663538947609.1241766885&it=1663538947478&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 18 Sep 2022 22:09:07 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/964382751/ 42 B
154 B 146ms
61ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964382751/?random=1663538947481&cv=9&fst=1663538400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&tiba=This%20Could%20Be%20The%20Most%20Important%20Message%20You%20Read%20All%20Year!%20%7C%20Goldco&async=1&fmt=3&is_vtc=1&random=4044523063&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 22:09:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/964382751/ 42 B
548 B 139ms
55ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964382751/?random=1663538947481&cv=9&fst=1663538400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&tiba=This%20Could%20Be%20The%20Most%20Important%20Message%20You%20Read%20All%20Year!%20%7C%20Goldco&async=1&fmt=3&is_vtc=1&random=4044523063&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 22:09:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 embeddableActivated Show response
0f45c382aad447eca80d744b72deadb8.events.ubembed.com/ 0
115 B 429ms
124ms XHR
text/plain 18.235.166.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://0f45c382aad447eca80d744b72deadb8.events.ubembed.com/embeddableActivated?activationRuleId=05ccb7d062f5411697ef42bcb8e4f103&browserTrackingId=916d336cfdd64a16be6a888a2132ecd7&clientId=ffdb234e-abcb-44d5-b26f-8dd62ccf0b6c&hostPageCorrelationId=44961200ffdc4dc29746676691bc6bfc&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&isFirstTime=true&requestId=cdadac8022124e5c9dcdb3bd15b24693&source=universalscript-v0.179.2
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.166.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-166-21.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.savingmyretirement-native.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.savingmyretirement-native.com
date: Sun, 18 Sep 2022 22:09:08 GMT
access-control-allow-credentials: true

GET
H3 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ Frame 1BE6 16 KB
16 KB 138ms
63ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:italic,700italic,300,800%7CPassion+One:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 22:29:33 GMT
x-content-type-options: nosniff
age: 430774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 22:29:33 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 1BE6 44 KB
44 KB 118ms
43ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:italic,700italic,300,800%7CPassion+One:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 530313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:50:34 GMT

GET
H3 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 1BE6 47 KB
47 KB 148ms
74ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:italic,700italic,300,800%7CPassion+One:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:54:08 GMT
x-content-type-options: nosniff
age: 530099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:54:08 GMT

GET
H3 200 PbynFmL8HhTPqbjUzux3JEuR9ls.woff2
fonts.gstatic.com/s/passionone/v16/ Frame 1BE6 7 KB
7 KB 141ms
68ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/passionone/v16/PbynFmL8HhTPqbjUzux3JEuR9ls.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:italic,700italic,300,800%7CPassion+One:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb49ce211df074142d735927bb3e8b655ccf39a7cc444baf02e871bcd47986df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 08:13:48 GMT
x-content-type-options: nosniff
age: 482119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7540
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:37:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:13:48 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 50ms
50ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27499361-13&cid=1643747763.1663538947&jid=1239195398&_u=YEBAAEAAAAAAAC~&z=2083480899

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 22:09:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 58ms
57ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27499361-13&cid=1643747763.1663538947&jid=1239195398&_u=YEBAAEAAAAAAAC~&z=2083480899

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 22:09:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C...
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C...

42 B
350 B

224ms
223ms

Image
image/gif

52.33.198.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.0%2522%252C%2522guid%2522%253A%2522b29eb0fc-55be-42fa-893b-a9e091569b93%2522%257D&title=This%20Could%20Be%20The%20Most%20Important%20Message%20You%20Read%20All%20Year%21%20%7C%20Goldco&url=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&tdc=1
Protocol: H2
Server: 52.33.198.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-198-133.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:09 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

Redirect headers

location: /c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.0%2522%252C%2522guid%2522%253A%2522b29eb0fc-55be-42fa-893b-a9e091569b93%2522%257D&title=This%20Could%20Be%20The%20Most%20Important%20Message%20You%20Read%20All%20Year%21%20%7C%20Goldco&url=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&tdc=1
date: Sun, 18 Sep 2022 22:09:09 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

GET
H2 200 3704751.js Show response
js-na1.hs-scripts.com/ 1 KB
865 B 525ms
433ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/3704751.js
Requested by: Host: js.hubspot.com
URL: https://js.hubspot.com/analytics/3704751.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec27d8dc307c9e039427dc431660516a3c1e104808845debd3deb0cc7582063f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 18 Sep 2022 20:18:30 GMT
server: cloudflare
x-hubspot-correlation-id: fe0a2241-9738-431d-994e-941c7a1c0d93
x-trace: 2BCA56E3DC4BD9FA296EDF3537512ABC598147DA3B000000000000000000
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.savingmyretirement-native.com
access-control-max-age: 3600
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 74cd677d3aa29bbc-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
490 B 168ms
160ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=492729889&v=1.1&a=3704751&pu=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&t=This+Could+Be+The+Most+Important+Message+You+Read+All+Year!+%7C+Goldco&cts=1663538948563&vi=96b0e8af0212123f70e197554d9fa4f1&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:08 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b8f81d53-494d-4d3b-a764-d16bbee78ed5
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
x-robots-tag: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvMz6SNX4vel8ptzMKXknqtwqb7Aw5OrPjxzPHHMBYdu%2FpHVmeQJhhcYKG%2BDEG2Qqx391pA0c0PB6N4qgUG0JbAX3APTXHfOX76PDTDu9wG4u3DHJHLxRSE8%2B7xnBE%2Brpme0Jou4XMFyMeDXi0JF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 74cd677cbdcb9b28-FRA

GET
H2 200 3704751.js Show response
js.hs-banner.com/ 60 KB
16 KB 543ms
448ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3704751.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/3704751.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74e39c2976396bb8faf541f69ab7b0138ebf16e9129b94c45260f407e634b0cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: MF0GCBASPCV8AYMW
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: pdDxwOos5D39d0uw++ZOu0+EepdsxVHsYShacfqMh0PHxYuV3SmFbijo7nqOAFRouyiUNhogBZB7b7qXgU6yEg==
timing-allow-origin: *
last-modified: Tue, 30 Aug 2022 20:47:13 GMT
server: cloudflare
etag: W/"fb521d46b5f6f9a0951cac4457c0cd49"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: OZLN_JFS6ljUFbDDMVAgUs2358bJuhd3
access-control-allow-origin: https://goldco.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 74cd67809c879243-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Sun, 18 Sep 2022 22:14:09 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 144ms
50ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/3704751.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc3b175c482f1f54f77d4ccad5366704cc4b0daa2a88e653f509fe88a92c53e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savingmyretirement-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 22:09:09 GMT
via: 1.1 ccabfbceff64477665e33f03003a399c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 14
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10632/bundles/project.js&cfRay=74cd67296d509bb0-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 22 Aug 2022 02:10:32 UTC
server: cloudflare
etag: W/"be054c0d1ce8e9f928e051e15475d755"
vary: Accept-Encoding
x-amz-version-id: 3C1npQH0ys7YIJipkKSW0mB3OJD1A1US
cache-control: max-age=600
x-hs-cache-status: MISS
x-amz-cf-pop: IAD55-P5
cf-ray: 74cd67809a99916a-FRA
x-amz-cf-id: xvMRGcQNL10QHekkw5g5Yk_otAwZqLo90Lgp9oqgko4iyq6uX4Smqw==
x-hs-target-asset: conversations-embed/static-1.10632/bundles/project.js

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 436 B
1 KB 218ms
178ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3704751&conversations-embed=static-1.10632&mobile=false&messagesUtk=9844903856124201b3d82d91b3b9e9cc&traceId=9844903856124201b3d82d91b3b9e9cc

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73683e3222bce5c708109379079fb5c26569f212b76d9df87757d2dae669afd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Referer: https://www.savingmyretirement-native.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF

Response headers

date: Sun, 18 Sep 2022 22:09:09 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d30e749e-426f-45e9-aaae-c0ab0174d07a
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 321
server: cloudflare
x-trace: 2BCEBB53AEC0A3BD04C50154FB20F129593094BC16000000000000000000
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYNpouTcUDGhWsNLH2miaiscB%2BsyI5NFichrdYdYbyAsIrCwkXiq1pO0o%2BL21ML3fI28s3ewjiT1RI%2Bj6naqoxf5D9l%2BKxnorwgPwduI5vuhG%2FuVy1eIAM5pP8RQotMjuDqsZoT9Dn4M6on90w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.savingmyretirement-native.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 74cd67834c9e9a2a-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 329ms
182ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.savingmyretirement-native.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.savingmyretirement-native.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cd6781ec8190d6-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Sun, 18 Sep 2022 22:09:09 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bw%2Bgs1x43oKQHGaGwxpydelLyTRE9gJzBPampcszvkBW9loSOzfYzkdj4u6wWkAF1qFIU7d0KJncWlRcv49mmd3S5Io5w5E7%2BzDpg8cnZcZprdXIyJOYgC248IhXERqCoFObMnoRNY%2FKgfY%2F5g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 2a9ba116-83a8-431f-956c-efb167a03eb1
x-trace: 2BFEB14D73D3EA5B9447CDFACB6BF0C78E3EA9874B000000000000000000

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.savingmyretirement-native.com/biden-warning-shot-122921/	1970-01-20 10:30:36	Name: ubpv Value: o%2Cd18ee5ff-ee53-46d2-8a27-d1705756d9b5
.rev-stripe.com/	1970-01-20 06:07:05	Name: eid3197 Value: d7183c6598b84cf1aaa0d0d8e5fdc991
.track.roitrketer.com/	1970-01-20 06:07:05	Name: 21ed1c26-2621-4e24-a1d8-70cbf00d2d74-v4 Value: -O8m_o4U4jIdRhwMdvHuIpjvxTDC05Kfvk-3MvQHiQw
.track.roitrketer.com/	1970-01-20 14:51:14	Name: cc-v4 Value: FcjfIz1Wox2eaiOU8%2FeeXiVSfdZnTrzqDuYkl7AytpmTlL0Xf6iD8xPkzedCVyOnB8Mt9ZqNXq2a2WaHp1e33DL2yyvtkhXeXpEgKOtCMLRrJFwi3MBI8hYkVxrSnkAXxcmrW1WyBWywGPNRbCA9Kg%3D%3D
www.savingmyretirement-native.com/	1970-01-20 10:24:50	Name: ubvs Value: c815d0ab-1495-44f3-b749-6e5212505a3b
.savingmyretirement-native.com/	1970-01-20 06:09:58	Name: ubvt Value: c815d0ab-1495-44f3-b749-6e5212505a3b
.hubspot.com/	1970-01-20 06:05:40	Name: __cf_bm Value: llp7wB2aLmCJxp.P1cySidRrR.aGqbhPsJq9fDQc_0k-1663538947-0-AUT3d2iVIOUGn+/VzibmYt0fsMoQXIo8sPREyjYSh8hvMxzbeDwDEaovbOY2EYoUN3Z68I847mdFjTimZHwonxY=
.savingmyretirement-native.com/	1970-01-20 08:15:14	Name: _gcl_au Value: 1.1.499471706.1663538947
www.savingmyretirement-native.com/	1970-01-20 14:51:14	Name: __pdst Value: c13c249468fe475789828f98c7dd9025
.savingmyretirement-native.com/	1970-01-20 15:41:38	Name: _ga Value: GA1.2.1643747763.1663538947
.savingmyretirement-native.com/	1970-01-20 06:07:05	Name: _gid Value: GA1.2.231661189.1663538947
.savingmyretirement-native.com/	1970-01-20 06:05:39	Name: _gat_UA-27499361-13 Value: 1
.savingmyretirement-native.com/	1970-01-20 08:15:14	Name: _fbp Value: fb.1.1663538947609.1241766885
.doubleclick.net/	1970-01-20 06:05:39	Name: test_cookie Value: CheckForPermission
.t.co/	1970-01-20 15:41:38	Name: muc_ads Value: b197c8b8-f534-4004-81a7-67957fc0464d
www.savingmyretirement-native.com/	1970-01-20 06:05:39	Name: outbrain_cid_fetch Value: true
.twitter.com/	1970-01-20 15:41:38	Name: personalization_id Value: "v1_oK+y4HdGHLqvgE/7ZUALaQ=="
www.savingmyretirement-native.com/	1970-01-20 10:24:50	Name: _geuid Value: b29eb0fc-55be-42fa-893b-a9e091569b93
www.savingmyretirement-native.com/	1970-01-20 06:48:50	Name: _geps Value: true
.alocdn.com/	1970-01-20 14:51:14	Name: uuid Value: 33aa42fe-ce9b-4aa9-8f58-d90a5fee3ba4
www.savingmyretirement-native.com/	1970-01-20 10:24:50	Name: __hstc Value: 233391809.96b0e8af0212123f70e197554d9fa4f1.1663538948561.1663538948561.1663538948561.1
www.savingmyretirement-native.com/	1970-01-20 10:24:50	Name: hubspotutk Value: 96b0e8af0212123f70e197554d9fa4f1
www.savingmyretirement-native.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.savingmyretirement-native.com/	1970-01-20 06:05:40	Name: __hssc Value: 233391809.1.1663538948562

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0f45c382aad447eca80d744b72deadb8.events.ubembed.com
0f45c382aad447eca80d744b72deadb8.js.ubembed.com
0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
amplify.outbrain.com
analytics.twitter.com
api.hubspot.com
assets.ubembed.com
builder-assets.unbounce.com
cdn.pdst.fm
cdn1.decide.dev
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-na1.hs-scripts.com
js.hs-banner.com
js.hubspot.com
js.usemessages.com
p.alocdn.com
rs-stripe.tradebriefs.com
s3-us-west-2.amazonaws.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
tr.rev-stripe.com
track.hubspot.com
track.roitrketer.com
us-central1-adaptive-growth.cloudfunctions.net
www.facebook.com
www.gcjdjhs3e.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.savingmyretirement-native.com
104.244.42.195
104.244.42.5
13.32.99.104
13.84.54.237
142.250.185.226
143.204.214.231
143.204.215.45
151.101.193.131
18.193.209.105
18.235.166.21
199.232.136.157
2001:4860:4802:36::36
23.35.237.86
2600:9000:2057:9e00:1d:11cf:5800:93a1
2600:9000:2304:5000:9:d7ff:bd00:93a1
2606:4700:4400::ac40:9a55
2606:4700::6811:d2cc
2606:4700::6811:eccc
2606:4700::6813:9b53
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c07::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
3.126.202.50
3.69.136.55
34.111.80.119
35.244.142.80
52.33.198.133
52.92.148.0
54.236.100.80
70.42.32.63
075fa22ba873c778fc327f926df69522adbc25d9c81b73dcef77fa0ed0b43e37
0a4972567d9ab811d841f5a31b857c5d6771f3ef25ac3ec3394f9f74a5226b9c
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0b6e524eadb68ef5ca9f5a116ed3b2ea157ecf1677ba8b5f8ba6017d95fcdf99
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1f82d885df95376603d17b3fe4923d951136d6895afabc827328c70e925e4bc3
215bbfc7f1f8dd69b61d6f929de0d0cc497553ef79ea820ba82c92e6439a25fc
2b043b100b3e73ada9434d2565bedc62cb1b765aa27fa1bd65e9961685d27808
2d160f4c6da67df6a5390596915e5127090fc653b0b11c346170950892032066
2de688068f0f7b3d01c177a2144448ec240d2dc2afa227f25311d7131416dd72
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35850a0a6038486150c986233027528a6371cac0e467ee424be3fee05ff55802
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
64966b8bc82723ee6064484ecfaf675b1fcaf327b78eaab6728dc451d218c490
6e7f282482c5740f0246beff05f0426296a17c51bced89d17bbb1b7fa33c1919
73683e3222bce5c708109379079fb5c26569f212b76d9df87757d2dae669afd2
74e39c2976396bb8faf541f69ab7b0138ebf16e9129b94c45260f407e634b0cb
79b74ebd2a4f14fd1ee393d789f007bbf79dc3192e89c16f3f4b92d81feca295
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9cbf49165a30b7b009c5671047b1b381ed001905e55155c6e2c78d08ec1581e7
9f675932b572ee7d57dcfcecdbd50bc252a1e46ed337eda6170eb048b01100b4
a13b7c2a64362e11b17f9489f8d1fe31e37d1728adca8735a309ab2a9966e1ce
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3931d3e0be47f8b72a4b380a25a19e6569ea516c3578be36f8ded9a87176171
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
bc3b175c482f1f54f77d4ccad5366704cc4b0daa2a88e653f509fe88a92c53e4
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcb1c89c13267a94e4f77807a36f80f52c196e9ea0ebbbc0f8b8030a651ff8c1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7c0106609ecdd4f366663e38fecc53224c2ae10b6450da01332a5680c179df
df6cacf6a0e593a8d63da77cdbbfde95d8e14084c2b2037cbf53fdd55fc60432
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b87aa58b2c1a92f5d366c2b120e447d173d03f19f4c45855c6e6e6505fcd83
ea2e0ea8742d4db015d40ec77e2a976a553d80f0aa31ec84af7ee30fc113cd0a
eb49ce211df074142d735927bb3e8b655ccf39a7cc444baf02e871bcd47986df
ec27d8dc307c9e039427dc431660516a3c1e104808845debd3deb0cc7582063f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa22679ba975a64c95d4f15e9fb042d9a02f97bc89a1f10b243bd83b3ec15091
fdbfde36a43a52a8be69a0aae36e40a1ceeec828a15868e940deb9c827b5dfa1

www.savingmyretirement-native.com Open in urlscan Pro 3.69.136.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

95 %HTTPS

46 %IPv6

32 Domains

41 Subdomains

36 IPs

4 Countries

853 kBTransfer

2020 kBSize

24 Cookies

3 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.savingmyretirement-native.com Open in urlscan Pro
3.69.136.55 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

95 %
HTTPS

46 %
IPv6

32
Domains

41
Subdomains

36
IPs

4
Countries

853 kB
Transfer

2020 kB
Size

24
Cookies

66 HTTP transactions
2 data transactions