freekit.birchgold.com Open in urlscan Pro
3.224.141.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_conten...
Submission: On April 21 via manual (April 21st 2023, 4:05:02 am UTC) from US — Scanned from US

Summary HTTP 78 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 1 countries across 25 domains to perform 78 HTTP transactions. The main IP is 3.224.141.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is freekit.birchgold.com.
TLS certificate: Issued by R3 on February 21st 2023. Valid for: 3 months.

This is the only time freekit.birchgold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	3.224.141.128 3.224.141.128	14618 (AMAZON-AES) (AMAZON-AES)
3	18.164.96.54 18.164.96.54	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
2	54.230.244.165 54.230.244.165	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:23c... 2600:9000:23cb:1200:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
6	99.84.38.125 99.84.38.125	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:d5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.230.252.255 34.230.252.255	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.10.176.180 52.10.176.180	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:23c... 2600:9000:23cb:3200:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.164.116.82 18.164.116.82	16509 (AMAZON-02) (AMAZON-02)
3	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
5	2607:f8b0:400... 2607:f8b0:4006:807::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
4	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
3	2606:4700:20:... 2606:4700:20::681a:c98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
1	2600:9000:251... 2600:9000:2512:3800:1e:549f:95c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.139.175.100 3.139.175.100	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:210... 2600:9000:210b:6600:e:8cfd:cf40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b140:da14:81b8:2274:6bb2	14618 (AMAZON-AES) (AMAZON-AES)
1	3.216.127.149 3.216.127.149	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	34.239.11.90 34.239.11.90	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
78	36

1 3.224.141.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-141-128.compute-1.amazonaws.com

freekit.birchgold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.96.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-54.jfk50.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (New York, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.244.165 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-244-165.ewr53.r.cloudfront.net

d2xxq4ijfwetlm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:23cb:1200:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.84.38.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-38-125.ewr52.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:d5f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.equalweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.252.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-252-255.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80b::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.10.176.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-176-180.us-west-2.compute.amazonaws.com

app.truconversion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:3200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.116.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-82.jfk50.r.cloudfront.net

widget.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:807::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:c98 (United States)

ASN13335 (CLOUDFLARENET, US)

io.clickguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2512:3800:1e:549f:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.veritonic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.139.175.100 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-175-100.us-east-2.compute.amazonaws.com

track.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:210b:6600:e:8cfd:cf40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.truconversion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:da14:81b8:2274:6bb2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.127.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-127-149.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.239.11.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-11-90.compute-1.amazonaws.com

atr.veritonicmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	cloudfront.net d2xxq4ijfwetlm.cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	119 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1073 trc.taboola.com — Cisco Umbrella Rank: 839 pips.taboola.com — Cisco Umbrella Rank: 1900 cds.taboola.com — Cisco Umbrella Rank: 2362 trc-events.taboola.com — Cisco Umbrella Rank: 2128	30 KB
8	google.com google.com — Cisco Umbrella Rank: 5 www.google.com — Cisco Umbrella Rank: 16 analytics.google.com — Cisco Umbrella Rank: 406	1 KB
6	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	7 KB
4	truconversion.com app.truconversion.com — Cisco Umbrella Rank: 95215 cdn.truconversion.com — Cisco Umbrella Rank: 186409	85 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	112 KB
4	equalweb.com cdn.equalweb.com — Cisco Umbrella Rank: 21422	26 KB
3	clickguard.com io.clickguard.com — Cisco Umbrella Rank: 53243	4 KB
3	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1442	1 KB
3	wickedreports.com widget.wickedreports.com — Cisco Umbrella Rank: 45464 track.wickedreports.com — Cisco Umbrella Rank: 66826	9 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3443 rp.liadm.com — Cisco Umbrella Rank: 2091 rp4.liadm.com — Cisco Umbrella Rank: 5523	15 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 519	13 KB
3	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 24673	39 KB
2	veritonicmetrics.com atr.veritonicmetrics.com — Cisco Umbrella Rank: 20275	131 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 631	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	171 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	50 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 912	725 B
1	t.co t.co — Cisco Umbrella Rank: 584	376 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	veritonic.com cdn.veritonic.com — Cisco Umbrella Rank: 91591	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 964	15 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 32584	282 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 607	25 KB
1	birchgold.com freekit.birchgold.com	9 KB
78	25

	Domain	Requested by
6	d9hhrg4mnvzow.cloudfront.net	freekit.birchgold.com
5	www.google.com	freekit.birchgold.com
4	connect.facebook.net	freekit.birchgold.com connect.facebook.net
4	googleads.g.doubleclick.net	www.googletagmanager.com
4	cdn.equalweb.com	freekit.birchgold.com cdn.equalweb.com
3	cdn.truconversion.com	app.truconversion.com cdn.truconversion.com ajax.googleapis.com
3	io.clickguard.com	freekit.birchgold.com io.clickguard.com
3	cdn.taboola.com	freekit.birchgold.com cdn.taboola.com
3	sp.analytics.yahoo.com	freekit.birchgold.com
3	bat.bing.com	freekit.birchgold.com bat.bing.com
3	builder-assets.unbounce.com	freekit.birchgold.com
2	trc-events.taboola.com	cdn.taboola.com
2	atr.veritonicmetrics.com	cdn.veritonic.com
2	s.yimg.com	freekit.birchgold.com s.yimg.com
2	google.com	www.googletagmanager.com
2	widget.wickedreports.com	www.googletagmanager.com widget.wickedreports.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.googletagmanager.com	freekit.birchgold.com www.googletagmanager.com
2	www.google-analytics.com	freekit.birchgold.com www.google-analytics.com
2	d34qb8suadcc4g.cloudfront.net	freekit.birchgold.com d34qb8suadcc4g.cloudfront.net
2	d2xxq4ijfwetlm.cloudfront.net	freekit.birchgold.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	analytics.twitter.com	freekit.birchgold.com
1	t.co	freekit.birchgold.com
1	trc.taboola.com	cdn.taboola.com
1	www.facebook.com	freekit.birchgold.com
1	rp4.liadm.com	freekit.birchgold.com
1	rp.liadm.com	1 redirects
1	track.wickedreports.com	widget.wickedreports.com
1	cdn.veritonic.com	freekit.birchgold.com
1	static.ads-twitter.com	freekit.birchgold.com
1	analytics.google.com	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	app.truconversion.com	freekit.birchgold.com
1	events.ub-analytics.com	freekit.birchgold.com
1	ajax.googleapis.com	freekit.birchgold.com
1	freekit.birchgold.com
78	38

This site contains no links.

Subject Issuer	Validity	Valid
freekit.birchgold.com R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-31` - `2023-05-31`	a year	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-28` - `2023-04-28`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
www.truconversion.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-11` - `2023-10-14`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
widget.wickedreports.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-29`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
cdn.veritonic.com Amazon RSA 2048 M02	`2023-02-21` - `2023-09-15`	7 months	crt.sh
track.wickedreports.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh
cdn.truconversion.com Amazon RSA 2048 M02	`2023-04-09` - `2024-05-07`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
atr.veritonicmetrics.com Amazon RSA 2048 M02	`2023-04-12` - `2024-05-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Frame ID: EC80A12EAE8A3CAF00A2D99FCC7DDB12
Requests: 75 HTTP requests in this frame

Frame: https://cdn.truconversion.com/pixel/_tcvars.html?r=https://freekit.birchgold.com
Frame ID: B1BF13A0CAC011540ED863B0C548ABFD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.truconversion.com/pixel/_stcv19.html?origin=https://freekit.birchgold.com&fp=27626e23.f96d.a370.fff7.7a9dbef3cfd7&tclid=undefined
Frame ID: B327CD0B3D5BF61B5D3EEE6B950D7FC0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ron Paul Reveals The Next Big Financial Scam

Detected technologies

EqualWeb (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.equalweb\.com.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

97 %
HTTPS

53 %
IPv6

25
Domains

38
Subdomains

36
IPs

1
Countries

740 kB
Transfer

2052 kB
Size

40
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://rp.liadm.com/j?dtstmp=1682049896829&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzs47zjcfk2frk4g0jn5s8&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&wpn=lc-bundle&c=PHRpdGxlPlJvbiBQYXVsIFJldmVhbHMgVGhlIE5leHQgQmlnIEZpbmFuY2lhbCBTY2FtPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1682049896829&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzs47zjcfk2frk4g0jn5s8&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&wpn=lc-bundle&c=PHRpdGxlPlJvbiBQYXVsIFJldmVhbHMgVGhlIE5leHQgQmlnIEZpbmFuY2lhbCBTY2FtPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj4&i6=MjYwMjpmZmM4OjI6MTA0OjoxMg%3D%3D&n3pc=true

78 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
freekit.birchgold.com/lf/ron-paul-hidden-strategy/ 32 KB
9 KB 236ms
69ms Document
text/html 3.224.141.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.224.141.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-141-128.compute-1.amazonaws.com
Software: /
Resource Hash: 000651abcf919bbd8e37f899c25434342ef4e7b206dc754aa8637c1d14ffa97c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 7801
content-location: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 04:04:55 GMT
etag: "b:01667050b1b1481a97f176f050cbeb89"
link: <https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: b87873c0-cc5c-4e97-bc60-5c94780b82c5
x-unbounce-variant: b
x-unbounce-visitorid: 01667050-b1b1-481a-97f1-76f050cbeb89

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 256ms
58ms Stylesheet
text/css 18.164.96.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-54.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 07:05:09 GMT
content-encoding: gzip
via: 1.1 241db89625f6ef70a00b0e19e0cfc332.cloudfront.net (CloudFront)
x-amz-version-id: L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
last-modified: Mon, 04 Jul 2022 16:47:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 19083587
etag: "4458a4d76a70cb207bcc34d6bc6f872f"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2902
x-amz-cf-id: 7RUAnSAEu7OyhnXE41nB078TrDvI0rC4eb2YxVkNYUt8W8ZNTn44kQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 262ms
64ms Script
text/javascript 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 23:53:43 GMT

GET
H2 200 jquery.fancybox-1.3.4.css
d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/ 9 KB
9 KB 186ms
59ms Stylesheet
text/css 54.230.244.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.css
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.244.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-244-165.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 15:52:08 GMT
x-amz-version-id: null
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified: Mon, 11 Apr 2011 19:35:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:503/gname:staff/uname:cschmidt/gid:20/mode:33261/mtime:1302547553/atime:1302547552/ctime:1302547553
x-amz-cf-pop: EWR53-P1
age: 43968
etag: "4638ce99ef00cf62bfb22d230f9924b8"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 8852
x-amz-cf-id: OJ4BSm0LpplG_ordM8sVmsBRjuWZtFNYAjyJ-LgPlc8VEHryfxgfMg==

GET
H2 200 jquery.fancybox-1.3.4.js Show response
d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/ 29 KB
29 KB 200ms
73ms Script
application/javascript 54.230.244.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.js
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.244.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-244-165.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:55:03 GMT
x-amz-version-id: null
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified: Mon, 11 Apr 2011 19:35:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:503/gname:staff/uname:cschmidt/gid:20/mode:33261/mtime:1302547553/atime:1302547554/ctime:1302547553
x-amz-cf-pop: EWR53-P1
age: 36593
etag: "e7fc2f8a70f0a9f966207c3f71130721"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 29398
x-amz-cf-id: UN4Ro1bMtB-pfe2WESxFvxRSonHhPyvycUsNpY72juWaQ6v5MPF6ug==

GET
H2 200 jquery-shims.bundle-aa41391.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 257ms
62ms Script
application/javascript 18.164.96.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-54.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 05:18:12 GMT
content-encoding: gzip
via: 1.1 241db89625f6ef70a00b0e19e0cfc332.cloudfront.net (CloudFront)
x-amz-version-id: NERBGQbHm_lKOjDZ074n69IsEuh4xo8x
x-amz-cf-pop: JFK50-P5
age: 3883604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1991
last-modified: Fri, 03 Mar 2023 20:45:18 GMT
server: AmazonS3
etag: "38757fcc43de99ee1372596123497bcb"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: xHPNmOM0MR_8qfn_WWMMtraNshNcW3M7VnRX1NM_KgreW2C0SQwrkg==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 213ms
52ms Script
application/javascript 2600:9000:23cb:1200:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990112
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:1200:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:40:35 GMT
content-encoding: gzip
via: 1.1 a5bf84280caeb8a606c41eaba71ee8be.cloudfront.net (CloudFront)
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 8058262
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1865
x-amz-cf-id: nSN2ecya4ioZ6dAQJ6pnzZtClp4kMVddVMNiF_Cz9YUmrr-QpfFJQQ==

GET
H2 200 da4b7e8d-accessibility-icon-grey_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www2.birchgold.com/thank-you/emergency-kit/ 720 B
1 KB 213ms
57ms Image
image/png 99.84.38.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www2.birchgold.com/thank-you/emergency-kit/da4b7e8d-accessibility-icon-grey_1000000000000000000028.png
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-125.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45a86e5f17ab675ca652ce1d577bd5fafd96d99a1195cbe71431d498cc929bae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 17:55:07 GMT
x-amz-version-id: gRO.CiQeC75niAJC6_4aUpoGvPhMy_oy
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
last-modified: Wed, 03 Jun 2020 20:26:58 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 1505390
etag: "3379d20b8b5b472e2c1ed2048b674a28"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 720
x-amz-cf-id: 8iu4AkiZ9p5bZxIcTzdEboyYp3N5C9vxywXRrsOE9WH1rJYnHl8Hiw==

GET
H2 200 main.bundle-5dc4c52.z.js Show response
builder-assets.unbounce.com/published-js/ 103 KB
33 KB 86ms
84ms Script
application/javascript 18.164.96.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-54.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5dc4c52ad9b22df4e2f70580e03de8ba2b2a3fc8ec48edfb0a2bb8e858975c2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:41:17 GMT
content-encoding: gzip
via: 1.1 241db89625f6ef70a00b0e19e0cfc332.cloudfront.net (CloudFront)
x-amz-version-id: pKHv9xoCp.Oeede.gA0bUZ9Qn6jRS9cc
last-modified: Wed, 23 Nov 2022 23:24:26 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 8673819
etag: "0bf2d86152e7e3622dcf4ab19253e64e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33506
x-amz-cf-id: fwnB13xQQllF418ocDcMctE8xjeNzaSCgUsUaPTxVRShKlkFHNhdGw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
49 KB 194ms
63ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Apr 2023 02:05:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 7184
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50234
expires: Fri, 21 Apr 2023 04:05:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 275 KB
89 KB 222ms
92ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6acd00e6800ecd60ab5c594f4732c861029b9b626baeeb0637ebb92961a4e13b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:04:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91161
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 04:04:56 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 accessibility.js Show response
cdn.equalweb.com/core/2.0.7/ 34 KB
12 KB 204ms
72ms Script
application/javascript 2606:4700:20::681a:d5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/core/2.0.7/accessibility.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000497d098847c13d6d87e046fdabe2b78971aadb7948d46dc473eabd730f954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freekit.birchgold.com/
Origin: https://freekit.birchgold.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:04:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 826408
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Mar 2020 09:54:48 GMT
server: cloudflare
etag: W/"024f26cd4fdd51:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsYuIPRp%2FXzhSp89GKmtn402TP6vcu%2Bk2rxH8jxxbM3%2BDJeXd6DAHwe3XhTYnKsh4gra2AxSs8g1o4%2BI%2FkB6oCDIpAXOWU9Xtlq7af9UUHRE1s1BTXJic1uTOMziTBB4K3OOHc1DIR5B6DmaOXM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: US
cf-ray: 7bb2beeaab5d18ea-EWR

GET
BLOB 200
OK 5700696b-3c34-40c8-93c2-ceac90129c36
https://freekit.birchgold.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://freekit.birchgold.com/5700696b-3c34-40c8-93c2-ceac90129c36
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 34338a85-new-logo_107601i000000000000028.png
d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/ 5 KB
5 KB 59ms
57ms Image
image/png 99.84.38.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/34338a85-new-logo_107601i000000000000028.png
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-125.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 305981fa61c0c69ef524ef786b3d9bb08b55cf2c67abb6414a9bdd97d50962ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 12:11:55 GMT
x-amz-version-id: gqeXxxQNO7xJ7SrPr4.6PDLLG2oql.Sw
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 19:29:19 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 1007582
etag: "de1d39c19c9c6cc67f4f8739591fecbb"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4612
x-amz-cf-id: 5x6MvfMEGKxk2jO5SlPOA-ottTBWznST8fMqqkpppJGdPOOvZhkS6g==

GET
H2 200 3bea71e7-footer-logo_104c027000000000000028.png
d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/ 2 KB
3 KB 62ms
60ms Image
image/png 99.84.38.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/3bea71e7-footer-logo_104c027000000000000028.png
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-125.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca2a4fc99d09ed851fa1cd014f88b2e8cb1b2e998f0ae5f3d8a5456623fe9cf0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:39:37 GMT
x-amz-version-id: H.VgA.fv3OuWXVSkfVqT2hfQZQxb9Fce
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 19:29:19 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 231920
etag: "811d403b4ae6ad16a6ad5e94d317b357"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2400
x-amz-cf-id: GoGyxJb9dG_1xOQoBlMO8XeSG6i-PZqRLs1rLxg3EHBpOs3-uozXow==

GET
H2 200 954ee051-2023infokit-mockup-2_10820ab08209j000006028.png
d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/ 32 KB
33 KB 65ms
64ms Image
image/png 99.84.38.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/954ee051-2023infokit-mockup-2_10820ab08209j000006028.png
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-125.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44fd62e26ee123b8f6b0185ee13ebba129e8b8c9ef43bfb912c1b23093476bbc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 12:11:55 GMT
x-amz-version-id: Io1Yyb7yTaaTUgUmHB4Rocu4AD64aOg6
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 19:29:19 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 1007582
etag: "1967ca4cf8c511190349a5b825105bf3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 33027
x-amz-cf-id: 5CAr6blu5F9CbpzMvIvsysSJfu_cRe1t95DgW7jTgHHHTc9X40KinQ==

GET
H2 200 282ace1a-getfreeaccess_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/ 4 KB
5 KB 65ms
64ms Image
image/png 99.84.38.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/282ace1a-getfreeaccess_1000000000000000000028.png
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-125.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 294f37e7f8ed9b16a67883c2e65f162d5722af41cedf6e192fb7bf3c42f9374c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 03:34:27 GMT
x-amz-version-id: umOguz6nVUKxDk4avTQzcescEOw4UcCd
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 19:29:19 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 261030
etag: "46a7c09bf1a7d80ce4b631369d199184"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4594
x-amz-cf-id: 9AKvR2J9czP_sFpts0qFIy1SfsfEMpsZWmU1LdoXekeyGYH4xr9pyg==

GET
H2 200 d252777d-ronp-dyz_105401y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/ 2 KB
2 KB 67ms
66ms Image
image/png 99.84.38.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/d252777d-ronp-dyz_105401y000000000000028.png
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-125.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9e587fa477dacc79e1da36861b075cb1a9bb0a134c7bb9b96089c6490b82f78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:13:24 GMT
x-amz-version-id: fY.jnYgEUzxtfBNQ4JtpGMEWt2nKKuMl
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 19:29:19 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 233493
etag: "6f886dd853b2f56e1339d965af84470c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1701
x-amz-cf-id: g6HYgDggx4Gj4ty_x60rDgSZsqCi1BQt4s6sRSu37fPq_-EqAuymNA==

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 69ms
68ms Script
application/javascript 2600:9000:23cb:1200:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:1200:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:05:06 GMT
content-encoding: gzip
via: 1.1 a5bf84280caeb8a606c41eaba71ee8be.cloudfront.net (CloudFront)
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 313191
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30399
x-amz-cf-id: VKOBwioXhXcBmDICtm2_S5y_w_VStF-1yHvHhtW_8ZOourFqqADdMw==

GET
H2 200 default.css Show response
cdn.equalweb.com/style/ 11 KB
3 KB 57ms
55ms Fetch
text/css 2606:4700:20::681a:d5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/default.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/2.0.7/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2172be828b0fd1ba4c0f653b83993eb11881e49e3be4f0fff04e482c04a0b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:04:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 826407
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Jan 2023 09:32:18 GMT
server: cloudflare
etag: W/"07de495d2fd91:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9myPsEaJLnHUnVuBAmc1jE54nsy9WBR%2Bml0z3jZ8o487wA9y1V3rSTqIC1bGwsENJZ3J0E1Y%2FL36%2F1hD17VMEpdUZuDV%2FGvc9YcRZCqfqFV6bzQEG%2FjMlYIS5dEUP43TG0%2BquloJ0QGiC3fzzs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: US
cf-ray: 7bb2beeb8bf118ea-EWR

GET
H2 200 btncolor.css Show response
cdn.equalweb.com/style/ 105 B
426 B 59ms
58ms Fetch
text/css 2606:4700:20::681a:d5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/btncolor.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/2.0.7/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:04:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 826407
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Feb 2019 11:16:31 GMT
server: cloudflare
etag: W/"3f26cd3dfbc1d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnHoHlqlJ9bDIifpl%2B9leVJz5Qr3ROmkOB%2BTdBsuDGp%2FiKLn1PSzUT6a2mPTGGGtcb%2B2UnNNVp0HoflWK7zYOjKVbmJGYj2VKUhkS0l8XlqSTVJi75wvqgnMO4L7jhjV%2BdNGYW5oMWDOt8rLXF8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: US
cf-ray: 7bb2beeb8bf218ea-EWR

GET
H2 200 locale.js Show response
cdn.equalweb.com/assets/scripts/ 29 KB
10 KB 61ms
60ms Fetch
application/javascript 2606:4700:20::681a:d5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/scripts/locale.js

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/2.0.7/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:04:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1783536
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Apr 2021 07:22:31 GMT
server: cloudflare
etag: W/"80d59982334d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpRlpGoJp2r%2FORuoQH432RKrRtGUM%2F0WrkmXeOr343JtYURD1WPVKjFhuFiuZm2wXId7KIc1KEjv%2BpAu7Y%2BuTI1DszMMXvI4%2FgS1uIq3ulIyfTbIVYjltcChgT8TMzHRyi%2Fadz4mnJafixG%2BrXw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: US
cf-ray: 7bb2beeb8bf318ea-EWR

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 80ms
70ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1003556690&t=pageview&_s=1&dl=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&dp=%2Flf%2Fron-paul-hidden-strategy%2Fb%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&ul=en-us&de=UTF-8&dt=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=1241531083&gjid=537457315&cid=204086821.1682049896&tid=UA-26514599-1&_gid=518079231.1682049896&_r=1&_slc=1&cd1=rphs&cd2=16168&cd3=&cd4=&z=311520696

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freekit.birchgold.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freekit.birchgold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
events.ub-analytics.com/ 43 B
282 B 209ms
58ms Image
image/gif 34.230.252.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1682049896316&e=pv&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&page=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=2b6932fb-135f-489c-a06b-1df4747d2dfa&dtm=1682049896313&vp=1600x1200&ds=1600x2339&vid=1&sid=324d7d63-624e-42ab-8444-a2b068fbd211&duid=3864958a-22bc-4617-865e-bfeae82e629c&uid=01667050-b1b1-481a-97f1-76f050cbeb89&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiYjg3ODczYzAtY2M1Yy00ZTk3LWJjNjAtNWM5NDc4MGI4MmM1IiwidmFyaWFudElkIjoiYiIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.252.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-252-255.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:04:56 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
351 B 168ms
59ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-26514599-1&cid=204086821.1682049896&jid=1241531083&gjid=537457315&_gid=518079231.1682049896&_u=YEBAAAAAAAAAACAAI~&z=1437239423

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freekit.birchgold.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Apr 2023 04:04:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freekit.birchgold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1014439656/ 2 KB
1 KB 258ms
128ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014439656/?random=1682049896395&cv=11&fst=1682049896395&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&hn=www.googleadservices.com&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&auid=1183594270.1682049896&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5db8525583ffa1eb513162edd325418586ac2713b3e783354125cf53d0146290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 184ms
48ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Apr 2023 04:04:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: X4rz2e4M1/+l+rdjCefuLtTkXrhV/XvhyvPjuXYVdFyc+gZXiBzlfa0XMKqNkhTtF9SiD8IKLxyt9dZ4GBMUYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/970024165/ 2 KB
2 KB 225ms
110ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970024165/?random=1682049896418&cv=11&fst=1682049896418&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&hn=www.googleadservices.com&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&auid=1183594270.1682049896&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ae966cb058cb065adf77a7c50f43c8c817093da15f3ffd8c6e66508d84351db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1014439656/ 2 KB
1 KB 226ms
112ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014439656/?random=1682049896420&cv=11&fst=1682049896420&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&hn=www.googleadservices.com&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&auid=1183594270.1682049896&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f24925c88a7276eaaa11b9da3fec51368476ae3ec32a34bf0deb61df9cf83aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/967420539/ 2 KB
1 KB 244ms
131ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/967420539/?random=1682049896421&cv=11&fst=1682049896421&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&hn=www.googleadservices.com&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&auid=1183594270.1682049896&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37b02a2e467e8afc9c6f9d03d9ca0b5932aa537c2829485f2bf1e719a2e77cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 187ms
62ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 21 Apr 2023 04:04:55 GMT
last-modified: Thu, 20 Apr 2023 19:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81D93E6650784FDABE7AC1634032467D Ref B: EWR311000103025 Ref C: 2023-04-21T04:04:56Z
etag: "808c558fba73d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12036

GET
H2 200 47297.js Show response
app.truconversion.com/ti-js/3907/ 23 KB
6 KB 360ms
112ms Script
application/javascript 52.10.176.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truconversion.com/ti-js/3907/47297.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.176.180 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-176-180.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

cdbb95614bbc703901ae9fe65090d2c97f5a433eefa0d6d53f51970198e6c842

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' .truconversion.com http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob:; style-src 'self' 'unsafe-inline' http: https:; img-src http: https: data: blob:; connect-src wss://.truconversion.com wss://.intercom.io wss://.appcues.net wss://.wistia.com wss://.crisp.chat http: https: data: blob:; font-src http: https: data: blob:; object-src http: https:; media-src http: https: data: blob:; form-action 'self' http://.truconversion.com https://.truconversion.com;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Apr 2023 04:04:57 GMT
content-encoding: gzip
content-security-policy: default-src 'self'; frame-src 'self' *.truconversion.com http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob:; style-src 'self' 'unsafe-inline' http: https:; img-src http: https: data: blob:; connect-src wss://*.truconversion.com wss://*.intercom.io wss://*.appcues.net wss://*.wistia.com wss://*.crisp.chat http: https: data: blob:; font-src http: https: data: blob:; object-src http: https:; media-src http: https: data: blob:; form-action 'self' http://*.truconversion.com https://*.truconversion.com;
last-modified: Fri, 21 Apr 2023 04:03:03 GMT
server: nginx
etag: W/"64420af7-5a9f"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
cache-control: max-age=180, public, stale-while-revalidate=10, stale-if-error=10
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block
expires: Fri, 21 Apr 2023 04:07:56 GMT

GET
H2 200 a-00rm.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 212ms
57ms Script
application/javascript 2600:9000:23cb:3200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00rm.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:3200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f699eed586c8d9d40c848ea77e15846a351fd5c3d57c25dd9953722b3f7871cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 08:43:07 GMT
content-encoding: gzip
via: 1.1 dedf8f82a63be28fe4cc799f6c4bfc08.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 69709
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: _bqMtQLeDWugXPq1q2la9QjWXeOq5FnZ1WPzEEWUcx2OCHAJM-3wew==

GET
H2 200 wr-713cbbfc21e9433f201f18c9fd24f46f.js Show response
widget.wickedreports.com/v2/4607/ 423 B
791 B 182ms
49ms Script
text/javascript 18.164.116.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/v2/4607/wr-713cbbfc21e9433f201f18c9fd24f46f.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-82.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84463f84e396707899de77178763aa92e1fc1d76a110c57baa4a62b70a09d9c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 08:30:50 GMT
via: 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 15:46:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 70447
x-amz-server-side-encryption: AES256
etag: "4ee99f9d2fb2767c85f88be71b230668"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 423
x-amz-cf-id: 6h6oZstuDNGvQbuMWCj6KPiTq5lac6vnfETTp8F8iLZqvxKells3mg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
82 KB 78ms
75ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LT00S9FL51&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e80a1ffb67adb7910b043eb6458020846d3cf8b591c9c5e83029168ff4efcf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:04:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83514
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 04:04:56 GMT

POST
H2 200 1014439656
google.com/pagead/form-data/ 0
0 228ms
77ms Ping
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/1014439656?em=tv.1&gtm=45He34j0&auid=1183594270.1682049896
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 204 1014439656
google.com/ccm/form-data/ 0
258 B 203ms
75ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/1014439656?em=tv.1&gtm=45He34j0&auid=1183594270.1682049896
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freekit.birchgold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
631 B 193ms
59ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=1000259693124&.yp=29351&js=no

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 21 Apr 2023 04:04:56 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
245 B 100ms
61ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10026813

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 21 Apr 2023 04:04:56 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 259ms
98ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-26514599-1&cid=204086821.1682049896&jid=1241531083&_u=YEBAAAAAAAAAACAAI~&z=70974947

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
258 B 158ms
58ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LT00S9FL51&gtm=45je34j0&_p=1003556690&_gaz=1&cid=204086821.1682049896&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682049896&sct=1&seg=0&dl=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&dt=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LT00S9FL51&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freekit.birchgold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 60ms
59ms Ping
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LT00S9FL51&cid=204086821.1682049896&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LT00S9FL51&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freekit.birchgold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.js Show response
widget.wickedreports.com/ 25 KB
8 KB 55ms
55ms Script
application/javascript 18.164.116.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/widget.js
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/v2/4607/wr-713cbbfc21e9433f201f18c9fd24f46f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-82.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 144d8e97e6c7cf0fb2b2d6191c48d19aa5c161d157319b81368b98e44ca68524

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:51:18 GMT
content-encoding: gzip
via: 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 13:51:13 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 51219
etag: W/"98c4523724acf65082b7b3a28bcc3d2a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: sy3v7ex6P1zTESQ4LFqBIJXmd8ugYtx5y614Acy3-UEVo1lyQ3BVgg==

GET
H2 204 4021378.js Show response
bat.bing.com/p/action/ 0
119 B 168ms
160ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4021378.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 21 Apr 2023 04:04:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 287C92AF732846CC942C3E946902E469 Ref B: EWR311000103025 Ref C: 2023-04-21T04:04:56Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
362 B 73ms
72ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4021378&Ver=2&mid=15980e4c-5914-4313-981e-8dd3d6045843&sid=ad590830dff911ed905d8b4b9f7ede26&vid=ad59ad60dff911edb08525750520a475&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&p=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&r=&lt=670&evt=pageLoad&sv=1&rn=344136

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Apr 2023 04:04:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C48C4CB9E32649CA843E036981547657 Ref B: EWR311000103025 Ref C: 2023-04-21T04:04:56Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 56ms
55ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.102

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 04:04:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZrLoR1WuzXl4pPaLCSpTVuYQ97BYV2pD+i1FI5y3iBA31j/gHsIAE/8sRRtHBdLMhGUUqyHkEJ1/7VYIr58vYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 409099025899147 Show response
connect.facebook.net/signals/config/ 150 KB
42 KB 96ms
95ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/409099025899147?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d161094f46106545027f6881c9009cbe8cf6f4ad9cea6db82dbd904230604057

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Apr 2023 04:04:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: PRXpDveMmyujU5hhmMMSPhBi2ksXuw6DXkv2cgUEitjag8ByTZVLc9urPMZJJJ7S6KUH8wsnIfNIF/YcKLQypw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/970024165/ 42 B
154 B 204ms
102ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/970024165/?random=1682049896418&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=1533169738&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1014439656/ 42 B
108 B 204ms
104ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1014439656/?random=1682049896420&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=3122516049&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1079334/ 58 KB
18 KB 204ms
95ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1079334/tfa.js
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9649f6e09b20e057679635f6c95c97d984f6d77f15e373c177a0737a6d0ccf9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: rg4Q27AXdgwW1bbUCcbG.TpQ1GalyESG
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 04:04:56 GMT
x-amz-request-id: B0RHG6HZ3B7WBAEX
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18201
x-amz-id-2: TuVXsr5sZ7GVuXYKF/++vud80eftEG3+1rdRgnxamauYeQNPlaIX6LiWFhGUM6BVmDmQRaoAgW8=
x-served-by: cache-yyz4576-YYZ
last-modified: Sun, 16 Apr 2023 11:14:37 GMT
server: AmazonS3
x-timer: S1682049897.827250,VS0,VE50
etag: "b0cad9acdcf91300d9dd917f7a0b4297"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 193ms
66ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:04:24 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ZT1ZCD41BCEE6QEZ
age: 33
x-amz-server-side-encryption: AES256
x-amz-id-2: NsLnxMBwt0bbKW/L0jQK7U01LH2HfifjuyqZcLyAIcnxakhAqnaz10Bg8RHexE3/OPNDqalsmQ0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H/1.1 200
OK MzDJGv9j Show response
io.clickguard.com/s/cHJvdGVjdG9y/ 8 KB
3 KB 213ms
93ms Script
application/javascript 2606:4700:20::681a:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/s/cHJvdGVjdG9y/MzDJGv9j
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 31b0092be9787a2ff00d6739438f9def7f38331607cd47091ed016af72e13ff0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:04:56 GMT
via: 1.1 google
Content-Encoding: br
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
x-powered-by: Express
etag: W/"1eb0-5kluPK8EJF12o50ayBBQhAdnL3E"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLPQO%2ForMjf4RoDPYTJ5TFdZfIWUgYHSyevy%2FtdSrcZE062AOP9MHg8JAlA8G0fBftcvoZASZrGTaU0Y5RvdRt0CMch5sJfwvJiKAn0zUId2CmFvQdi46wuny8jzyZP2uIKCSA9LHkvrfge6aOAR"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
access-control-allow-origin: *
Connection: keep-alive
CF-RAY: 7bb2beef6a1c0f42-EWR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 199ms
53ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:04:56 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000166-IAD

GET
H2 200 vpr.min.js Show response
cdn.veritonic.com/static/ 4 KB
2 KB 209ms
51ms Script
application/javascript 2600:9000:2512:3800:1e:549f:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.veritonic.com/static/vpr.min.js
Requested by: Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:3800:1e:549f:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 561c37dd8e1b8a9bc6d9b5d9e620fa080452bf68ae4cf31ad2588697f82a88f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: lpM9pHakfw6gqKkC2wOrxLlrGh49F.Zh
content-encoding: gzip
via: 1.1 bef00830ac8715b50c3242c5f64020a4.cloudfront.net (CloudFront)
date: Thu, 20 Apr 2023 22:32:19 GMT
last-modified: Wed, 21 Sep 2022 16:23:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 19958
x-amz-server-side-encryption: AES256
etag: W/"2ad48ac6e466c6833db7b2a2a6f52c40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: xE-96Fa9J_NVl9FnPl55Amj_MdDiuzRv6EJSTuqqUqZ0zeuRKI-cAw==

GET
H2 200 /
www.google.com/pagead/1p-user-list/1014439656/ 42 B
108 B 103ms
99ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1014439656/?random=1682049896395&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=660411279&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/967420539/ 42 B
108 B 103ms
101ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/967420539/?random=1682049896421&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=555111828&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.php Show response
track.wickedreports.com/ 118 B
342 B 223ms
84ms XHR
text/html 3.139.175.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wickedreports.com/index.php?WickedClientID=4607&WickedEmail=&WickedTrackingDate=1682049896734&WickedURL=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&WickedReferrerURL=
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.175.100 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-175-100.us-east-2.compute.amazonaws.com
Software: nginx / PHP/7.3.27
Resource Hash: 5baf1400e53ee82f8336eaaec41b0c589550b62d5033afaf875a34cd0e13d208

Request headers

Referer: https://freekit.birchgold.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Apr 2023 04:04:56 GMT
server: nginx
x-powered-by: PHP/7.3.27
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tc-app-v442.js Show response
cdn.truconversion.com/ 292 KB
77 KB 207ms
51ms Script
application/javascript 2600:9000:210b:6600:e:8cfd:cf40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.truconversion.com/tc-app-v442.js
Requested by: Host: app.truconversion.com
URL: https://app.truconversion.com/ti-js/3907/47297.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:6600:e:8cfd:cf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: bf2232e8f0591fce417af3c4a2f07a3d7caff19e6d58d9ed5a194ef9164c4dc9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 07:57:45 GMT
content-encoding: br
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 1022832
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 05 Sep 2022 10:32:56 GMT
server: nginx/1.18.0
etag: W/"6315d058-491b0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
x-amz-cf-id: TeC71mChr4UDMJzIQyHKABUl3Llll8l7uyD1XTg5oPCBB7tppY3taw==
expires: Mon, 08 Apr 2024 07:57:45 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 57ms
54ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Apr 2023 04:04:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: v6p0qP9wAFDOCllhhWV9FOwgx7oq6/cj1D1Vl8VkL/fbVz2XFbvEg1DyjQC583t88HEz1zURziyTCILSf3ilJg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1682049896829&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzs47zjcfk2frk4g0jn5s8&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Fut...
https://rp4.liadm.com/j?dtstmp=1682049896829&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzs47zjcfk2frk4g0jn5s8&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Fu...

13 B
551 B

217ms
63ms

XHR
application/json

3.216.127.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1682049896829&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzs47zjcfk2frk4g0jn5s8&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&wpn=lc-bundle&c=PHRpdGxlPlJvbiBQYXVsIFJldmVhbHMgVGhlIE5leHQgQmlnIEZpbmFuY2lhbCBTY2FtPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj4&i6=MjYwMjpmZmM4OjI6MTA0OjoxMg%3D%3D&n3pc=true

Requested by

Protocol

Server

3.216.127.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-127-149.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:04:57 GMT
x-pixel-event-id: 18e98215-85ee-4552-80fb-8530e448d393
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 50c2a29ad96d0050
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 21 Apr 2023 04:04:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1682049896829&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzs47zjcfk2frk4g0jn5s8&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&wpn=lc-bundle&c=PHRpdGxlPlJvbiBQYXVsIFJldmVhbHMgVGhlIE5leHQgQmlnIEZpbmFuY2lhbCBTY2FtPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj4&i6=MjYwMjpmZmM4OjI6MTA0OjoxMg%3D%3D&n3pc=true
access-control-allow-origin: https://freekit.birchgold.com
request-time: 0
access-control-allow-credentials: true
trace-id: 9a44a1b9f19abac5
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 173ms
50ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=409099025899147&ev=PageView&dl=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&rl=&if=false&ts=1682049896893&sw=1600&sh=1200&ud[ph]=45569da57f4b7bf472d7a864ef4781451cae6383fee9fb0ae40c59aa1ce475b7&ud[fn]=4cfdde69bde68452d2921db3186d45b8bc825df51e16b94b9517471589eb4f6f&ud[ln]=55b5c51f8670181b0454a698c930ee641890c5c80b1e7da87e39a768aa8231ac&v=2.9.102&r=stable&ec=0&o=60&cs_est=true&fbp=fb.1.1682049896890.769281570&it=1682049896667&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Apr 2023 04:04:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 json Show response
trc.taboola.com/1079334/trc/3/ 3 KB
2 KB 82ms
62ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1079334/trc/3/json?tim=1682049896943&data=%7B%22id%22%3A771%2C%22ii%22%3A%22%2Flf%2Fron-paul-hidden-strategy%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1682049896932%2C%22cv%22%3A%2220230416-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-birchgold-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1682049896942%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1079334/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ed9b65b3d9c377ce6f61a4233305bca73c79c4466c87611508cbe5e1a6efbe5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms: 25
date: Fri, 21 Apr 2023 04:04:57 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-yyz4576-YYZ
server: nginx
x-timer: S1682049897.977872,VS0,VE25
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 10026813.json Show response
s.yimg.com/wi/config/ 46 B
683 B 172ms
55ms XHR
application/json 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10026813.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

08f8ce625caeebebe308d998c51f3ef4591ab01e762aa93260d8d063067ac65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:01:17 GMT
x-amz-version-id: KPKMOX45MSqhGG74bjKNiQSxK.hf5hP6
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: AEM236XHSWJ02TXS
age: 14621
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: tPlhMR+ePZa3U+eIIG5dGCveEgq+ZCDcZB1F6ZpxqymuTAFt9fKmdncQ/+4Gzo4gyxu+tamVUSQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
server: ATS
etag: "ff1a19ec5f1fc72aaf53519db0ea74d2"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 235ms
78ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=adb3719c-d498-43ae-a702-b0e75cb74e90&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=80cd9283-b246-4b61-b7ae-ee97d9993f9f&tw_document_href=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&tw_iframe_status=0&txn_id=o9xdj&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 8
date: Fri, 21 Apr 2023 04:04:56 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: e078a9e320ce6839
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: bd49a58538601b910d81148e7bff9343620a4d2460df17bd1eb27e9ae18c41ff
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 246ms
77ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=adb3719c-d498-43ae-a702-b0e75cb74e90&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=80cd9283-b246-4b61-b7ae-ee97d9993f9f&tw_document_href=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&tw_iframe_status=0&txn_id=o9xdj&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 5
date: Fri, 21 Apr 2023 04:04:56 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 8936206f4198bf5c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 21589a25eecfbed6eb291b4965040bb1f6d3e4bd3a9463d9bafe36b4cac61967
content-length: 43

POST
H2 200 / Show response
atr.veritonicmetrics.com/ 13 B
131 B 99ms
98ms XHR
application/json 34.239.11.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://atr.veritonicmetrics.com/
Requested by: Host: cdn.veritonic.com
URL: https://cdn.veritonic.com/static/vpr.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.11.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-11-90.compute-1.amazonaws.com
Software: /
Resource Hash: b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9

Request headers

Referer: https://freekit.birchgold.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 04:04:57 GMT
content-length: 13
apigw-requestid: Dta4fiaeoAMEYcw=
content-type: application/json

OPTIONS
H2 200 /
atr.veritonicmetrics.com/ Frame 0
0 216ms
71ms Preflight
image/gif 34.239.11.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://atr.veritonicmetrics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.11.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-11-90.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://freekit.birchgold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: Dta4fgZtIAMEMCg=
content-length: 43
content-type: image/gif
date: Fri, 21 Apr 2023 04:04:57 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 40ms
39ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1079334/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 04:04:57 GMT
x-amz-request-id: 345CDBWW70P2J4KQ
age: 924
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: RXZ9eF1pCd0CDN+zmZsBdUvWy9zP/THQYOkdE0w5cIOOD+5zdquMw/vB8dFwYkBREq+fn3ZvR+o=
x-served-by: cache-yyz4576-YYZ
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1682049897.045023,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 52
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 814

GET
H2 200 eidf.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 41ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eidf.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1079334/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 04:04:57 GMT
x-amz-request-id: MDF1ZN70T49XVY6T
age: 22423
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6467
x-amz-id-2: 31MCdrWlJaO7VPTkeijfDCddcoc5wZ3qnEGbq/lzCgvbwa2jcTEBhuQ1KkKYGDl9+MpeTIwTpvw=
x-served-by: cache-yyz4576-YYZ
last-modified: Sun, 02 Apr 2023 13:49:08 GMT
server: AmazonS3
x-timer: S1682049897.045001,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 35903

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 194ms
56ms XHR
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 12130f469e29011394d5de2007d65731157ab3418400799fb7398212bb7c0d18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: cache-ewr18143-EWR
date: Fri, 21 Apr 2023 04:04:57 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://freekit.birchgold.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
291 B 61ms
60ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2021%20Apr%202023%2004%3A04%3A57%20GMT&n=0&b=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&.yp=10026813&f=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:04:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 21 Apr 2023 04:04:57 GMT

POST
H/1.1 200
OK MzDJGv9j Show response
io.clickguard.com/r/cHJvdGVjdG9y/ 0
670 B 88ms
87ms XHR
text/plain 2606:4700:20::681a:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/r/cHJvdGVjdG9y/MzDJGv9j
Requested by: Host: io.clickguard.com
URL: https://io.clickguard.com/s/cHJvdGVjdG9y/MzDJGv9j
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freekit.birchgold.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 21 Apr 2023 04:04:57 GMT
via: 1.1 google
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
x-powered-by: Express
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7GGBZXX0TNLIastDEb7WQ1%2FSc1cHh8RV1chJE0QyITgDlIQzqGTxNt9QbQi2BT6vR%2B8DMSv1X2WiD9m8wqAyoDKJvwNOvD7ODuGSpes1Mc0Go5Pndx3yiS6T003WM%2Fzx%2Fh9O%2BEcDA%2FzQniHnk4e"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
Connection: keep-alive
CF-RAY: 7bb2bef2cce143e1-EWR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0

OPTIONS
H/1.1 200
OK MzDJGv9j
io.clickguard.com/r/cHJvdGVjdG9y/ Frame 0
0 197ms
91ms Preflight
text/html 2606:4700:20::681a:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/r/cHJvdGVjdG9y/MzDJGv9j
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://freekit.birchgold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7bb2bef22c9243e1-EWR
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Fri, 21 Apr 2023 04:04:57 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tM3SZHGJRVcjUTjGtCrseYDqc%2FuPWzT8NfFSWeWuumMDtao%2FDmYKJCdK8Z3hxRQhdh3eKACtrL6y%2BIaVwup2HrOPn92cJLV%2F98pnCW5f0OWt3japeqcIs9P5RmXadij7eXdO5tjfzGG0bcg2nwDk"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST
via: 1.1 google
x-powered-by: Express

GET
H2 200 _tcvars.html Show response
cdn.truconversion.com/pixel/ Frame B1BF 1006 B
822 B 55ms
51ms Document
text/html 2600:9000:210b:6600:e:8cfd:cf40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.truconversion.com/pixel/_tcvars.html?r=https://freekit.birchgold.com
Requested by: Host: cdn.truconversion.com
URL: https://cdn.truconversion.com/tc-app-v442.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:6600:e:8cfd:cf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6c6266b24d55ff81b02e8d33386804506d04029ab872280fc4991fb716eaaea4

Request headers

Referer: https://freekit.birchgold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1022832
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000 public, immutable
content-encoding: br
content-type: text/html
date: Sun, 09 Apr 2023 07:57:45 GMT
etag: W/"60af7ee8-3ee"
expires: Mon, 08 Apr 2024 07:57:45 GMT
last-modified: Thu, 27 May 2021 11:13:44 GMT
pragma: public
server: nginx/1.18.0
vary: Accept-Encoding
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
x-amz-cf-id: o2uHlNUcBgq7UPqqcWtJAxQpiBlefaF1ecJ_aYU5an3xVja2wXay-w==
x-amz-cf-pop: EWR53-C3
x-cache: Hit from cloudfront

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 186ms
53ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=437dd91b-9f85-47ec-bd62-c0d8ccb1db4c-tuctb3b90e8&uad=cd07117f10011eef4a67c7c518791508967b427d6c9daf578785c7a93c2227f3&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 04:04:57 GMT
cache-control: no-store
server: nginx

GET
H3 200 _stcv19.html Show response
cdn.truconversion.com/pixel/ Frame B327 3 KB
1 KB 42ms
41ms Document
text/html 2600:9000:210b:6600:e:8cfd:cf40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.truconversion.com/pixel/_stcv19.html?origin=https://freekit.birchgold.com&fp=27626e23.f96d.a370.fff7.7a9dbef3cfd7&tclid=undefined
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:210b:6600:e:8cfd:cf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7655d08638dde85b3d2a5a72ea8ba722088520e1bdace042803818511c362b1b

Request headers

Referer: https://freekit.birchgold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1022830
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000 public, immutable
content-encoding: gzip
content-type: text/html
date: Sun, 09 Apr 2023 07:57:47 GMT
etag: W/"5d106c3f-c3a"
expires: Mon, 08 Apr 2024 07:57:47 GMT
last-modified: Mon, 24 Jun 2019 06:22:55 GMT
pragma: public
server: nginx/1.18.0
vary: Accept-Encoding
via: 1.1 345e58b151dd5a8ce47c17921388574a.cloudfront.net (CloudFront)
x-amz-cf-id: -vz8e7X9hd7TSxK_o-OAAsWzKAc2tIu95NKwKBRePn0ydl-6EAMibA==
x-amz-cf-pop: EWR53-C3
x-cache: Hit from cloudfront

GET
H2 204 unip Show response
trc-events.taboola.com/1079334/log/3/ 0
383 B 179ms
49ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1079334/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1682049896936&ver=36&isls=true&src=i&invt=1500&msa=1139&rv=1&tim=1682049898495&vi=1682049896932&ri=6242b3c2a5ebb78c9a0e8b0013c6857f&sd=v2_747a479db695f1673b083eb40a48191f_437dd91b-9f85-47ec-bd62-c0d8ccb1db4c-tuctb3b90e8_1682049896_1682049896_CNawjgYQpvBBGOSj8o_6MCABKAEw4QE4kaQOQNH4DkjKy9kDUPkDWABgAGjA-6nx24be9vABcAE&ui=437dd91b-9f85-47ec-bd62-c0d8ccb1db4c-tuctb3b90e8&ref=null&cv=20230416-8-RELEASE&item-url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1079334/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://freekit.birchgold.com
pragma: no-cache
date: Fri, 21 Apr 2023 04:04:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1079334/log/3/ 0
382 B 43ms
41ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1079334/log/3/unip?en=pre_d_eng_tb&tos=4560&scd=0&ssd=1&est=1682049896936&ver=36&isls=true&src=i&invt=3000&msa=1139&rv=1&tim=1682049901498&vi=1682049896932&ri=6242b3c2a5ebb78c9a0e8b0013c6857f&sd=v2_747a479db695f1673b083eb40a48191f_437dd91b-9f85-47ec-bd62-c0d8ccb1db4c-tuctb3b90e8_1682049896_1682049896_CNawjgYQpvBBGOSj8o_6MCABKAEw4QE4kaQOQNH4DkjKy9kDUPkDWABgAGjA-6nx24be9vABcAE&ui=437dd91b-9f85-47ec-bd62-c0d8ccb1db4c-tuctb3b90e8&ref=null&cv=20230416-8-RELEASE&item-url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1079334/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freekit.birchgold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://freekit.birchgold.com
pragma: no-cache
date: Fri, 21 Apr 2023 04:05:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

270 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
freekit.birchgold.com/lf/ron-paul-hidden-strategy/	1970-01-20 15:39:07	Name: ubpv Value: b%2Cb87873c0-cc5c-4e97-bc60-5c94780b82c5
freekit.birchgold.com/lf/ron-paul-hidden-strategy	1969-12-31 23:59:59	Name: trcksesh Value: 27e5b6c4-af50-4b27-9bf9-1820d50dbfe2
.taboola.com/rainmaker-birchgold-sc/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_747a479db695f1673b083eb40a48191f_437dd91b-9f85-47ec-bd62-c0d8ccb1db4c-tuctb3b90e8_1682049896_1682049896_CNawjgYQpvBBGOSj8o_6MCABKAEw4QE4kaQOQNH4DkjKy9kDUPkDWABgAGjA-6nx24be9vABcAE
freekit.birchgold.com/	1970-01-20 15:33:21	Name: ubvs Value: 01667050-b1b1-481a-97f1-76f050cbeb89
.birchgold.com/	1970-01-20 11:18:29	Name: ubvt Value: v2%7C01667050-b1b1-481a-97f1-76f050cbeb89%7Cb87873c0-cc5c-4e97-bc60-5c94780b82c5%3Ab%3Asingle
.birchgold.com/	1970-01-20 11:57:21	Name: placement Value: rphs
.birchgold.com/	1970-01-20 11:57:21	Name: utm_content Value: rphs_v01d_041923
.birchgold.com/	1970-01-20 11:57:21	Name: msid Value: 16168
.birchgold.com/	1970-01-20 11:57:21	Name: utm_medium Value: push
.birchgold.com/	1970-01-20 11:57:21	Name: utm_campaign Value: nm
.birchgold.com/	1970-01-20 11:57:21	Name: utm_source Value: nm
.birchgold.com/	1970-01-20 11:57:21	Name: cid Value: bgg_ad
.birchgold.com/	1970-01-20 11:15:36	Name: _gid Value: GA1.2.518079231.1682049896
.birchgold.com/	1970-01-20 11:14:09	Name: _gat Value: 1
.birchgold.com/	1970-01-20 13:23:45	Name: _gcl_au Value: 1.1.1183594270.1682049896
.birchgold.com/	1970-01-20 20:50:09	Name: _ga_LT00S9FL51 Value: GS1.1.1682049896.1.0.1682049896.60.0.0
.birchgold.com/	1970-01-20 20:50:09	Name: _ga Value: GA1.1.204086821.1682049896
.doubleclick.net/	1970-01-20 11:14:10	Name: test_cookie Value: CheckForPermission
.birchgold.com/	1970-01-20 11:15:36	Name: _uetsid Value: ad590830dff911ed905d8b4b9f7ede26
.birchgold.com/	1970-01-20 20:35:45	Name: _uetvid Value: ad59ad60dff911edb08525750520a475
.birchgold.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .birchgold.com
.birchgold.com/	1970-01-20 20:50:09	Name: _lc2_fpi Value: d0b47f1b938f--01gygzs47zjcfk2frk4g0jn5s8
.yahoo.com/	1970-01-20 20:00:07	Name: A3 Value: d=AQABBGgLQmQCEH8ARDyJBZ_i_Nwk8fPOdcoFEgEBAQFcQ2RLZAAAAAAA_eMAAA&S=AQAAAupLiwJBNeZnplUSmPvsn3A
.bing.com/	1970-01-20 20:35:45	Name: MUID Value: 03CE92C7AB746B6C083E803DAAFE6ADF
.bat.bing.com/	1970-01-20 11:24:14	Name: MR Value: 0
.birchgold.com/	1970-01-20 11:15:36	Name: wickedfu Value: %7B%22url%22%3A%22https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad%22%2C%22time%22%3A1682049896733%2C%22c%22%3A4607%7D
.birchgold.com/	1970-01-20 13:23:45	Name: _fbp Value: fb.1.1682049896890.769281570
.taboola.com/	1970-01-20 19:59:45	Name: t_gid Value: 437dd91b-9f85-47ec-bd62-c0d8ccb1db4c-tuctb3b90e8
.liadm.com/	1970-01-20 20:50:09	Name: lidid Value: cd7217e5-c7ee-4f7d-9708-f37c6e610a2f
.freekit.birchgold.com/	1969-12-31 23:59:59	Name: _tcSessInfo Value: {"timestamp":1682049897148,"pageView":1}
.t.co/	1970-01-20 20:50:09	Name: muc_ads Value: 4bc329c3-fb36-4350-875a-98f7d3d5ad56
.twitter.com/	1970-01-20 20:50:09	Name: guest_id_marketing Value: v1%3A168204989722289972
.twitter.com/	1970-01-20 20:50:09	Name: guest_id_ads Value: v1%3A168204989722289972
.twitter.com/	1970-01-20 20:50:09	Name: personalization_id Value: "v1_dipXiOFEBCoI7qjw143xSg=="
.twitter.com/	1970-01-20 20:50:09	Name: guest_id Value: v1%3A168204989722289972
.freekit.birchgold.com/	1969-12-31 23:59:59	Name: _tcSecSess Value: {"sess":"e68abbe1ac6f277026d58e091da","device_type":"desktop","ip":"96.9.249.38","tcvfp":"27626e23-f96d-a370-fff7-7a9dbef3cfd7","locale":"en_US","country":"US","city":"Buffalo","region":"NY","timestamp":1682049897757}
.freekit.birchgold.com/	1970-01-20 20:50:09	Name: _tcfpup Value: 1682049897836
.freekit.birchgold.com/	1970-01-20 20:50:09	Name: ti_ukp Value: 27626e23.f96d.a370.fff7.7a9dbef3cfd7
.freekit.birchgold.com/	1970-01-20 20:50:09	Name: _tisfrv Value: uu:bb0082e4b77664545aadde00eb7abe33\|v:1\|sts:1682049897843\|cst:1682049897843
.freekit.birchgold.com/	1970-01-20 20:50:09	Name: _tiupvc Value: ["cc2fa91423ada21a37f47cc274a86255"]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
analytics.twitter.com
app.truconversion.com
atr.veritonicmetrics.com
b-code.liadm.com
bat.bing.com
builder-assets.unbounce.com
cdn.equalweb.com
cdn.taboola.com
cdn.truconversion.com
cdn.veritonic.com
cds.taboola.com
connect.facebook.net
d2xxq4ijfwetlm.cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
freekit.birchgold.com
google.com
googleads.g.doubleclick.net
io.clickguard.com
pips.taboola.com
rp.liadm.com
rp4.liadm.com
s.yimg.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
track.wickedreports.com
trc-events.taboola.com
trc.taboola.com
widget.wickedreports.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.244.42.133
104.244.42.3
141.226.224.32
141.226.224.48
146.75.28.157
151.101.193.44
18.164.116.82
18.164.96.54
2001:4860:4802:38::181
2001:4998:14:800::1001
2600:1f18:730:b140:da14:81b8:2274:6bb2
2600:9000:210b:6600:e:8cfd:cf40:93a1
2600:9000:23cb:1200:1d:11cf:5800:93a1
2600:9000:23cb:3200:8:8845:1500:93a1
2600:9000:2512:3800:1e:549f:95c0:93a1
2606:4700:20::681a:c98
2606:4700:20::681a:d5f
2607:f8b0:4004:c09::9c
2607:f8b0:4006:807::2004
2607:f8b0:4006:80b::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::200a
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::300
3.139.175.100
3.216.127.149
3.224.141.128
34.230.252.255
34.239.11.90
52.10.176.180
54.230.244.165
76.13.32.146
99.84.38.125
000497d098847c13d6d87e046fdabe2b78971aadb7948d46dc473eabd730f954
000651abcf919bbd8e37f899c25434342ef4e7b206dc754aa8637c1d14ffa97c
08f8ce625caeebebe308d998c51f3ef4591ab01e762aa93260d8d063067ac65a
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
12130f469e29011394d5de2007d65731157ab3418400799fb7398212bb7c0d18
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
144d8e97e6c7cf0fb2b2d6191c48d19aa5c161d157319b81368b98e44ca68524
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
294f37e7f8ed9b16a67883c2e65f162d5722af41cedf6e192fb7bf3c42f9374c
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
305981fa61c0c69ef524ef786b3d9bb08b55cf2c67abb6414a9bdd97d50962ba
31b0092be9787a2ff00d6739438f9def7f38331607cd47091ed016af72e13ff0
37b02a2e467e8afc9c6f9d03d9ca0b5932aa537c2829485f2bf1e719a2e77cd9
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
44fd62e26ee123b8f6b0185ee13ebba129e8b8c9ef43bfb912c1b23093476bbc
45a86e5f17ab675ca652ce1d577bd5fafd96d99a1195cbe71431d498cc929bae
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
4ed9b65b3d9c377ce6f61a4233305bca73c79c4466c87611508cbe5e1a6efbe5
550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281
561c37dd8e1b8a9bc6d9b5d9e620fa080452bf68ae4cf31ad2588697f82a88f6
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ae966cb058cb065adf77a7c50f43c8c817093da15f3ffd8c6e66508d84351db
5baf1400e53ee82f8336eaaec41b0c589550b62d5033afaf875a34cd0e13d208
5db8525583ffa1eb513162edd325418586ac2713b3e783354125cf53d0146290
5dc4c52ad9b22df4e2f70580e03de8ba2b2a3fc8ec48edfb0a2bb8e858975c2c
5e80a1ffb67adb7910b043eb6458020846d3cf8b591c9c5e83029168ff4efcf9
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
6acd00e6800ecd60ab5c594f4732c861029b9b626baeeb0637ebb92961a4e13b
6c6266b24d55ff81b02e8d33386804506d04029ab872280fc4991fb716eaaea4
7655d08638dde85b3d2a5a72ea8ba722088520e1bdace042803818511c362b1b
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
84463f84e396707899de77178763aa92e1fc1d76a110c57baa4a62b70a09d9c4
9649f6e09b20e057679635f6c95c97d984f6d77f15e373c177a0737a6d0ccf9d
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9
b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
bf2232e8f0591fce417af3c4a2f07a3d7caff19e6d58d9ed5a194ef9164c4dc9
ca2a4fc99d09ed851fa1cd014f88b2e8cb1b2e998f0ae5f3d8a5456623fe9cf0
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cdbb95614bbc703901ae9fe65090d2c97f5a433eefa0d6d53f51970198e6c842
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d161094f46106545027f6881c9009cbe8cf6f4ad9cea6db82dbd904230604057
e2172be828b0fd1ba4c0f653b83993eb11881e49e3be4f0fff04e482c04a0b42
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e587fa477dacc79e1da36861b075cb1a9bb0a134c7bb9b96089c6490b82f78
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f24925c88a7276eaaa11b9da3fec51368476ae3ec32a34bf0deb61df9cf83aea
f699eed586c8d9d40c848ea77e15846a351fd5c3d57c25dd9953722b3f7871cc

freekit.birchgold.com Open in urlscan Pro 3.224.141.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

97 %HTTPS

53 %IPv6

25 Domains

38 Subdomains

36 IPs

1 Countries

740 kBTransfer

2052 kBSize

40 Cookies

0 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freekit.birchgold.com Open in urlscan Pro
3.224.141.128 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

97 %
HTTPS

53 %
IPv6

25
Domains

38
Subdomains

36
IPs

1
Countries

740 kB
Transfer

2052 kB
Size

40
Cookies

78 HTTP transactions
1 data transactions