annuityinformation.center Open in urlscan Pro
15.197.142.173 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://annuityinformation.center/
Submission: On May 19 via api (May 19th 2023, 1:07:29 am UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 15.197.142.173, located in United States and belongs to AMAZON-02, US. The main domain is annuityinformation.center.

This is the only time annuityinformation.center was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	15.197.142.173 15.197.142.173	16509 (AMAZON-02) (AMAZON-02)
1 19	140.82.63.229 140.82.63.229	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::ac43:dded	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
27	5

1 15.197.142.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

annuityinformation.center	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 140.82.63.229 (Piscataway, United States) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 140.82.63.229.vultrusercontent.com

upnorthretirement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:dded (United States)

ASN13335 (CLOUDFLARENET, US)

upnorthretirement.weeknightwebsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	upnorthretirement.com 1 redirects upnorthretirement.com	330 KB
5	gstatic.com fonts.gstatic.com	72 KB
2	weeknightwebsite.com upnorthretirement.weeknightwebsite.com	85 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	annuityinformation.center annuityinformation.center	604 B
27	5

	Domain	Requested by
19	upnorthretirement.com	1 redirects annuityinformation.center upnorthretirement.com
5	fonts.gstatic.com	fonts.googleapis.com
2	upnorthretirement.weeknightwebsite.com	upnorthretirement.com
1	fonts.googleapis.com	upnorthretirement.com
1	annuityinformation.center
27	5

This site contains no links.

Subject Issuer	Validity	Valid
upnorthretirement.com R3	`2023-04-23` - `2023-07-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
weeknightwebsite.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://annuityinformation.center/
Frame ID: A4A7028004D5B84A6140A0E56398326B
Requests: 1 HTTP requests in this frame

Frame: https://upnorthretirement.com/video-resources/
Frame ID: 50B21CEB2C152B78669AF5961F4B4B68
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

** Annuity Information Center **

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Weglot (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

wp-content/plugins/weglot

Page Statistics

27
Requests

96 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

490 kB
Transfer

1100 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://upnorthretirement.com/video-resources/ HTTP 301
https://upnorthretirement.com/video-resources/

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
annuityinformation.center/ 359 B
604 B 62ms
34ms Document
text/html 15.197.142.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://annuityinformation.center/
Protocol: HTTP/1.1
Server: 15.197.142.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
Software: ip-100-74-2-164.eu-west-2.compute.internal /
Resource Hash: e73c89652f5a6ffcd8927718603a35f439a54ba3446a120ed109a092f967ff1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 359
Content-Type: text/html; charset=utf-8
Date: Fri, 19 May 2023 01:07:25 GMT
Server: ip-100-74-2-164.eu-west-2.compute.internal
X-Request-Id: 69ff8cb2-3356-4948-9b48-f5813f32346d

GET
H2

200

/ Show response
upnorthretirement.com/video-resources/ Frame 50B2
Redirect Chain

http://upnorthretirement.com/video-resources/
https://upnorthretirement.com/video-resources/

110 KB
21 KB

458ms
181ms

Document
text/html

140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/video-resources/

Requested by

Host: annuityinformation.center
URL: http://annuityinformation.center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

ebe39ad5c9a9c739be1af4c6a2f177ad2fc38ae04f84a358a5892397ce7974d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://annuityinformation.center/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, no-cache
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 19 May 2023 01:07:25 GMT
last-modified: Thu, 18 May 2023 22:11:46 GMT
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
server: Prometheus
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 19 May 2023 01:07:25 GMT
Location: https://upnorthretirement.com/video-resources/
Pre-Cognitive-Push: Enabled
Quantum-Flux-Capacity: Omega
Server: Prometheus
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 50B2 10 KB
1 KB 63ms
26ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Belleza%3A300%2C400%2C700%2C400%7CCormorant%20Garamond%3A700%2C300%2C500%7CDM%20Sans%3A700%7CPoppins%3A500%2C400%7CLato%3A400%7CBelleza%3A300%2C400%2C700%2C400%7CCormorant%20Garamond%3A300%2C700%2C500%7CDM%20Sans%3A700%7CPoppins%3A500%2C400%7CLato%3A400&display=swap

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05dda79e02bb692ca152d5313aca449421574757d67d419cf590f7fe4a849c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 01:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 01:07:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 01:07:26 GMT

GET
H2 200 fa-solid-900.woff2
upnorthretirement.weeknightwebsite.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ Frame 50B2 76 KB
77 KB 469ms
438ms Font
application/font-woff2 2606:4700:3035::ac43:dded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.weeknightwebsite.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:dded , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://upnorthretirement.com/
Origin: https://upnorthretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Sep 2022 19:57:08 GMT
server: cloudflare
etag: "632e0f94-131bc"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BkWi2bVnZwbrAAV3LRIiccS3rZi9XqmH9FfxQRyoM4hNqUiiHZ%2Fwx5cJ%2BNn7Znq80ppZjzRszg9hvkeTGYv1Uz9m5KKKsKJX9%2BQB6vAbcLig7T4lLWGzZROe2PMa8bKmJXQTbmJLXk8U31LMk4s5T1vu8g5JYzewGZKIn0Z%2FoXElOQ4Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7c9871682f6003d8-FRA

GET
H2 200 sbi-styles.min.css
upnorthretirement.com/wp-content/plugins/instagram-feed/css/ Frame 50B2 21 KB
4 KB 94ms
91ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

eb3666c237dfc004679d0009a45702814420164d6248978309842dfdf6fcda23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Dec 2022 05:10:16 GMT
server: Prometheus
etag: W/"63a689b8-545e"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 style.min.css
upnorthretirement.com/wp-includes/css/dist/block-library/ Frame 50B2 87 KB
12 KB 115ms
112ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-includes/css/dist/block-library/style.min.css?ver=42

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Sep 2022 20:01:06 GMT
server: Prometheus
etag: W/"632e1082-15b64"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 494-layout.css
upnorthretirement.com/wp-content/uploads/sites/1983/bb-plugin/cache/ Frame 50B2 37 KB
6 KB 119ms
116ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/uploads/sites/1983/bb-plugin/cache/494-layout.css?ver=03868475ced2bd5e1352e3cbe14a3ae9

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

0a824431060613bf43b71b5b7eafc55eede3b6459ce0bfc6f6509a287b0ec3d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Dec 2022 18:01:13 GMT
server: Prometheus
etag: W/"63a5ece9-95c9"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 all.min.css
upnorthretirement.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/ Frame 50B2 58 KB
13 KB 146ms
143ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Sep 2022 19:57:08 GMT
server: Prometheus
etag: W/"632e0f94-e7a9"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 jquery.magnificpopup.min.css
upnorthretirement.com/wp-content/plugins/bb-plugin/css/ Frame 50B2 6 KB
2 KB 147ms
144ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.5.5.5

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Sep 2022 19:57:08 GMT
server: Prometheus
etag: W/"632e0f94-169c"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 d7a69a8565782c85c27aa9a99715d34f-layout-bundle.css
upnorthretirement.com/wp-content/uploads/sites/1983/bb-plugin/cache/ Frame 50B2 89 KB
10 KB 186ms
184ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/uploads/sites/1983/bb-plugin/cache/d7a69a8565782c85c27aa9a99715d34f-layout-bundle.css?ver=2.5.5.5-1.4.3.2

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

d8ede9a8dab82a06a18fb458c123955f950506aa60ffd5c5602859b9d1923b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 Jan 2023 18:26:00 GMT
server: Prometheus
etag: W/"63d2c5b8-1645d"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 front-css.css
upnorthretirement.com/wp-content/plugins/weglot/dist/css/ Frame 50B2 51 KB
6 KB 195ms
193ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/plugins/weglot/dist/css/front-css.css?ver=3.8.3

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

e985173d268d75bb75e47b8cc8ade1e696ac3517f64471ab03ab4207a1d1f8ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Dec 2022 05:10:56 GMT
server: Prometheus
etag: W/"63a689e0-ccc6"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 new-flags.css
upnorthretirement.com/wp-content/plugins/weglot/app/styles/ Frame 50B2 86 KB
5 KB 204ms
202ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/plugins/weglot/app/styles/new-flags.css?ver=3.8.3

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

b48bb25e1fe530912d872438ef532de73c7fddad96fadc6affb18fdbd097c1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Dec 2022 05:10:56 GMT
server: Prometheus
etag: W/"63a689e0-15817"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 front.min.css
upnorthretirement.com/wp-content/plugins/cookie-notice/css/ Frame 50B2 5 KB
1 KB 205ms
203ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=42

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Dec 2022 05:07:56 GMT
server: Prometheus
etag: W/"63a6892c-14d6"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 base.min.css
upnorthretirement.com/wp-content/themes/bb-theme/css/ Frame 50B2 47 KB
9 KB 218ms
216ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/themes/bb-theme/css/base.min.css?ver=1.7.9

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

1e8dcaec98f99c2b1b43ff8b8655680b69bbf150470b20ecbdd1cb45570a0587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Sep 2021 23:23:18 GMT
server: Prometheus
etag: W/"6137f466-bd2a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 skin-63a602b3978af.css
upnorthretirement.com/wp-content/uploads/sites/1983/bb-theme/ Frame 50B2 60 KB
9 KB 235ms
233ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/uploads/sites/1983/bb-theme/skin-63a602b3978af.css?ver=1.7.9

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

078b8b8a18da8dc6b43ff5d061090d6f46928cccc50cc20a5568c639219be828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Dec 2022 19:34:12 GMT
server: Prometheus
etag: W/"63a602b4-ef41"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 style.css
upnorthretirement.com/wp-content/themes/bb-theme-child/ Frame 50B2 340 B
655 B 235ms
234ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/themes/bb-theme-child/style.css?ver=42

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

b90736831473d60ede40d69737efcc3dee92cabeeebe801ab4ec0895611167fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Jun 2020 17:30:43 GMT
server: Prometheus
etag: W/"5eecf643-154"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 animate.min.css
upnorthretirement.com/wp-content/plugins/bbpowerpack/assets/css/ Frame 50B2 52 KB
4 KB 242ms
241ms Stylesheet
text/css 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/plugins/bbpowerpack/assets/css/animate.min.css?ver=3.5.1

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 Jan 2023 16:57:44 GMT
server: Prometheus
etag: W/"63d2b108-ce35"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 Beige-Business-Card-Design-Mockup-Instagram-Post-150x150.png
upnorthretirement.weeknightwebsite.com/wp-content/uploads/sites/1983/2022/03/ Frame 50B2 7 KB
8 KB 289ms
273ms Image
image/webp 2606:4700:3035::ac43:dded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upnorthretirement.weeknightwebsite.com/wp-content/uploads/sites/1983/2022/03/Beige-Business-Card-Design-Mockup-Instagram-Post-150x150.png

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:dded , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb124b77f9dcb83dba14eae1cbb7967fe2de04eaba039b87465b14509f48a380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7662
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 27 Oct 2022 17:06:37 GMT
server: cloudflare
etag: "635aba9d-1dee"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLht%2Fsw86KNK25aSqll0Y8UGeLVMCa0NDKtkmMtqLN3cJZiox0Lx9rRD%2FQGrPl9GgqlzxZiYvsD24rIbBa3AbY%2FaWNyCam5jlltEFCiPFdUaHpQhyCNOEimNdrJ50e3lNvBayyHkdG8OU9X7%2BNkMCJeFboDe%2BMG3XB7AC37oym8VMSdd4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c9871699e6d3623-FRA

GET
H2 200 0nkoC9_pNeMfhX4BhcH4ag.woff2
fonts.gstatic.com/s/belleza/v17/ Frame 50B2 16 KB
16 KB 50ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/belleza/v17/0nkoC9_pNeMfhX4BhcH4ag.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Belleza%3A300%2C400%2C700%2C400%7CCormorant%20Garamond%3A700%2C300%2C500%7CDM%20Sans%3A700%7CPoppins%3A500%2C400%7CLato%3A400%7CBelleza%3A300%2C400%2C700%2C400%7CCormorant%20Garamond%3A300%2C700%2C500%7CDM%20Sans%3A700%7CPoppins%3A500%2C400%7CLato%3A400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

399cb2b7093a8614281c0f98966b5b26b31d8fe0a6f84c00b6483889dc06380b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upnorthretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:43:18 GMT
x-content-type-options: nosniff
age: 483848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:17:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 10:43:18 GMT

GET
H2 200 co3YmX5slCNuHLi8bLeY9MK7whWMhyjQEl5fvg-I.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ Frame 50B2 20 KB
20 KB 69ms
32ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQEl5fvg-I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e15b441759854e4477fe214540848ceb993199d31c04bc59691dde7ed5621eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upnorthretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:50:26 GMT
x-content-type-options: nosniff
age: 461820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20168
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:13:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 16:50:26 GMT

GET
H2 200 co3YmX5slCNuHLi8bLeY9MK7whWMhyjQWlhfvg-I.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ Frame 50B2 20 KB
21 KB 61ms
25ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQWlhfvg-I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

991c8aba7707066e8d0f351d53a4eedee3b5f00d1db335d9a2ee39903b4b0c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upnorthretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:28:34 GMT
x-content-type-options: nosniff
age: 463132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20940
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:17:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 16:28:34 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 50B2 8 KB
8 KB 66ms
30ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upnorthretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 19:38:46 GMT
x-content-type-options: nosniff
age: 451720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 19:38:46 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 50B2 8 KB
8 KB 53ms
18ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upnorthretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:01:47 GMT
x-content-type-options: nosniff
age: 457539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 18:01:47 GMT

GET
H2 200 fa-brands-400.woff2
upnorthretirement.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ Frame 50B2 75 KB
75 KB 93ms
93ms Font
application/font-woff2 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthretirement.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://upnorthretirement.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5
Origin: https://upnorthretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 76736
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Sep 2022 19:57:08 GMT
server: Prometheus
etag: "632e0f94-12bc0"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 6.jpg
upnorthretirement.com/wp-content/uploads/sites/1983/2022/12/ Frame 50B2 48 KB
49 KB 130ms
129ms Image
image/webp 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upnorthretirement.com/wp-content/uploads/sites/1983/2022/12/6.jpg

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

b5ead58e38ecd75b5c7704275312759ae2f593222871b7d7fddaf9cefc404550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pre-cognitive-push: Enabled
date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 20 Dec 2022 21:43:24 GMT
server: Prometheus
etag: "63a22c7c-c140"
vary: Accept
content-type: image/webp
quantum-flux-capacity: Omega
cache-control: public, no-cache
accept-ranges: bytes
content-length: 49472
x-xss-protection: 1; mode=block

GET
H2 200 8.jpg
upnorthretirement.com/wp-content/uploads/sites/1983/2022/12/ Frame 50B2 53 KB
53 KB 174ms
174ms Image
image/webp 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upnorthretirement.com/wp-content/uploads/sites/1983/2022/12/8.jpg

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

a3965691fa28c3048c287b965829c8fe21bc5b1851d7eeb648da62f4d90ce189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pre-cognitive-push: Enabled
date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 20 Dec 2022 22:16:13 GMT
server: Prometheus
etag: "63a2342d-d412"
vary: Accept
content-type: image/webp
quantum-flux-capacity: Omega
cache-control: public, no-cache
accept-ranges: bytes
content-length: 54290
x-xss-protection: 1; mode=block

GET
H2 200 7.jpg
upnorthretirement.com/wp-content/uploads/sites/1983/2022/12/ Frame 50B2 49 KB
49 KB 212ms
212ms Image
image/webp 140.82.63.229
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upnorthretirement.com/wp-content/uploads/sites/1983/2022/12/7.jpg

Requested by

Host: upnorthretirement.com
URL: https://upnorthretirement.com/video-resources/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.63.229 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.63.229.vultrusercontent.com

Software

Prometheus /

Resource Hash

2faee9a122822b9e5833b57c0df0f38d7717e3ee62e41622b2f8ba07288fadae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthretirement.com/video-resources/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pre-cognitive-push: Enabled
date: Fri, 19 May 2023 01:07:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 20 Dec 2022 21:43:27 GMT
server: Prometheus
etag: "63a22c7f-c362"
vary: Accept
content-type: image/webp
quantum-flux-capacity: Omega
cache-control: public, no-cache
accept-ranges: bytes
content-length: 50018
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

annuityinformation.center
fonts.googleapis.com
fonts.gstatic.com
upnorthretirement.com
upnorthretirement.weeknightwebsite.com
140.82.63.229
15.197.142.173
2606:4700:3035::ac43:dded
2a00:1450:4001:811::2003
2a00:1450:4001:82f::200a
05dda79e02bb692ca152d5313aca449421574757d67d419cf590f7fe4a849c0c
078b8b8a18da8dc6b43ff5d061090d6f46928cccc50cc20a5568c639219be828
0a824431060613bf43b71b5b7eafc55eede3b6459ce0bfc6f6509a287b0ec3d5
1e8dcaec98f99c2b1b43ff8b8655680b69bbf150470b20ecbdd1cb45570a0587
2faee9a122822b9e5833b57c0df0f38d7717e3ee62e41622b2f8ba07288fadae
399cb2b7093a8614281c0f98966b5b26b31d8fe0a6f84c00b6483889dc06380b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
991c8aba7707066e8d0f351d53a4eedee3b5f00d1db335d9a2ee39903b4b0c8c
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a3965691fa28c3048c287b965829c8fe21bc5b1851d7eeb648da62f4d90ce189
b48bb25e1fe530912d872438ef532de73c7fddad96fadc6affb18fdbd097c1d6
b5ead58e38ecd75b5c7704275312759ae2f593222871b7d7fddaf9cefc404550
b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db
b90736831473d60ede40d69737efcc3dee92cabeeebe801ab4ec0895611167fd
bb124b77f9dcb83dba14eae1cbb7967fe2de04eaba039b87465b14509f48a380
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8ede9a8dab82a06a18fb458c123955f950506aa60ffd5c5602859b9d1923b06
e15b441759854e4477fe214540848ceb993199d31c04bc59691dde7ed5621eb7
e73c89652f5a6ffcd8927718603a35f439a54ba3446a120ed109a092f967ff1d
e985173d268d75bb75e47b8cc8ade1e696ac3517f64471ab03ab4207a1d1f8ac
eb3666c237dfc004679d0009a45702814420164d6248978309842dfdf6fcda23
ebe39ad5c9a9c739be1af4c6a2f177ad2fc38ae04f84a358a5892397ce7974d9
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

annuityinformation.center Open in urlscan Pro 15.197.142.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

96 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

490 kBTransfer

1100 kBSize

0 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

annuityinformation.center Open in urlscan Pro
15.197.142.173 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

96 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

490 kB
Transfer

1100 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions