Submitted URL: https://links.info.traderspro.com/u/click?_t=30551838d23a4463a1d9a1dc682a08a9&_m=ca5a4d3c232844f3b9c927ffe66e8501&_e=3nQo_IkmPMUP1...
Effective URL: https://financialnewsletter.com/df/gold/bear/
Submission: On June 26 via manual from US — Scanned from DE

Summary

This website contacted 12 IPs in 4 countries across 13 domains to perform 19 HTTP transactions. The main IP is 35.209.41.140, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is financialnewsletter.com.
TLS certificate: Issued by R3 on June 12th 2022. Valid for: 3 months.
This is the only time financialnewsletter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
58 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3211
onesignal.com — Cisco Umbrella Rank: 1162
73 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5448
655 B
2 google.com
www.google.com — Cisco Umbrella Rank: 8
655 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
2 KB
2 financialnewsletter.com
financialnewsletter.com
8 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
15 KB
1 gstatic.com
fonts.gstatic.com
23 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
51 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
927 B
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2211
24 KB
1 imspublishergroup.com
tracking.imspublishergroup.com — Cisco Umbrella Rank: 117118
2 KB
1 traderspro.com
links.info.traderspro.com
1 KB
19 13
Domain Requested by
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.de financialnewsletter.com
2 www.google.com financialnewsletter.com
2 cdn.onesignal.com financialnewsletter.com
cdn.onesignal.com
2 financialnewsletter.com financialnewsletter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 onesignal.com cdn.onesignal.com
1 www.googletagmanager.com financialnewsletter.com
1 fonts.googleapis.com financialnewsletter.com
1 stackpath.bootstrapcdn.com financialnewsletter.com
1 tracking.imspublishergroup.com 1 redirects
1 links.info.traderspro.com 1 redirects
19 15

This site contains no links.

Subject Issuer Validity Valid
*.financialnewsletter.com
R3
2022-06-12 -
2022-09-10
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-03 -
2023-06-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.de
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://financialnewsletter.com/df/gold/bear/
Frame ID: FCB27A52510E6528174F7D0A71494248
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Free Report: Top 5 Gold Stocks for a Bear Market | Financial Newsletter

Page URL History Show full URLs

  1. https://links.info.traderspro.com/u/click?_t=30551838d23a4463a1d9a1dc682a08a9&_m=ca5a4d3c232844f3b9c927ffe66e8... HTTP 303
    https://tracking.imspublishergroup.com/aff_c?offer_id=7809&aff_id=1289 HTTP 302
    https://financialnewsletter.com/df/gold/bear/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

19
Requests

100 %
HTTPS

79 %
IPv6

13
Domains

15
Subdomains

12
IPs

4
Countries

257 kB
Transfer

804 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.info.traderspro.com/u/click?_t=30551838d23a4463a1d9a1dc682a08a9&_m=ca5a4d3c232844f3b9c927ffe66e8501&_e=3nQo_IkmPMUP1mj3R6hIMlwsbenO3oBvafVrxRwGs7gN_EUFPRr9xciZFuyqMXuCrn97oaeJCmwj23_FRnLKRvcKTzrqvoVNThi_GQtRc6aGpWkXXLWUiNfAAbiOp6FR1BvYdWBq6IDkBeWHuxPxw9ekjwPXBpivhffSySva7WYWf70-aYeGAf0SCwaORjhnjLF3I9So67Smdo0vola8PjIx-j-qpr-3V3yqHPjzWlCCt8Cm0nh4M1XGp3hpa1PyWz98RFK9-BgpgkuuoUZma8Z7iLb1Sx3zv7Fy3cnhMKjmU3cYQUwsMfqKG8n6aRy3 HTTP 303
    https://tracking.imspublishergroup.com/aff_c?offer_id=7809&aff_id=1289 HTTP 302
    https://financialnewsletter.com/df/gold/bear/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
financialnewsletter.com/df/gold/bear/
Redirect Chain
  • https://links.info.traderspro.com/u/click?_t=30551838d23a4463a1d9a1dc682a08a9&_m=ca5a4d3c232844f3b9c927ffe66e8501&_e=3nQo_IkmPMUP1mj3R6hIMlwsbenO3oBvafVrxRwGs7gN_EUFPRr9xciZFuyqMXuCrn97oaeJCmwj23_F...
  • https://tracking.imspublishergroup.com/aff_c?offer_id=7809&aff_id=1289
  • https://financialnewsletter.com/df/gold/bear/
6 KB
2 KB
Document
General
Full URL
https://financialnewsletter.com/df/gold/bear/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.41.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.41.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
53228fcc00af5e15c3a58c3857c4b4f7a39593d457539513de3f0cf634b53071

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 26 Jun 2022 22:38:51 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
server
nginx
vary
Accept-Encoding
x-httpd-modphp
1
x-proxy-cache
HIT

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
229
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 26 Jun 2022 22:38:50 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://financialnewsletter.com/df/gold/bear/
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
10293c6c2b432a8d578a48154f0f49
X-Request-Id
24208ff15fb9a155e3b86431c5fc1c30
X-Robots-Tag
noindex, nofollow
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: financialnewsletter.com
URL: https://financialnewsletter.com/df/gold/bear/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72196f83adf59a03-FRA
date
Sun, 26 Jun 2022 22:38:51 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
3220
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 29 Jun 2022 22:38:51 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: financialnewsletter.com
URL: https://financialnewsletter.com/df/gold/bear/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://financialnewsletter.com/
Origin
https://financialnewsletter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 22:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
access-control-allow-origin
*
cdn-cachedat
06/06/2022 23:33:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
abb31a9254bf11fe9147113ec05565e3
cf-ray
72196f83aafb917d-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
2 KB
927 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap
Requested by
Host: financialnewsletter.com
URL: https://financialnewsletter.com/df/gold/bear/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 20:41:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 26 Jun 2022 22:38:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Jun 2022 22:38:51 GMT
white-logo.png
financialnewsletter.com/wp-content/uploads/2020/02/
5 KB
6 KB
Image
General
Full URL
https://financialnewsletter.com/wp-content/uploads/2020/02/white-logo.png
Requested by
Host: financialnewsletter.com
URL: https://financialnewsletter.com/df/gold/bear/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.41.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.41.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d252e494a0abb07bfb09569e20a862ba4fb1eea31ae036c93450c6b6b4b584bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/df/gold/bear/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 22:38:51 GMT
last-modified
Mon, 03 Feb 2020 12:02:13 GMT
server
nginx
etag
"15ff-59daab1a23152"
content-type
image/png
host-header
8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp
1
accept-ranges
bytes
content-length
5631
x-proxy-cache
HIT
gtm.js
www.googletagmanager.com/
133 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJMG2QG
Requested by
Host: financialnewsletter.com
URL: https://financialnewsletter.com/df/gold/bear/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0235d6bcc195e475d4bd99af43f0cc50f4098071ec897e307c72ac5e130f831b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 22:38:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51932
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 Jun 2022 22:38:51 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
283 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72196f83ee319a03-FRA
date
Sun, 26 Jun 2022 22:38:51 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
3220
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 29 Jun 2022 22:38:51 GMT
web
onesignal.com/api/v1/sync/a0bf77a3-0e51-41cd-b25a-5de2c908e9aa/
4 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/a0bf77a3-0e51-41cd-b25a-5de2c908e9aa/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e849b3e14bd5b917894a2453ababbdca8abe529b08dc277c2ae27e6b978ca745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 22:38:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
488
cf-polished
origSize=3728
status
200 OK
x-envoy-upstream-service-time
37
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
efeb38c1-564e-4038-9eb1-2cc0c386cf5a
x-runtime
0.035404
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"30c4ddc136ee1d9507f073c339bbd54f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
72196f844ea29a03-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 26 Jun 2022 23:38:51 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://financialnewsletter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:10 GMT
x-content-type-options
nosniff
age
451721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22504
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jun 2023 17:10:10 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJMG2QG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5642
date
Sun, 26 Jun 2022 21:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 26 Jun 2022 23:04:49 GMT
optimize.js
www.google-analytics.com/gtm/
97 KB
38 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-N4332NJ
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJMG2QG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c58903ce45e9dc1e157f4d8d3e06bdc8001d5015bd78a797815cd89b2f53385f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 22:38:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38764
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 Jun 2022 22:38:51 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJMG2QG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 22:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15000
x-xss-protection
0
server
cafe
etag
15252473734373555178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 22:38:51 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1019118444&t=pageview&_s=1&dl=https%3A%2F%2Ffinancialnewsletter.com%2Fdf%2Fgold%2Fbear%2F&ul=en-us&de=UTF-8&dt=Free%20Report%3A%20Top%205%20Gold%20Stocks%20for%20a%20Bear%20Market%20%7C%20Financial%20Newsletter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABQAAAAC~&jid=2006394911&gjid=1868715592&cid=1573626817.1656283132&tid=UA-158167696-1&_gid=1460001605.1656283132&_r=1&gtm=2wg6m0KJMG2QG&z=1708304983
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://financialnewsletter.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Jun 2022 22:38:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://financialnewsletter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/626996794/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/626996794/?random=1656283131780&cv=9&fst=1656283131780&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffinancialnewsletter.com%2Fdf%2Fgold%2Fbear%2F&tiba=Free%20Report%3A%20Top%205%20Gold%20Stocks%20for%20a%20Bear%20Market%20%7C%20Financial%20Newsletter&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22da0b1fa4642f1f682b42989a9ee16a9730d09dcfa2e6ae5172b8d5d6ae1946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jun 2022 22:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1072
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
447 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-158167696-1&cid=1573626817.1656283132&jid=2006394911&gjid=1868715592&_gid=1460001605.1656283132&_u=YEBAAAAAQAAAAC~&z=813674577
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://financialnewsletter.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 26 Jun 2022 22:38:51 GMT
content-type
text/plain
access-control-allow-origin
https://financialnewsletter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/626996794/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/626996794/?random=1656283131780&cv=9&fst=1656280800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Ffinancialnewsletter.com%2Fdf%2Fgold%2Fbear%2F&tiba=Free%20Report%3A%20Top%205%20Gold%20Stocks%20for%20a%20Bear%20Market%20%7C%20Financial%20Newsletter&async=1&fmt=3&is_vtc=1&random=2705962176&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: financialnewsletter.com
URL: https://financialnewsletter.com/df/gold/bear/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jun 2022 22:38:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/626996794/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/626996794/?random=1656283131780&cv=9&fst=1656280800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Ffinancialnewsletter.com%2Fdf%2Fgold%2Fbear%2F&tiba=Free%20Report%3A%20Top%205%20Gold%20Stocks%20for%20a%20Bear%20Market%20%7C%20Financial%20Newsletter&async=1&fmt=3&is_vtc=1&random=2705962176&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: financialnewsletter.com
URL: https://financialnewsletter.com/df/gold/bear/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jun 2022 22:38:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-158167696-1&cid=1573626817.1656283132&jid=2006394911&_u=YEBAAAAAQAAAAC~&z=306783131
Requested by
Host: financialnewsletter.com
URL: https://financialnewsletter.com/df/gold/bear/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jun 2022 22:38:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-158167696-1&cid=1573626817.1656283132&jid=2006394911&_u=YEBAAAAAQAAAAC~&z=306783131
Requested by
Host: financialnewsletter.com
URL: https://financialnewsletter.com/df/gold/bear/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://financialnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jun 2022 22:38:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer function| OneSignal number| __oneSignalSdkLoadCount function| __jp0 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google_optimize

12 Cookies

Domain/Path Name / Value
.traderspro.com/ Name: iterableEndUserId
Value: cbruewer%40humana.com
.traderspro.com/ Name: iterableEmailCampaignId
Value: 4548159
.traderspro.com/ Name: iterableTemplateId
Value: 6181248
.traderspro.com/ Name: iterableMessageId
Value: ca5a4d3c232844f3b9c927ffe66e8501
links.info.traderspro.com/ Name: XSRF-TOKEN
Value: f5dc46cf2a52817a56bb6c2486f51b17afb76bb4-1656283130692-40271ca5db1011af16017b17
tracking.imspublishergroup.com/ Name: enc_aff_session_7809
Value: ENC0397fb27220d443cde4932bae060b0e04792d319e0ccc9a0fa9041b194ebee67a4e10deb0a369c6022284a47d92ec0597adc915869764592001d005399ae9b11879cfe0a21317e2f909d510f6c350b6ea6ccf8d8c94d1ed725616cd9f2f842bf2991f24177f9e13e0d40fbc15654c87bc602dc1bb2144a94e4f87576785245223724cac1e4
tracking.imspublishergroup.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDMiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
.financialnewsletter.com/ Name: _ga
Value: GA1.2.1573626817.1656283132
.financialnewsletter.com/ Name: _gid
Value: GA1.2.1460001605.1656283132
.financialnewsletter.com/ Name: _gat_UA-158167696-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.financialnewsletter.com/ Name: _gcl_au
Value: 1.1.1041717245.1656283132

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
financialnewsletter.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
links.info.traderspro.com
onesignal.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tracking.imspublishergroup.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.186.66
2600:9000:2156:5000:9:9153:c840:93a1
2606:4700::6812:bcf
2606:4700::6812:e134
2a00:1450:4001:803::2003
2a00:1450:4001:806::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200e
2a00:1450:400c:c08::9a
35.209.41.140
63.33.177.108
0235d6bcc195e475d4bd99af43f0cc50f4098071ec897e307c72ac5e130f831b
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
22da0b1fa4642f1f682b42989a9ee16a9730d09dcfa2e6ae5172b8d5d6ae1946
52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97
53228fcc00af5e15c3a58c3857c4b4f7a39593d457539513de3f0cf634b53071
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
c58903ce45e9dc1e157f4d8d3e06bdc8001d5015bd78a797815cd89b2f53385f
d252e494a0abb07bfb09569e20a862ba4fb1eea31ae036c93450c6b6b4b584bd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e849b3e14bd5b917894a2453ababbdca8abe529b08dc277c2ae27e6b978ca745
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629