theretirementgroup-5957063.hs-sites.com Open in urlscan Pro
2606:4700::6810:7568 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Submission: On September 21 via api (September 21st 2022, 4:22:44 pm UTC) from US — Scanned from DE

Summary HTTP 95 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 40 IPs in 3 countries across 36 domains to perform 95 HTTP transactions. The main IP is 2606:4700::6810:7568, located in United States and belongs to CLOUDFLARENET, US. The main domain is theretirementgroup-5957063.hs-sites.com.

This is the only time theretirementgroup-5957063.hs-sites.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700::68... 2606:4700::6810:7568	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700::68... 2606:4700::6811:f1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
14	2600:9000:215... 2600:9000:2156:ea00:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:c00:11:ad6d:cf00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:2c40::c7... 2606:2c40::c73c:671f	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	2606:4700::68... 2606:4700::6811:aec8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.57 13.32.99.57	16509 (AMAZON-02) (AMAZON-02)
6	143.204.214.192 143.204.214.192	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:1901:0:7... 2600:1901:0:7d2::	15169 (GOOGLE) (GOOGLE)
1	34.117.233.127 34.117.233.127	15169 (GOOGLE) (GOOGLE)
1	65.9.66.91 65.9.66.91	16509 (AMAZON-02) (AMAZON-02)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	34.107.203.234 34.107.203.234	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e7cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:82ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	108.138.17.98 108.138.17.98	16509 (AMAZON-02) (AMAZON-02)
3	18.66.147.43 18.66.147.43	16509 (AMAZON-02) (AMAZON-02)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.205.45.130 18.205.45.130	14618 (AMAZON-AES) (AMAZON-AES)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f449	13335 (CLOUDFLAR...) (CLOUDFLARENET)
95	40

3 2606:4700::6810:7568 (United States)

ASN13335 (CLOUDFLARENET, US)

theretirementgroup-5957063.hs-sites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:f1cc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:2156:ea00:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:c00:11:ad6d:cf00:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fmgsuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2c40::c73c:671f (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

retirekit.theretirementgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:aec8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2128 (United States)

ASN13335 (CLOUDFLARENET, US)

5957063.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-57.fra60.r.cloudfront.net

cdn.neverbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.214.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-192.fra53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:7d2:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

g792337340.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1188506010.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.233.127 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 127.233.117.34.bc.googleusercontent.com

there11178.pcapredict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-91.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.203.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-preview.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.98 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-98.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.45.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-45-130.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f449 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 14922 settings.luckyorange.com — Cisco Umbrella Rank: 15219 api-preview.luckyorange.com — Cisco Umbrella Rank: 32198	470 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 557 c.clarity.ms — Cisco Umbrella Rank: 998 d.clarity.ms — Cisco Umbrella Rank: 5189	26 KB
6	cloudfront.net d10lpsik1i8c69.cloudfront.net	100 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 7081	45 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 394 www.linkedin.com — Cisco Umbrella Rank: 623 px4.ads.linkedin.com — Cisco Umbrella Rank: 6198	3 KB
4	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5559 forms.hubspot.com — Cisco Umbrella Rank: 3106 track.hubspot.com — Cisco Umbrella Rank: 2260	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 375 c.bing.com — Cisco Umbrella Rank: 220	13 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	207 KB
4	hubspot.net 1 redirects cdn2.hubspot.net — Cisco Umbrella Rank: 7229	17 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 1846	192 KB
3	hsstatic.net static.hsstatic.net — Cisco Umbrella Rank: 130843	2 KB
3	hs-sites.com theretirementgroup-5957063.hs-sites.com	13 KB
2	myfonts.net 1 redirects hello.myfonts.net — Cisco Umbrella Rank: 5179	922 B
2	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 1834 api-iam.intercom.io — Cisco Umbrella Rank: 2386	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6352	656 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	656 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	3 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2989	371 B
2	g792337340.co g792337340.co — Cisco Umbrella Rank: 106894	1 KB
2	theretirementgroup.com retirekit.theretirementgroup.com	44 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4400	443 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 769	3 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3542	872 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2156	16 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3246	3 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4853	23 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4128	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2138	20 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 7634	1 KB
1	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 591	2 KB
1	pcapredict.com there11178.pcapredict.com	13 KB
1	g1188506010.co g1188506010.co — Cisco Umbrella Rank: 689942	227 B
1	neverbounce.com cdn.neverbounce.com — Cisco Umbrella Rank: 100568	29 KB
1	hubspotusercontent-na1.net 5957063.fs1.hubspotusercontent-na1.net	2 KB
1	fmgsuite.com static.fmgsuite.com — Cisco Umbrella Rank: 102769	7 KB
95	36

	Domain	Requested by
14	tools.luckyorange.com	theretirementgroup-5957063.hs-sites.com tools.luckyorange.com
6	d10lpsik1i8c69.cloudfront.net	theretirementgroup-5957063.hs-sites.com d10lpsik1i8c69.cloudfront.net
5	static.hsappstatic.net	theretirementgroup-5957063.hs-sites.com
4	www.googletagmanager.com	theretirementgroup-5957063.hs-sites.com www.googletagmanager.com
4	cdn2.hubspot.net	1 redirects theretirementgroup-5957063.hs-sites.com
3	api-preview.luckyorange.com	tools.luckyorange.com
3	d.clarity.ms	www.clarity.ms
3	js.intercomcdn.com	widget.intercom.io
3	bat.bing.com	theretirementgroup-5957063.hs-sites.com bat.bing.com
3	static.hsstatic.net	theretirementgroup-5957063.hs-sites.com
3	theretirementgroup-5957063.hs-sites.com	theretirementgroup-5957063.hs-sites.com
2	hello.myfonts.net	1 redirects client
2	px.ads.linkedin.com	2 redirects
2	c.clarity.ms	1 redirects
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	www.google.de	theretirementgroup-5957063.hs-sites.com
2	www.google.com	theretirementgroup-5957063.hs-sites.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	googleads.g.doubleclick.net	www.googleadservices.com
2	settings.luckyorange.com	tools.luckyorange.com
2	region1.google-analytics.com	www.googletagmanager.com
2	g792337340.co	theretirementgroup-5957063.hs-sites.com
2	retirekit.theretirementgroup.com	theretirementgroup-5957063.hs-sites.com
1	forms.hsforms.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	api-iam.intercom.io	js.intercomcdn.com
1	snap.licdn.com	js.hsadspixel.net
1	track.hubspot.com
1	c.bing.com	1 redirects
1	widget.intercom.io	1 redirects
1	api.hubapi.com	js.hsadspixel.net
1	app.hubspot.com	static.hsappstatic.net
1	js.hs-banner.com	theretirementgroup-5957063.hs-sites.com
1	js.hsadspixel.net	theretirementgroup-5957063.hs-sites.com
1	js.hscollectedforms.net	theretirementgroup-5957063.hs-sites.com
1	js.hsleadflows.net	theretirementgroup-5957063.hs-sites.com
1	js.hs-analytics.net	theretirementgroup-5957063.hs-sites.com
1	www.googleadservices.com	www.googletagmanager.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	static.hotjar.com	theretirementgroup-5957063.hs-sites.com
1	there11178.pcapredict.com	theretirementgroup-5957063.hs-sites.com
1	g1188506010.co	theretirementgroup-5957063.hs-sites.com
1	cdn.neverbounce.com	theretirementgroup-5957063.hs-sites.com
1	5957063.fs1.hubspotusercontent-na1.net	theretirementgroup-5957063.hs-sites.com
1	static.fmgsuite.com	theretirementgroup-5957063.hs-sites.com
95	46

This site contains links to these domains. Also see Links.

Domain
www.theretirementgroup.com
retirekit.theretirementgroup.com
brokercheck.finra.org
www.facebook.com
www.linkedin.com
twitter.com
blog.theretirementgroup.com

Subject Issuer	Validity	Valid
hubspot.net Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
luckyorange.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
retirekit.theretirementgroup.com Cloudflare Inc ECC CA-3	`2022-04-05` - `2023-04-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2022-02-24` - `2023-02-23`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
neverbounce.com Amazon	`2022-02-28` - `2023-03-28`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
g792337340.co GTS CA 1D4	`2022-09-04` - `2022-12-03`	3 months	crt.sh
g1188506010.co GTS CA 1D4	`2022-08-28` - `2022-11-26`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
settings.luckyorange.com R3	`2022-09-01` - `2022-11-30`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
api-preview.luckyorange.com R3	`2022-09-01` - `2022-11-30`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Frame ID: 4858C1AB1BA67B2BF4772356EF3A6A62
Requests: 70 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Frame ID: DE8CAACA5B0A954371B26906593AA076
Requests: 4 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=8a0ecc5
Frame ID: 6EDC5DDFA7D9853784CB63134BE19D43
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.263d2f7f.js
Frame ID: 43CA7D22310C49E111AC005A41100004
Requests: 4 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=8a0ecc5
Frame ID: 846DC6FE1ADDDBCF60BD81621D1F02C5
Requests: 1 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=8a0ecc5
Frame ID: EFA544B59A25E83BCC121E11C1B5BF1D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

95
Requests

83 %
HTTPS

68 %
IPv6

36
Domains

46
Subdomains

40
IPs

3
Countries

1362 kB
Transfer

4427 kB
Size

37
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.theretirementgroup.com/?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Home

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/our-firm?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Our Firm

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/charles-schwab?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Charles Schwab

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/fsc-securities?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: FSC Securities

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/pershing?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Pershing

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/en-us/fiduciary-acknowledgement-letter?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Fiduciary Acknowledgement

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/hubfs/CRS-ADV/TRG%20LLC%20ADV%20Part%202A_3-29-21.pdf?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: TRG, LLC ADV

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/hubfs/CRS-ADV/TRG-FORM-CRS-ADV-PART.pdf?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: TRG, LLC CRS

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/hubfs/CRS-ADV/2022%20TRG%20Privacy%20Policy.pdf?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://retirekit.theretirementgroup.com/industry-redirect?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Platinum Wealth Services

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/our-services?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Our Services

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/mini-retirekit-calculator?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Calculator

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/careers?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Career

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/contact-us?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/blog?__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Blog

Search URL Search Domain Scan URL

URL: http://brokercheck.finra.org/

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/?hsLang=en&__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Home Page

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheRetirementGroup/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-retirement-group-llc

Search URL Search Domain Scan URL

URL: https://twitter.com/TRGLLC

Search URL Search Domain Scan URL

URL: https://blog.theretirementgroup.com/?hsLang=en&__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889

Search URL Search Domain Scan URL

URL: https://retirekit.theretirementgroup.com/contact-us?hsLang=en&__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.theretirementgroup.com/hubfs/CRS-ADV/2021%20TRG%20Privacy%20Policy.pdf?hsLang=en&__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&__hsfp=492729889
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1663684080072/hubspot/hubspot_default/shared/responsive/layout.min.css HTTP 301
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1663684080072/hubspot/hubspot_default/shared/responsive/layout.min.css

Request Chain 22

http://bat.bing.com/bat.js HTTP 307
https://bat.bing.com/bat.js

Request Chain 54

https://widget.intercom.io/widget/imt47wdr HTTP 302
https://js.intercomcdn.com/shim.latest.js

Request Chain 55

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=81C81C81E29E458883FF506D9521860C&RedC=c.clarity.ms&MXFR=35C6D74022286B6F2367C56626286558 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=81C81C81E29E458883FF506D9521860C&MUID=3D996DE7DC0A6F38028A7FC1DD616E96

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3291833%2C652922&time=1663777359269&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3291833%252C652922%26time%3D1663777359269%26url%3Dhttp%253A%252F%252Ftheretirementgroup-5957063.hs-sites.com%252F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3291833%2C652922&time=1663777359269&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3291833%2C652922&time=1663777359269&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&liSync=true&e_ipv6=AQISQr2wEHtmJwAAAYNg28fqY3gAPtbXgFt0Pm8t4Pj9RxeJ2LT6u0ihTk8NwW70hofyVCMieCvECibMIlP5Kk7ZmysdgQ

Request Chain 85

http://hello.myfonts.net/count/36f1f3 HTTP 301
https://hello.myfonts.net/count/36f1f3

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request -temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511 Show response
theretirementgroup-5957063.hs-sites.com/ 39 KB
11 KB 2543ms
2507ms Document
text/html 2606:4700::6810:7568
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: HTTP/1.1
Server: 2606:4700::6810:7568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d39868b5840702e61160b50ff8bbc582582b92399179f27a33738563a7fd2ade

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: false
CF-Cache-Status: MISS
CF-Ray: 74e423f3df3823af-ZRH
Cache-Control: s-maxage=5,max-age=5
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Wed, 21 Sep 2022 16:22:37 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-HS-Reason: Email 85414980212 does not have web version enabled
X-HubSpot-Correlation-Id: 65cf3b7f-f8e5-4473-bc77-46d22f1e0733
X-HubSpot-NotFound: true
X-Trace: 2B36BD4DA8FCD9373C630E88184009E370927AF700000000000000000000

GET
H2 200 module_43946555419_Homepage_Header.min.css
cdn2.hubspot.net/hub/5957063/hub_generated/module_assets/43946555419/1642706605879/ 7 KB
2 KB 694ms
643ms Stylesheet
text/css 2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5957063/hub_generated/module_assets/43946555419/1642706605879/module_43946555419_Homepage_Header.min.css
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4ba4c8fe7b99043a9d210d70a9ab15828bcbfef561dadbe95ac10f30eea3981

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1642706605879
date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD55-P5
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcK8DWiic%2BDY%2B1mndcJoSC4x6my677nztLNzjTxm3lDl6eyjDq3A7W11jktQLmbKghDN8M4g3FexCLPmRWXg2YW46kQ1Tx7SY3kaURZA4uei8Uuo2EPeobBQo2nql6lPX%2BWFmpGnFCAmvvQGX%2B0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Thu, 20 Jan 2022 19:23:26 GMT
server: cloudflare
etag: W/"3c53e2dab3c472d675f8deac6196b723"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 74e42403dfe60200-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 74ms
35ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122153986-1

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9c171ea76ea0e419ab01c14eb3b61116301d60f8cc263de243c6717c0e874f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43300
x-xss-protection: 0
expires: Wed, 21 Sep 2022 16:22:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 66ms
32ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1002586848

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

215fea77d1b996f5f1e5e86bcb35807e53b10f85113047ab17653c7ba02f00ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46552
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Sep 2022 16:22:38 GMT

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 11 KB
5 KB 111ms
15ms Script
application/javascript 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=441a497d
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bb70668c3a697c9dbeec81da46b468369fea6591ff492d152949f10b07927ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:31:47 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 16:31:21 GMT
server: AmazonS3
age: 3052
etag: "fe4e1bdb7d38477bc1b2ac29b76d1ef4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 4300
x-amz-cf-id: V_as5osEw9nO5Jaj1QDpKFF9ReBB7aho6cyyL3RxoHE-Qc2WRPvjLw==

GET
H2

200

layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1663684080072/hubspot/hubspot_default/shared/responsive/
Redirect Chain

http://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1663684080072/hubspot/hubspot_default/shared/responsive/layout.min.css
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1663684080072/hubspot/hubspot_default/shared/responsive/layout.min.css

4 KB
2 KB

48ms
48ms

Stylesheet
text/css

2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1663684080072/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: H2
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1663684081151
date: Wed, 21 Sep 2022 16:22:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 93233
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FQm1IX%2BDuP5Fh45Auw4wcYfQ85db93lRi%2BktdPiOB50qPErQuttMacQqEKCf3F5UlVK4uY9d0Hrpn%2BdxlnY6cs1qdFDmJ%2F7VTVd7aDJlr5Jl2BFJPUTlX9CtqkOGoXcj%2FC18zZDWJF9qWqxof8%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 20 Sep 2022 14:28:02 GMT
server: cloudflare
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 74e42403effb0200-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

Redirect headers

Date: Wed, 21 Sep 2022 16:22:37 GMT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93W%2FuVoQ1J%2Fm%2BSJBLY7dVgE5R0hALZJIWEYCYInZJRT2ye3UNF5gJPh37gVgsUeg4wFz%2B%2FYXjIsT3LRKCauHTLirCFrX91fweY4Cts6qFHKu66nsRLpGbUzMp6U3DlcINrtBXFjmoPMBqVkScsQ%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1663684080072/hubspot/hubspot_default/shared/responsive/layout.min.css
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 74e42403a90a0229-ZRH
Expires: Wed, 21 Sep 2022 17:22:37 GMT

GET
H/1.1 200
OK brokerCheck-bar-logo.png
static.fmgsuite.com/site/templates/global/img/ 6 KB
7 KB 84ms
15ms Image
image/png 2600:9000:2490:c00:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.fmgsuite.com/site/templates/global/img/brokerCheck-bar-logo.png
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: HTTP/1.1
Server: 2600:9000:2490:c00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 270a370311bb246a1b54005d05dbb6d51b4f20ac2c3dc19d98e68c20633eeecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: WRIlwUHIL.TULAEvAcfk9mDazZEFOkHs
Via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
ETag: "0a702e6adbbb9c114979785ab0055ff7"
Age: 39068
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: FAILED
Connection: keep-alive
Content-Length: 6131
Last-Modified: Thu, 25 Aug 2022 01:55:08 GMT
Server: AmazonS3
Date: Wed, 21 Sep 2022 05:31:31 GMT
Vary: Accept-Encoding
Content-Type: image/png
X-Amz-Cf-Pop: FRA56-P6
Accept-Ranges: bytes
X-Amz-Cf-Id: poCFvuVw0NCOkR5UsRGhtV6AkFx0e8HWfKYtr31oG5GdAaUhUP3X8Q==

GET
H2 200 TRG%20Full%20Logo-%20960.png
retirekit.theretirementgroup.com/hs-fs/hubfs/Image%20Galleries/Ben%20Images/ 15 KB
17 KB 884ms
782ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retirekit.theretirementgroup.com/hs-fs/hubfs/Image%20Galleries/Ben%20Images/TRG%20Full%20Logo-%20960.png?width=307&height=40&name=TRG%20Full%20Logo-%20960.png

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

689ac5216e5e044a5834d0f8446fb6f4cddae3bfe496134bb2a0d0fdaed25ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-23561361381,FD-48940499554,P-5957063,FLS-ALL
cache-tag: F-23561361381,FD-48940499554,P-5957063,FLS-ALL
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-https-only: worker
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 15825
last-modified: Fri, 09 Sep 2022 08:36:44 GMT
server: cloudflare
etag: "dc3cec59816eab2b36cd827fcb6b2235"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdklIXBK1GcaniL8x7L007SNknWBZTChR0jj5rwLrYIhokRHaJYAxV90EmctX7XBrStdvmFeGv%2BKRNSI21lCstXn%2FfMt3likTcTujG5xDA%2B9RAJb9NmVsFWfDhXT%2FxrfpSci%2FpJ69iHwI18TAaAXGRBX0GONCvddBoIMTpLw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 74e424089c97cc3e-ZRH
x-amz-cf-id: U9nywvPpq55k1eNYwjfSQb5Yig65OnSl-8ZeAcLVy5Sj1wrO4F-PxA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 facebook_original_white.png
static.hsstatic.net/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/ 410 B
628 B 125ms
63ms Image
image/png 2606:4700::6811:aec8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.hsstatic.net/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/facebook_original_white.png

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:aec8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

154f9f846ea52b2ce116318dccab9837fe4fd1c2db89ef28b6135d6ca43ad6fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 e6b325a976b10aa826ec63757afbdeda.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: MISS
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 410
last-modified: Tue, 19 Feb 2019 13:41:11 GMT
server: cloudflare
etag: "90c79559b24a8649bf80e14026b8be54"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: q.gRpbizZpm3frpVOMHbYrT1RaGK87cC
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 74e424085d5123f7-ZRH
x-amz-cf-id: iiv-7h2FVACny62bBlWSLAWTqgMgU_U-8MyHYfmW6BsHQZe1gTvUdw==
expires: Wed, 21 Sep 2022 17:22:38 GMT

GET
H2 200 linkedin_original_white.png
static.hsstatic.net/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/ 467 B
710 B 113ms
51ms Image
image/png 2606:4700::6811:aec8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.hsstatic.net/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/linkedin_original_white.png

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:aec8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d95df5f9ed7a7604c8307ed90696df90d5747170e945579e2d5c0881ad66fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: MISS
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 467
last-modified: Tue, 19 Feb 2019 13:41:12 GMT
server: cloudflare
etag: "3ab16fecadc2d8d0cdf1ed5eee7f0334"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 0oESb7a6NX.Ok4NEZFjBzHZUdCEMttsJ
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 74e424085d5323f7-ZRH
x-amz-cf-id: U_-lWEgCF-SZeLPPKhVfaOGTZDOu9DAmm4-HpYbLggvC8BTgfTrjZg==
expires: Wed, 21 Sep 2022 17:22:38 GMT

GET
H2 200 twitter_original_white.png
static.hsstatic.net/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/ 578 B
1 KB 108ms
47ms Image
image/png 2606:4700::6811:aec8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.hsstatic.net/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/twitter_original_white.png

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:aec8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88cec41f64559290087dbf9ed8b0cd08a798660963feed233671c39d90b75100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: MISS
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 578
last-modified: Tue, 19 Feb 2019 13:41:11 GMT
server: cloudflare
etag: "d8002fb847b182d52eb1b122a4dc2d81"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: RV86sJ_SQdRePXy5o2edWoogJgD7oRfd
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 74e424085d5423f7-ZRH
x-amz-cf-id: NhpOXdCYiIG0szoSvkZWf--1alBLBfA2NlSABLoScCwQf3hyqfukiw==
expires: Wed, 21 Sep 2022 17:22:38 GMT

GET
H2 200 2019-06-11%20-%20Copy.jpg
5957063.fs1.hubspotusercontent-na1.net/hub/5957063/hubfs/ 1 KB
2 KB 772ms
706ms Image
image/jpeg 2606:4700:4400::6812:2128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5957063.fs1.hubspotusercontent-na1.net/hub/5957063/hubfs/2019-06-11%20-%20Copy.jpg?height=25&name=2019-06-11%20-%20Copy.jpg
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 164be45e6be04413cd65094b16f32e1a0860a2b52a93468fa1d53f09a29f9c5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 ddf6879aa6c2007b075baebb295e9494.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-10543995436,P-5957063,FLS-ALL
cache-tag: F-10543995436,P-5957063,FLS-ALL
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 1193
last-modified: Mon, 19 Sep 2022 15:27:18 GMT
server: cloudflare
etag: "29c44909b357670ffa7aa9611960d645"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 74e424085b0d2355-ZRH
x-amz-cf-id: SnGmKNnphxDdBz-3ViQq1RiBMfnjWHzm9cDqFHQwKkptULI_VbGvcQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 jquery-1.11.2.js Show response
static.hsappstatic.net/jquery-libs/static-1.4/jquery/ 94 KB
34 KB 104ms
54ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:37 GMT
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 720316
cf-ray: 74e424048dd3cc4a-ZRH
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5SYM%2BbOs53XvF7yVAXdCVfdRHUBltNOqwUpXdYyTecwcEsZSLLqbTs7gwkfJaWU1z2%2BTAZCpOtjxSWgbm7BN0SO4DSTcful%2BsI4cYZHXJdW0ZILwJqnLQu7uy%2FhNrLEeWt6%2FztCkEZdgs81bQ7aej5in7Y%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: uG8ADTLbZ3sQlfUcEo0V7EzapK8XT_sbcu_ggVflZ-UjBsXlu1jarQ==
expires: Thu, 21 Sep 2023 16:22:37 GMT

GET
H2 200 jquery-migrate-1.2.1.js Show response
static.hsappstatic.net/jquery-libs/static-1.4/jquery-migrate/ 7 KB
3 KB 36ms
35ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/jquery-libs/static-1.4/jquery-migrate/jquery-migrate-1.2.1.js

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:37 GMT
via: 1.1 adb83a3a3628f104e6d1d9d74c07d92c.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 286726
cf-ray: 74e42404ee46cc4a-ZRH
x-cache: RefreshHit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"eb05d8d73b5b13d8d84308a4751ece96"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Xi%2BX03b%2BWNNc1yUIN7ZGCTnaEC5An2K3awc9J2zchMdxTHSd2Ubg7gGYxdpZDKwAbtm2sXVPkdLfPsTUBVbgPCSBdIDNR%2BpU3LhTgY7MPK4IKT5FIimDElvcMTT2%2F3WbV8W1AFGIdBm7bBCifaGbZmH0Sw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: CDG52-P2
content-type: application/javascript
x-amz-cf-id: j3JZ_HODs0wI_sn9CWYEB7ldmXssoyRU_sS1rwgCrbrpANqAE-3oag==
expires: Thu, 21 Sep 2023 16:22:37 GMT

GET
H3 200 project.js Show response
static.hsappstatic.net/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 53ms
53ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:37 GMT
via: 1.1 fcd8545d1b62265bb65a45721c43e6ad.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 684948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hm9Dl0XRvVeHbfPtNSdgwkTXvDNB0i4niqLjpNAJeJMYw29GUK2ck%2BNLxtRVcrT4VBdOXHAHgyIcmlvU0Ef26f7gMz3ndrKOld97x3R%2BbmAMjXOdCGkfTCJ0JC5qdg8xTrAu%2FnRqeoplSw6ISrSWr950M6Y%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
cache-control: public, max-age=31536000
x-amz-cf-pop: MXP63-P3
cf-ray: 74e424052a57020d-ZRH
x-amz-cf-id: rv4HlV8gLoNxjaHg4lwl2jKFOMAYQnAKYfD4cQbCnn_L3O4i47-s_Q==
expires: Thu, 21 Sep 2023 16:22:37 GMT

GET
H2 200 module_43946555419_Homepage_Header.min.js Show response
cdn2.hubspot.net/hub/5957063/hub_generated/module_assets/43946555419/1642706605728/ 77 KB
12 KB 848ms
847ms Script
application/javascript 2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5957063/hub_generated/module_assets/43946555419/1642706605728/module_43946555419_Homepage_Header.min.js
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b688dbfb414971a0ec75448083128b19f398c757f2b00006ad9df736ec423f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1642706605728
date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD55-P5
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kt0j0Hrf7694aVnakq%2Fs%2BWPFe23o7UPSAqW%2F4CCbBTo6YEN4M4QrAx3EMpbu0kYrWvg0SflrSlRICgyvvePnlmfNq7cJp8ZRbrvvFBC712Xo6qLqAcpkaYNK2BtFzFntJniZsnPFtr0mlkqfVMU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Thu, 20 Jan 2022 19:23:26 GMT
server: cloudflare
etag: W/"7dfa1e38af7dbb963b65f35e31d5326b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 74e424058b400200-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 project.js Show response
static.hsappstatic.net/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 38ms
38ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 11bc309875abf4cdfea734f39118b58e.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 643634
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huhO%2BbAVZQ%2FfHnmMJWHeK6vvyJgH%2B9LzLkEsjgm701x9VeDeJ7jdqT%2B7DvUo90RDAwxYLkNJAzr%2FmGuViikV8faefn5lKTa6QiB1QeuBUrYUiDlS16Q9tHeIoH47CHwzuARHJQ%2Fl%2FPM8PdCKVfnzKNxzOrw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
cache-control: public, max-age=31536000
x-amz-cf-pop: TXL50-P4
cf-ray: 74e42407ef40020d-ZRH
x-amz-cf-id: Xb8Ndkdbm_qQe8B-PweKWGaWyFLUyvSUSzbI9HiOSl694gabR4uxoA==
expires: Thu, 21 Sep 2023 16:22:38 GMT

GET
H/1.1 200
OK 5957063.js Show response
theretirementgroup-5957063.hs-sites.com/hs/scriptloader/ 2 KB
1 KB 352ms
349ms Script
application/javascript 2606:4700::6810:7568
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://theretirementgroup-5957063.hs-sites.com/hs/scriptloader/5957063.js?businessUnitId=0
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: HTTP/1.1
Server: 2606:4700::6810:7568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1267c11ca67937890903f649f995d7575caac5a85c3ebb8f436ae25000fe6cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 16:22:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: MISS
X-HubSpot-Correlation-Id: a672377c-d090-4d19-8520-0dd3700e2b26
Connection: keep-alive
Content-Length: 658
Last-Modified: Wed, 21 Sep 2022 16:22:38 GMT
Server: cloudflare
X-Trace: 2B39E4F05DD501631EE8C05EA101814F947212A283000000000000000000
Access-Control-Max-Age: 3600
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: http://theretirementgroup-5957063.hs-sites.com
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-Ray: 74e42408781123af-ZRH
Expires: Wed, 21 Sep 2022 16:23:38 GMT

GET
H3 200 index.js Show response
static.hsappstatic.net/HubspotToolsMenu/static-1.138/js/ 10 KB
4 KB 43ms
40ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/HubspotToolsMenu/static-1.138/js/index.js

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 64d18a7c557f9140c04169b7191025f8.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2336560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 14:35:54 GMT
server: cloudflare
etag: W/"0d86ec7be24f2dff2308b8edf54c2f32"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaoGvR58OXR%2FbUg0ha7DNp3cO2VtJsVf6xbYZtVFGlgQaWhVIEH%2FSE%2Fo%2B0wEOBIuJjaTRbjj5rNZuMncUMpE2DnqcvqLQhw4eiybGli1zFlTMSpq%2Fi9jxloEOZaMTgmwUys1y8VLI2g28cjiF7hugGdVBTs%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: k79.hN9WG526nViFF800Vr3DxQF_q.yo
cache-control: public, max-age=31536000
x-amz-cf-pop: TXL50-P4
cf-ray: 74e42407ff66020d-ZRH
x-amz-cf-id: xjT-UWipgKuxVkcY29rppLvzhd6bba43pQrAtMLePMTNoLBCNOzCOg==
expires: Thu, 21 Sep 2023 16:22:38 GMT

GET
H2 200 NeverBounce.js Show response
cdn.neverbounce.com/widget/dist/ 96 KB
29 KB 92ms
18ms Script
application/javascript 13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neverbounce.com/widget/dist/NeverBounce.js
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:55:18 GMT
content-encoding: gzip
last-modified: Mon, 02 Mar 2020 18:37:33 GMT
server: AmazonS3
age: 48440
etag: W/"c1e06621030dfcba15b88abbcaa546eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: k9mOfNCYHeO4OBlci4jDwA59iZKV5L91dEZUBrkp1T7IaCksaO48NQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
73 KB 86ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H6PJX1CEZ2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122153986-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c14631222ec9e2c46d6fbf74532cacf1ac3bc3e19d53be6c5a02829b0e08f717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74685
x-xss-protection: 0
expires: Wed, 21 Sep 2022 16:22:38 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 62ms
31ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1002586848&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122153986-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bb1bcb06be52f896210198c25a51890ab1bc31c37ecca12b0482fa6817820a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46504
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Sep 2022 16:22:38 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 65ms
15ms Script
application/javascript 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:50:56 GMT
content-encoding: gzip
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
age: 1903
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 0SDCm0WCIbLIlDrrIbe6_eU06pT8fBdStIPjLSpUxLjz8gFZrpH4Rw==

GET
H2

200

bat.js Show response
bat.bing.com/
Redirect Chain

http://bat.bing.com/bat.js
https://bat.bing.com/bat.js

38 KB
12 KB

86ms
42ms

Script
application/javascript

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E6B0D7857A784723A6C646BDE6327026 Ref B: FRAEDGE1510 Ref C: 2022-09-21T16:22:38Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 21 Sep 2022 16:22:37 GMT
accept-ranges: bytes
content-length: 11367

Redirect headers

Location: https://bat.bing.com/bat.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 gr Show response
g792337340.co/ 352 B
469 B 88ms
42ms Script
application/javascript 2600:1901:0:7d2::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g792337340.co/gr?id=-MZEOXN_J8s2GjiVpGHJ&refurl=&winurl=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 58cb0b8c4b7f9c89be1ec675bc1f99f484ba6f53107d0014e8ef5581269459ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 google
etag: W/"160-+FzVpSsB7Mw9eu3Pi4TMhBDKy0s"
server: Google Frontend
x-powered-by: Express
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: b0a8f4c31e8f4eab67299b85a60c9ad8
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 352

GET
H2 200 gr Show response
g792337340.co/ 352 B
630 B 80ms
34ms Script
application/javascript 2600:1901:0:7d2::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g792337340.co/gr?id=-MZEXm-rEX7DNVwQWXjp&refurl=&winurl=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: b25b6da7cac638479a8c7d633f3615af0ce60e2da6e8d90b74ad99b1f00f966d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 google
etag: W/"160-yui1I/haEdylwtmiieH1N/xN6VA"
server: Google Frontend
x-powered-by: Express
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: 30bd8c9c2917eb83ec8329fe0be7be0a
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 352

GET
H2 200 gb Show response
g1188506010.co/ 0
227 B 78ms
28ms Script
application/javascript 2600:1901:0:7d2::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g1188506010.co/gb?id=-Ma_fmhRsaMdsZvQNqjB&refurl=&winurl=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
content-type: application/javascript
x-cloud-trace-context: 3c969c153275b91ab8140ac4c5c37191
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK sensor.js Show response
there11178.pcapredict.com/js/ 65 KB
13 KB 89ms
38ms Script
text/javascript 34.117.233.127
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://there11178.pcapredict.com/js/sensor.js
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: HTTP/1.1
Server: 34.117.233.127 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 127.233.117.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 9f2d47516d007e01db3d27daba1ba1388c1148f0c2ea77f54ab3b15df1cc733f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 16:22:38 GMT
Via: 1.1 google
Server: nginx/1.20.2
Content-Type: text/javascript;charset=UTF-8
Content-Encoding: gzip
Cache-Control: public, max-age=60
X-Robots-Tag: noindex
Content-Length: 13158

GET
H2 200 hotjar-2814372.js Show response
static.hotjar.com/c/ 4 KB
2 KB 68ms
18ms Script
application/javascript 65.9.66.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2814372.js?sv=6

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-91.fra56.r.cloudfront.net

Software

Resource Hash

796e2286b5d7de72fa39d1bda2e168d18d1adebdaf53b8c50f800b192d57b984

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
access-control-allow-origin: *
x-cache-hit: 1
etag: W/91d6715caffc67e460caa70a8de7717b
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: BveeijlS_iOBYd6SMcpGst_G3SLf__rgERcVHISVpEmYidrWZnXItw==

GET
H2 200 TRG%20Full%20Logo-%20960.png
retirekit.theretirementgroup.com/hs-fs/hubfs/Image%20Galleries/Ben%20Images/ 27 KB
28 KB 918ms
826ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retirekit.theretirementgroup.com/hs-fs/hubfs/Image%20Galleries/Ben%20Images/TRG%20Full%20Logo-%20960.png?width=500&height=65&name=TRG%20Full%20Logo-%20960.png

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5370f9aebf11ddcedc652db31afd5b3c2ec7123ecb68f075a9494f4f692620b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 14386bbe111197c789e1b85b0496361c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-23561361381,FD-48940499554,P-5957063,FLS-ALL
cache-tag: F-23561361381,FD-48940499554,P-5957063,FLS-ALL
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-https-only: worker
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 27547
last-modified: Sun, 11 Sep 2022 15:54:37 GMT
server: cloudflare
etag: "dfc0f73007f1aad97b18faeb5b2d91b9"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6tDCFV9SzkycMMWBaQ%2Bf%2FQdPDpiKNFjjconT0tUBK8YisNi2P7qM3vUPBChe1yRJccb36BruDOz6oBRQFDd3KtsGqM5Zv8jGtLmpqmAZGekllEVMJrfQRFqUJZxgK3b9GKrutIlsTRMQTj0GJIBFiIqZuxbZS0366zFj7d6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 74e424089c98cc3e-ZRH
x-amz-cf-id: NIURMtzeBgNtFUorNn6dErm6dNxxxGTS6LIeJZp-xiL01n8sk0YcOg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 / Show response
settings.luckyorange.net/ 2 KB
1 KB 264ms
211ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&s=197266

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90b227b3dae06f271673703d1243294176b5dd61451e9f551cc187e331252140

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7e1TPa8DR6fSo2Q0X%2BiM2wTpTDT0Tc6ISS%2BA243XqtmjrrkBgnoUvCTNdH1kuUg9NSSNTKXP%2BFrj%2BB%2FhHo7WVc2C%2BNhJRx5xJ91%2BuDQR1QS81z5GXjy%2B4wBMQbfabOdAntgioOFUCJQFg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 74e42408bba69b40-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 102ms
64ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1002586848&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 16:22:38 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
354 B 62ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H6PJX1CEZ2&gtm=2oe9j0&_p=526208288&cid=1216138850.1663777358&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663777358&sct=1&seg=0&dl=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6PJX1CEZ2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 16:22:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 441a497d Show response
settings.luckyorange.com/ 4 KB
2 KB 167ms
134ms Fetch
application/json 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/441a497d
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=441a497d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 9eaf29c79712ea88600538e8068c436ed6ea89b1e0a236d73ad7483f56dad075

Request headers

Referer: http://theretirementgroup-5957063.hs-sites.com/
accept-language: de-DE,de;q=0.9
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-lucky-referrer

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

OPTIONS
H2 200 441a497d
settings.luckyorange.com/ Frame 0
0 172ms
131ms Preflight 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/441a497d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: http://theretirementgroup-5957063.hs-sites.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 google

GET
H2 200 17483320.js Show response
bat.bing.com/p/action/ 1 KB
842 B 126ms
126ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17483320.js

Requested by

Host: bat.bing.com
URL: http://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f34596b6202d6fa60e6716441d8309ff1abd8136c22a7124506f33e9f1f46108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 75C26C04A9624E009C20DD6136DDA793 Ref B: FRAEDGE1510 Ref C: 2022-09-21T16:22:38Z
date: Wed, 21 Sep 2022 16:22:37 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 667

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1002586848/ 2 KB
1 KB 98ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1002586848/?random=1663777358271&cv=9&fst=1663777358271&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&auid=1473211278.1663777358&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d164f1ca2c7eccb8418bb85f297ea20677908da34f074de7597fc8561c421d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1002586848/ 2 KB
2 KB 97ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1002586848/?random=1663777358274&cv=9&fst=1663777358274&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&auid=1473211278.1663777358&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4cd75adc03675cf1f97860824e512e2413ff1c16c67e76d15706415a7dbbbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17483320 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 378ms
159ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/17483320
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/17483320.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 7320ceea5c47b2ab9122f0ffce6396a6768b250fb7637a24937a212ca0552a86

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
x-powered-by: ASP.NET
x-azure-ref: 0TjorYwAAAAAnBoo5nmoCR785tl/LvVAYTE9OMjFFREdFMTYyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
content-length: 1540
expires: -1

GET
H2 200 /
www.google.com/pagead/1p-user-list/1002586848/ 42 B
548 B 69ms
29ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1002586848/?random=1663777358274&cv=9&fst=1663776000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&async=1&fmt=3&is_vtc=1&random=3475574096&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 16:22:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1002586848/ 42 B
108 B 105ms
65ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1002586848/?random=1663777358274&cv=9&fst=1663776000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&async=1&fmt=3&is_vtc=1&random=3475574096&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 16:22:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1002586848/ 42 B
108 B 73ms
34ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1002586848/?random=1663777358271&cv=9&fst=1663776000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&async=1&fmt=3&is_vtc=1&random=3223456578&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 16:22:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1002586848/ 42 B
548 B 72ms
34ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1002586848/?random=1663777358271&cv=9&fst=1663776000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&async=1&fmt=3&is_vtc=1&random=3223456578&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 16:22:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5957063.js Show response
js.hs-analytics.net/analytics/1663777200000/ 63 KB
20 KB 223ms
179ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1663777200000/5957063.js
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/hs/scriptloader/5957063.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff2429c38fa33dd294ea971c72a4b8580536c0d1854fe86cf61dbaa425d454ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 2MQWYM4EWGSQMY6K
x-amz-server-side-encryption: AES256
cf-ray: 74e4240b3f5223c7-ZRH
x-amz-id-2: jEhO5uJoDaeTkUd5jrnrx8zCdfyCY24cRQSPU96Zl/HKFkdCU9dLTLvGz7TxZcgQor8EJMqTbQA=
last-modified: Wed, 21 Sep 2022 09:33:23 GMT
server: cloudflare
etag: W/"0b0469708f083cdf57899c641b9652ce"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 21 Sep 2022 16:27:38 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 548 KB
88 KB 268ms
192ms Script
application/javascript 2606:4700::6811:e7cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/hs/scriptloader/5957063.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee

Request headers

Referer: http://theretirementgroup-5957063.hs-sites.com/
Origin: http://theretirementgroup-5957063.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: MISS
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js&cfRay=74e4240b785001eb-ZRH
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 74e4240b785001eb-ZRH
last-modified: Tue, 06 Sep 2022 03:53:55 UTC
server: cloudflare
etag: W/"6ec4f161716a8da5c8c95cda1e89dc05"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: Ur8e8LShl3Q9Sr_qgQx0CQrFz7yEnpM5
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Hq-ht0Vu9FhFENtnHeV_Npr5Vqky--3A7E94lqlgUy83_XbD8at3Sg==
x-hs-target-asset: lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 65 KB
23 KB 232ms
184ms Script
application/javascript 2606:4700::6811:82ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/hs/scriptloader/5957063.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer: http://theretirementgroup-5957063.hs-sites.com/
Origin: http://theretirementgroup-5957063.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 f9ffa60c9d8e866d90f2c98c19adc4f4.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: MISS
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74e4240b4e0e0215-ZRH
x-cache: Miss from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 74e4240b4e0e0215-ZRH
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
server: cloudflare
etag: W/"7a468b833be86c01bc8dfd455308f792"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
content-type: application/javascript; charset=utf-8
x-amz-cf-id: w9Y684qIeqVzP059XBfn8VTNlvMoYDVv9OpK3Run9X8jTyMGUaWbSw==
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 83ms
37ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/hs/scriptloader/5957063.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad96268c084f73bfd7caff9b12708aaa3958f5b691852a66ca6edbff5cbb3b97

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 86
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.292/bundles/pixels-release.js&cfRay=74e421ee4dc50229-ZRH
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 19 Sep 2022 01:19:12 UTC
server: cloudflare
etag: W/"3ddb5311061af493bf45a46ad102035c"
vary: Accept-Encoding
x-amz-version-id: _ilLjO_Ic2VuI1NjCMpRRtVJyLlc7j3G
cache-control: max-age=600
x-hs-cache-status: MISS
x-amz-cf-pop: IAD55-P5
cf-ray: 74e4240b3d6223af-ZRH
x-amz-cf-id: VfN7p4TLWfrtrdytVZGsp5S4_1WQr-lC12jrb_I3AZYZ-AC4fCpI6g==
x-hs-target-asset: adsscriptloaderstatic/static-1.292/bundles/pixels-release.js

GET
H2 200 5957063.js Show response
js.hs-banner.com/ 60 KB
16 KB 313ms
261ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5957063.js
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/hs/scriptloader/5957063.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28a2e1fac36c0234bbe1ed8941da180c2060e2033a653f5b3f1e8973c1a45cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 2MQJS719ENJESNFD
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: sNpwZM7rgV8+stsCqBCkxHH4huNXrewLKFgex9IZSxC2yjHXbBkt+jWpbWDsEmJ/J6DcCeoQBW8=
timing-allow-origin: *
last-modified: Wed, 21 Sep 2022 09:33:18 GMT
server: cloudflare
etag: W/"a4d6170ca8adfabbdcd78f2ca44b3701"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: ZLxeXO1KrMNCWWVfo7JwpZ___h5RhYxR
access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 74e4240b491701f0-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 21 Sep 2022 16:27:38 GMT

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
688 B 276ms
231ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=5957063&callback=jsonpHandler

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/HubspotToolsMenu/static-1.138/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: 4fcda4f2-7689-4cad-b642-9fa55f8af8b1
x-trace: 2B7FD75BF2BB892562CC393440DF63FA8607D766DD000000000000000000
date: Wed, 21 Sep 2022 16:22:38 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
cf-cache-status: DYNAMIC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=74e4240b38790221&resource=unknown"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 74e4240b38790221-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame DE8C 287 KB
93 KB 479ms
448ms Script
application/javascript 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb

Request headers

Referer
Origin: http://theretirementgroup-5957063.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
content-encoding: gzip
last-modified: Fri, 02 Sep 2022 19:59:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"6a7ba000cc0f3518baa46608eb12410c"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31536000
x-cache: Miss from cloudfront
x-amz-cf-id: sJGr3ccQHuh0jzPhnb24nHA0H6ohYfOIvRgxj2Moy8sap37_1jAFkw==
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)

GET
H2 204 0
bat.bing.com/action/ 0
175 B 39ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17483320&Ver=2&mid=001da73e-0325-4422-997e-79245e7c44ac&sid=9bee6a2039c911edabbaf56e5e13b7a2&vid=9bee8b0039c911ed819fdb00a539acc5&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&r=&lt=3758&evt=pageLoad&sv=1&rn=138285

Requested by

Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 84555606A6544ECB97B691B0ABB8612C Ref B: FRAEDGE1510 Ref C: 2022-09-21T16:22:38Z
date: Wed, 21 Sep 2022 16:22:38 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.js Show response
tools.luckyorange.com/core/ Frame 6EDC 204 KB
62 KB 455ms
421ms Script
application/javascript 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/core.js?v=8a0ecc5
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=441a497d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32c7ad96308f6af745d811cb40e0922506fd8a3cec66da79bd81dd5538f4b51b

Request headers

Referer
Origin: http://theretirementgroup-5957063.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 62966
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2022 16:31:22 GMT
server: AmazonS3
etag: "7d65d0dae1bfaf54fe6cf19206080aa8"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: M8622CQ845nMv2ofK4tm8nkhOA3lgbExf1ppvGTUfFZeqUxz0p-JoQ==

GET
H2 200 clarity.js Show response
www.clarity.ms/eus/s/0.6.40/ 54 KB
23 KB 155ms
155ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/17483320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: br
etag: "1d8c7baa5622330"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0TjorYwAAAABoQMoiKAlfRZF+tsKuTzWaTE9OMjFFREdFMTYyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 200ms
155ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=5957063&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c1dd2850b0994538e73ec503b146d865c6fc24e612a7a00fc5aae8a1c71a453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: http://theretirementgroup-5957063.hs-sites.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7318e303-6eda-45da-8beb-34443bc4778b
cf-ray: 74e4240cdadc0211-ZRH
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxcnodDTPQE7kKhMJaQiLFZf1wyZaJBBDWiwEDaX4S4ILwIjvimuLy1OdAa4EOKPF6nmCnEjKHcHj3AgAk%2Fvx0Z9XQ5epZAR4KtiwRhrDYN44e9i7wCAclpUF2S0S0Gqh0nb%2F0PhS98whyot93Xv"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 117 B
872 B 216ms
169ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5957063

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aeda3eb756ae4f403645d59e56e57e5b1ef3f4ead2742c240339b773bf8fc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 16edc2d5-2440-4e0b-bda3-1e1826be6b91
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BE927757EA104FC6F1AFCE9850293012F37C627F4000000000000000000
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0VqW9ANXRnfxfWgBvpmvv%2FgeD6K6Kd7OgVeBTgvFxOtYpN%2BctzzfFwHRi5UqzLben1E%2BjjTgnWVnBgn5CDdoVpYDjbO%2Bsr%2BNcDemzHDH2usOWE9fm4%2BGnSgtUTEUIvJ3g3%2FCdAz3kb4pc%2Be"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
access-control-allow-credentials: false
cf-ray: 74e4240d5c1a0225-ZRH
access-control-allow-headers: *

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/imt47wdr
https://js.intercomcdn.com/shim.latest.js

18 KB
7 KB

54ms
17ms

Script
application/javascript

18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/shim.latest.js

Protocol

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b263adfb9ff9c13c1a4d89d5c8b465acddf5d2dd93b442cb9a6aca1a60fac1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: TnM5kFZdHi1NLY9HbqNnQzk9EUqjb5KO
content-encoding: gzip
etag: "bef11c0cf0f48a265946af386a8b78a5"
age: 135
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6171
last-modified: Wed, 21 Sep 2022 15:20:11 GMT
server: AmazonS3
date: Wed, 21 Sep 2022 16:20:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: e_j_sQGPg27UolKND_mbtGOpPSQ2mVD1xXIp4qbqG6er9ZPBAdfh8g==

Redirect headers

date: Thu, 25 Aug 2022 21:03:48 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
server: AmazonS3
age: 2315930
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA56-P7
content-length: 0
x-amz-cf-id: MjkhPluvK-8Do8_MM18-Rl1Aw3iYP9GnOPR4rXSDUdqdU34SVDx1rA==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=81C81C81E29E458883FF506D9521860C&RedC=c.clarity.ms&MXFR=35C6D74022286B6F2367C56626286558
https://c.clarity.ms/c.gif?CtsSyncId=81C81C81E29E458883FF506D9521860C&MUID=3D996DE7DC0A6F38028A7FC1DD616E96

42 B
369 B

81ms
81ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=81C81C81E29E458883FF506D9521860C&MUID=3D996DE7DC0A6F38028A7FC1DD616E96
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 16:22:38 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8d3298b0aac7d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 16:22:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4BE8C6764CC846BCB2EFD46BB1CED69F Ref B: FRAEDGE1510 Ref C: 2022-09-21T16:22:39Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=81C81C81E29E458883FF506D9521860C&MUID=3D996DE7DC0A6F38028A7FC1DD616E96
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
521 B 155ms
154ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=492729889&v=1.1&a=5957063&ct=standard-page&ccu=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F404&lvc=en&pu=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&cts=1663777358951&vi=5e7fe407b89b2effe7ac16a6209fab4e&nc=true&u=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&b=233546881.1.1663777358948&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f08076e4-241a-400e-b886-2e2476471693
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
x-robots-tag: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hj7IgnIufapchJCts2oOThe%2FpsqtYNSEjUcudsAbAkkl1ByHkYNtE3kGdkNnYgqF3Gj%2BHzuD6FXnfY6R49zIjIrfW4SCwDXKJhUrRwaHC2Nz15Z9Z9pPoGiPrrkhwf5T3xUlWn9GANSWoLszrlIh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 74e4240d9c860221-ZRH

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 255 B
827 B 242ms
241ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5957063&utk=5e7fe407b89b2effe7ac16a6209fab4e&__hstc=233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1&__hssc=233546881.1.1663777358948&contentId=null&currentUrl=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfb4d8e2fe93a564a78948f5903a96d8736d655d4765ade6d390317c31616c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 4a04fd79-44e0-48aa-a8ff-628f255397b4
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-robots-tag: none
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okRHPp6hptQqmT2Tq0dYK5u5ABR1p%2FBg%2BwFsU6ZnPLPjnmwSH6t8d0gNwUcS5h%2FjtoAtrx8yc2R%2FGDAjZQeg0xlQwo%2BPKN1mCcLKmDXGhNmbYPQbfuC5ZeHSZXp5e8rk1n59Oq2VJCrFCWH0%2BQ7q"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 74e4240dcc5c0211-ZRH
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

POST
H2 204 collect Show response
d.clarity.ms/ 0
192 B 573ms
293ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://theretirementgroup-5957063.hs-sites.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
date: Wed, 21 Sep 2022 16:22:39 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 frame-modern.263d2f7f.js Show response
js.intercomcdn.com/ Frame 43CA 427 KB
117 KB 18ms
18ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.263d2f7f.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/imt47wdr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fd9c50f3f0b864600334ab89b24b4b6130e6392a573b8c49cbfdeb238459848c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:20:25 GMT
content-encoding: gzip
age: 3735
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 119561
last-modified: Wed, 21 Sep 2022 15:18:48 GMT
server: AmazonS3
etag: "ff7b32ebde30df325a7587f650682188"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: ei5O1R5erXrH1qMdu6szsnkkPvuM5A74
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: ERqWc8WGxswQplNuXEACEgA-ku-wRjjPvI7XXm7M5sylpOO206knlA==

GET
H2 200 vendor-modern.91c3f416.js Show response
js.intercomcdn.com/ Frame 43CA 219 KB
68 KB 51ms
51ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.91c3f416.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/imt47wdr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c08f9fdd969cd7eac9b18f1de4be38d1ea4650583a3860a774ce034fe99e7532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:05:49 GMT
content-encoding: gzip
age: 4611
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 69368
last-modified: Wed, 21 Sep 2022 15:02:51 GMT
server: AmazonS3
etag: "5fd2c1f0ff47fbcca0937754b26c50bc"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: X2NQ3Qy3.EFgUOH2CaMogpophQlVPXLI
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: PTHq7J0GpwiR2cTYHkW-WV8aL3CJRTd3t0rG5_QBfKJdy9lAYX5z9g==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 149ms
47ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=11008
accept-ranges: bytes
content-length: 3063

POST
H2 403 ping Show response
api-iam.intercom.io/messenger/web/ Frame 43CA 166 B
820 B 423ms
209ms XHR
application/json 18.205.45.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.263d2f7f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.205.45.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-45-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

607d571f40b505cc56997c0e242ff9dfdc90d5591651533aa7524d08460ecb11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 403 Forbidden
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept,Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0003cbmqdbav5p97b9fg
x-runtime: 0.072870
server: nginx
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 13332
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
x-intercom-version: 2db1e87cccae6afaade05745de62d226cb1bfe44
cache-control: no-cache
access-control-allow-credentials: true
x-ratelimit-reset: 1663777360
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 bootstrap.js Show response
tools.luckyorange.com/messenger/ 4 KB
2 KB 404ms
404ms Script
application/javascript 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/bootstrap.js
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=8a0ecc5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3208cfa5ef112cb02b5c9b160f3f40a75961b113c5de6017416704eadc88999

Request headers

Referer: http://theretirementgroup-5957063.hs-sites.com/
Origin: http://theretirementgroup-5957063.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:40 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 1680
access-control-allow-origin: *
last-modified: Mon, 18 Jul 2022 18:24:01 GMT
server: AmazonS3
etag: "08c1a9cf97473b31623a245f9848b9f9"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: qO_svQ8TI-fAlOGjjT96b6bvKUknKT5Ff3YNFSnUOx9HEPQBZr9OeA==

GET
H2 200 main.js Show response
tools.luckyorange.com/integrations/integration-hubspot/core/ Frame 6EDC 6 KB
3 KB 410ms
410ms Script
application/javascript 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/integrations/integration-hubspot/core/main.js
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=8a0ecc5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6eafda6e421fcd8ac5e141da98af953f63188e3c278de5afb19324598f8cc14e

Request headers

Referer
Origin: http://theretirementgroup-5957063.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:40 GMT
content-encoding: gzip
last-modified: Fri, 05 Nov 2021 19:27:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"7247873faf18ae4b350d0ce91193b76f"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-cache: Miss from cloudfront
x-amz-cf-id: A-3oicK9QL_SkCBHQBFv1UXXknkYJe-JCK3Vd_NoTI81Wimtkg8wrA==
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame DE8C 57 KB
18 KB 418ms
417ms Script
application/javascript 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=8a0ecc5
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=8a0ecc5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4eb3fc82341890850d95b3f98db54d5a7611cc44afbb90cd83d03f455f8f9be8

Request headers

Referer
Origin: http://theretirementgroup-5957063.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:40 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 18350
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2022 16:31:21 GMT
server: AmazonS3
etag: "e7b19089152e3a733640fa404fa3713b"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: bALxWVy-uBDYMUhTh_iedpk1Y-39HWUf3T4bpx_UY7jckQP8p3P0Eg==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 846D 57 KB
18 KB 422ms
421ms Script
application/javascript 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=8a0ecc5
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=8a0ecc5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4eb3fc82341890850d95b3f98db54d5a7611cc44afbb90cd83d03f455f8f9be8

Request headers

Referer
Origin: http://theretirementgroup-5957063.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
content-length: 18350
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2022 16:31:21 GMT
server: AmazonS3
etag: "e7b19089152e3a733640fa404fa3713b"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: fP1uhT4ZAqIzDnLnxqZiCznwa3j3o_i4n3YHgcA_qI2BRCZo0Ta8gQ==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 43CA 57 KB
18 KB 426ms
426ms Script
application/javascript 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=8a0ecc5
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=8a0ecc5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4eb3fc82341890850d95b3f98db54d5a7611cc44afbb90cd83d03f455f8f9be8

Request headers

Referer
Origin: http://theretirementgroup-5957063.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
content-length: 18350
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2022 16:31:21 GMT
server: AmazonS3
etag: "e7b19089152e3a733640fa404fa3713b"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: N6N2zZ3RZSlI7lBQDavXxYWBchEEp62MB7cg3nhtk0btG3to-ZlW_g==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3291833%2C652922&time=1663777359269&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3291833%252C652922%26time%3D1663777359269%26url%3Dhttp%253A%252F%252Ftheretiremen...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3291833%2C652922&time=1663777359269&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f751...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3291833%2C652922&time=1663777359269&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f75...

0
264 B

306ms
182ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3291833%2C652922&time=1663777359269&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&liSync=true&e_ipv6=AQISQr2wEHtmJwAAAYNg28fqY3gAPtbXgFt0Pm8t4Pj9RxeJ2LT6u0ihTk8NwW70hofyVCMieCvECibMIlP5Kk7ZmysdgQ
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E4556810A0A04C31AF03602E3055E8F0 Ref B: FRAEDGE1115 Ref C: 2022-09-21T16:22:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpMlqJKcIw7BM6HIf9NQ==
x-li-fabric: prod-lva1

Redirect headers

date: Wed, 21 Sep 2022 16:22:39 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 470EBAABE2FD4A368E55C5632123FE36 Ref B: FRAEDGE1319 Ref C: 2022-09-21T16:22:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3291833%2C652922&time=1663777359269&url=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&liSync=true&e_ipv6=AQISQr2wEHtmJwAAAYNg28fqY3gAPtbXgFt0Pm8t4Pj9RxeJ2LT6u0ihTk8NwW70hofyVCMieCvECibMIlP5Kk7ZmysdgQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpMlqEwzVeaFNlKv0slA==

GET
H2 200 blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
2 KB 16ms
16ms Image
image/png 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 19:59:51 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:47 GMT
server: AmazonS3
age: 1628569
etag: "2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1283
x-amz-cf-id: lmNT0z0MhTU2SIFbwOs_qvwhpLm-7ox2tdxpirHpq0AMACJjCcAA2A==

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 16ms
16ms Image
image/png 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 19:59:51 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:47 GMT
server: AmazonS3
age: 1628569
etag: "35ce74c31e3ef54462a234340af702d7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1143
x-amz-cf-id: I4ELc1XsOfXaXUVzoqjzSZ4kkFQfJIIsJRRmUyCygdU4aEa7n-oGbg==

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
619 B 17ms
16ms Image
image/png 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 19:59:51 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:47 GMT
server: AmazonS3
age: 1628569
etag: "76f1993de0fd323f67cece8d8e63bfa2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 277
x-amz-cf-id: 37PB34G4t5rniSp_Pi6Nyxh0HWjwbvBDsjMw-YsSvUAcEtzFll6CgA==

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
443 B 192ms
146ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: a67f574d-6bf9-4299-ac66-cf97d17c8dab
x-trace: 2BA187152F730DD75C0214A82673A777AA2DFA414F000000000000000000
x-robots-tag: none
vary: Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 74e42410bfb9020d-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35

GET
BLOB 200
OK 986eb179-986c-4559-8e1a-b5929024fc45
http://theretirementgroup-5957063.hs-sites.com/ Frame 6EDC 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://theretirementgroup-5957063.hs-sites.com/986eb179-986c-4559-8e1a-b5929024fc45
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK 4fdd4212-6af7-40d5-b951-f92a75d341e8
http://theretirementgroup-5957063.hs-sites.com/ Frame 6EDC 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://theretirementgroup-5957063.hs-sites.com/4fdd4212-6af7-40d5-b951-f92a75d341e8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: facdb180b697f86f717823c9b0690f55f4792754d6df3bfe356624240d9a0253

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 22873

GET
H2 200 index.html Show response
tools.luckyorange.com/messenger/ 1 KB
877 B 414ms
414ms Fetch
text/html 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/index.html
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a5e61551f48f60913a298393f904c4d8b35a973d3db3e942e88ef6046e31c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:40 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 18:23:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"cfcb20a3e3b60d673c09fdeca4550343"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/html
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: lv8FaO5JcktGf3m79f9JtDWBrqLmG-Uizft4lpgyDx4nRlM1U3x8dg==
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame EFA5 57 KB
18 KB 39ms
39ms Script
application/javascript 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=8a0ecc5
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=8a0ecc5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4eb3fc82341890850d95b3f98db54d5a7611cc44afbb90cd83d03f455f8f9be8

Request headers

Referer
Origin: http://theretirementgroup-5957063.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:39 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
content-length: 18350
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2022 16:31:21 GMT
server: AmazonS3
etag: "e7b19089152e3a733640fa404fa3713b"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Tb0ctcD2dGhvBujoSE10RfWXBLbzXonQPtE7u-rj5HlhrpZ_465skQ==

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 16ms
15ms Stylesheet
text/css 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 19:59:50 GMT
content-encoding: gzip
last-modified: Fri, 02 Sep 2022 19:59:47 GMT
server: AmazonS3
age: 1628570
etag: W/"7144eaceff0b31347712515a6116074e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: K4iepIicRta3J4BVe26PIHzBSy93LfcNNn9SbxXHmjD0K6UbW72FKA==

GET
BLOB 200
OK ce95b410-79ba-47a0-a426-d94cd1a8135e
http://theretirementgroup-5957063.hs-sites.com/ Frame DE8C 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://theretirementgroup-5957063.hs-sites.com/ce95b410-79ba-47a0-a426-d94cd1a8135e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK beb2ba76-807e-44b1-8d4e-526310df7774
http://theretirementgroup-5957063.hs-sites.com/ Frame DE8C 30 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://theretirementgroup-5957063.hs-sites.com/beb2ba76-807e-44b1-8d4e-526310df7774
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 31224

GET
H2 200 app.51149f0e.css
tools.luckyorange.com/messenger/css/ Frame EFA5 6 KB
2 KB 20ms
19ms Stylesheet
text/css 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/css/app.51149f0e.css
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87365b52e61ce1f1e536bc9d68df10c54806618a91165bfec69a25c2e65ddacd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 01:05:58 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 18:24:02 GMT
server: AmazonS3
age: 1783003
etag: "2eec34d69660ac29976523d6c79d37ef"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1478
x-amz-cf-id: tiZcVbEs-nwKYcGf6J4CvuXx3PUJ2qA9b1TPpp-uYMPhSiIdFuXjqw==

GET
H2 200 chunk-vendors.f7467ed3.css
tools.luckyorange.com/messenger/css/ Frame EFA5 497 B
595 B 20ms
20ms Stylesheet
text/css 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/css/chunk-vendors.f7467ed3.css
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac9859cce1a917e02aed963bf1351b847bd893cab6229204f03af99d71713048

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 01:11:32 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 18:24:02 GMT
server: AmazonS3
age: 2560269
etag: "33cc0e352cc89ef8f4b327f30fb0d595"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 236
x-amz-cf-id: VII5n7GKHD5w-evNF8VQ5nuMg1mx7XQuL2rvgQRCj0zHdgNfROem6A==

GET
H2 200 app.ec05f99c.js Show response
tools.luckyorange.com/messenger/js/ Frame EFA5 124 KB
29 KB 22ms
21ms Script
application/javascript 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/js/app.ec05f99c.js
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2492272c99e57ab9d46f961b8c80aa459a096d5b6b189a972f2e159f2d1117af

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 02:33:12 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 18:24:02 GMT
server: AmazonS3
age: 1950569
etag: "05a16aa6dbbe3fabe315cbbc844d44f3"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 29012
x-amz-cf-id: f844eiXJlx19wP5aAwGDE1uhKS_XT9uq657-yeOl9brr2DqAQKMQfQ==

GET
H2 200 chunk-vendors.67d7e20f.js Show response
tools.luckyorange.com/messenger/js/ Frame EFA5 926 KB
289 KB 35ms
35ms Script
application/javascript 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/js/chunk-vendors.67d7e20f.js
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a25a83fecb1b209713abb8bb9b394a8c9462465f9bd7ed8a75a8dd2a6cf7b942

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 03:30:31 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 18:24:02 GMT
server: AmazonS3
age: 2638330
etag: "4a5b2988a8b578f5c0972c109721942c"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 295686
x-amz-cf-id: LRxT2pomLiVr0_3Rfudo2TazgiGc_m47zVW63JWxkzG64oc_gQa8hg==

POST
H2 204 collect Show response
d.clarity.ms/ 0
25 B 148ms
148ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://theretirementgroup-5957063.hs-sites.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
date: Wed, 21 Sep 2022 16:22:39 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

36f1f3
hello.myfonts.net/count/ Frame EFA5
Redirect Chain

http://hello.myfonts.net/count/36f1f3
https://hello.myfonts.net/count/36f1f3

0
349 B

100ms
38ms

Stylesheet
text/css

2606:4700::6811:f449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/36f1f3
Requested by: Host: client
URL: about:client
Protocol: H2
Server: 2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:22:40 GMT
server: cloudflare
age: 1
expect-ct: null
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 74e4241648e301fc-ZRH
content-length: 0
expires: Thu, 21 Sep 2023 16:22:40 GMT

Redirect headers

Date: Wed, 21 Sep 2022 16:22:40 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://hello.myfonts.net/count/36f1f3
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 74e424159cf301eb-ZRH
Expires: Wed, 21 Sep 2022 17:22:40 GMT

POST
H3 200 search Show response
api-preview.luckyorange.com/conversations/threads/ Frame EFA5 21 B
37 B 176ms
142ms XHR
application/json 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-preview.luckyorange.com/conversations/threads/search
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/js/chunk-vendors.67d7e20f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 89d6f64fc4b6b092d092522cfbfcdcb2c6df75832018868995c3b3422ee1c68e

Request headers

Accept: application/json, text/plain, */*
Referer: http://theretirementgroup-5957063.hs-sites.com/
X-Lucky-Site-Id: 441a497d
accept-language: de-DE,de;q=0.9
X-Lucky-Uid: 441a497d-1663777358503-7232a1adf7d44e22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Sep 2022 16:22:40 GMT
via: 1.1 google
server: envoy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21

OPTIONS
H2 204 search
api-preview.luckyorange.com/conversations/threads/ Frame 0
0 177ms
131ms Preflight 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-preview.luckyorange.com/conversations/threads/search
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-lucky-site-id,x-lucky-uid
Access-Control-Request-Method: POST
Origin: http://theretirementgroup-5957063.hs-sites.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 21 Sep 2022 16:22:40 GMT
server: envoy
via: 1.1 google
x-envoy-upstream-service-time: 1

OPTIONS
H3 204 441a497d-1663777358503-7232a1adf7d44e22
api-preview.luckyorange.com/visitors/ Frame 0
0 132ms
132ms Preflight 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-preview.luckyorange.com/visitors/441a497d-1663777358503-7232a1adf7d44e22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-site-id,x-lucky-uid
Access-Control-Request-Method: GET
Origin: http://theretirementgroup-5957063.hs-sites.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 21 Sep 2022 16:22:40 GMT
server: envoy
via: 1.1 google
x-envoy-upstream-service-time: 1

GET 441a497d-1663777358503-7232a1adf7d44e22
api-preview.luckyorange.com/visitors/ Frame EFA5 0
0

GET
H2 200 lo-symbol.f1058a7b.svg
tools.luckyorange.com/messenger/img/ Frame EFA5 955 B
1 KB 16ms
16ms Image
image/svg+xml 2600:9000:2156:ea00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tools.luckyorange.com/messenger/img/lo-symbol.f1058a7b.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91be5e51e61355ad3d0437321595ef56d38ffb0ecd30fdc1482ecb071d18c1c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 02:33:13 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 18:24:03 GMT
server: AmazonS3
age: 1950568
etag: "f1058a7b7f925134ff12e90f30b6927b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 955
x-amz-cf-id: o-RMQyrutFInLLsAVQnh77Exs5cymjwwF5nFJbzmMhdg3faT4KB4eA==

POST
H/1.1 200
OK perf Show response
theretirementgroup-5957063.hs-sites.com/_hcms/ 2 B
437 B 510ms
509ms XHR
text/plain 2606:4700::6810:7568
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://theretirementgroup-5957063.hs-sites.com/_hcms/perf
Requested by: Host: theretirementgroup-5957063.hs-sites.com
URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
Protocol: HTTP/1.1
Server: 2606:4700::6810:7568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/json

Response headers

CF-Ray: 74e424204ccd23af-ZRH
Date: Wed, 21 Sep 2022 16:22:42 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
X-HubSpot-Correlation-Id: 6cfbf885-b34c-4f86-afd2-2dbd92e1347f
X-Trace: 2BDF54D2006B2B287DF5F1EE2DE76473E918928931000000000000000000
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-Robots-Tag: none
Content-Length: 2

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 276ms
275ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://theretirementgroup-5957063.hs-sites.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
date: Wed, 21 Sep 2022 16:22:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 68ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H6PJX1CEZ2&gtm=2oe9j0&_p=526208288&cid=1216138850.1663777358&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1663777358&sct=1&seg=0&dl=http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511&dt=&en=scroll&epn.percent_scrolled=90&_et=14
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6PJX1CEZ2&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://theretirementgroup-5957063.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 16:22:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://theretirementgroup-5957063.hs-sites.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api-preview.luckyorange.com
URL: https://api-preview.luckyorange.com/visitors/441a497d-1663777358503-7232a1adf7d44e22

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hs-sites.com/	1969-12-31 23:59:59	Name: __cfruid Value: cc1be0c63e437280cd35abeec073ea3bf25f8521-1663777357
.hs-sites.com/	1970-01-20 08:19:13	Name: _gcl_au Value: 1.1.1473211278.1663777358
.bing.com/	1970-01-20 15:31:13	Name: MUID Value: 3D996DE7DC0A6F38028A7FC1DD616E96
.hs-sites.com/	1970-01-20 15:45:37	Name: _ga_H6PJX1CEZ2 Value: GS1.1.1663777358.1.0.1663777358.0.0.0
.hs-sites.com/	1970-01-20 15:45:37	Name: _ga Value: GA1.1.1216138850.1663777358
.doubleclick.net/	1970-01-20 06:09:38	Name: test_cookie Value: CheckForPermission
.hs-sites.com/	1970-01-20 06:11:03	Name: _uetsid Value: 9bee6a2039c911edabbaf56e5e13b7a2
.hs-sites.com/	1970-01-20 15:31:13	Name: _uetvid Value: 9bee8b0039c911ed819fdb00a539acc5
www.clarity.ms/	1970-01-20 14:55:13	Name: CLID Value: 34fd51ab10ec4cbd8de5373517f043af.20220921.20230921
.hubspot.com/	1970-01-20 06:09:39	Name: __cf_bm Value: IEHfscVjjUQEFYvRNoxRbiMY5EJAJjdlwFGoAHVy.VY-1663777358-0-AYXv4CrJ4Pfd4FLfUkbZ+5hMFLjMsc4lCJ7RH/tj8MV7+sDg6hE3o4J5Vr1YA/A1DdvyFoZN7b6Y1YlNAmfyaEY=
.hs-sites.com/	1970-01-20 14:55:13	Name: _clck Value: 1ngg2sh\|1\|f52\|0
.retirekit.theretirementgroup.com/	1969-12-31 23:59:59	Name: __cfruid Value: 63c3145a3187e82b4e3f09e0423ff2d69db068b1-1663777358
.hs-sites.com/	1970-01-20 10:28:49	Name: __hstc Value: 233546881.5e7fe407b89b2effe7ac16a6209fab4e.1663777358947.1663777358947.1663777358947.1
.hs-sites.com/	1970-01-20 10:28:49	Name: hubspotutk Value: 5e7fe407b89b2effe7ac16a6209fab4e
.hs-sites.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.hs-sites.com/	1970-01-20 06:09:39	Name: __hssc Value: 233546881.1.1663777358948
.retirekit.theretirementgroup.com/	1970-01-20 06:09:39	Name: __cf_bm Value: vWGePmwBP1Rcb2Xa8IynvUbtcCA1pIYGQE6odr5UJ4w-1663777358-0-ASxzP0PPhqkF71zEMGIcWMmxDd4Tj0S7gzdvzTwUCgzPx64QhbFxuaMOAkFu3dEwToWyY/ZUM/8Ne5GcIyeZaBQ=
.c.bing.com/	1970-01-20 15:31:13	Name: SRM_B Value: 3D996DE7DC0A6F38028A7FC1DD616E96
.hs-sites.com/	1970-01-20 15:45:37	Name: lo-uid Value: 441a497d-1663777358503-7232a1adf7d44e22
.hs-sites.com/	1970-01-20 15:45:37	Name: lo-visits Value: 1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:31:13	Name: MUID Value: 3D996DE7DC0A6F38028A7FC1DD616E96
.c.clarity.ms/	1970-01-20 06:09:37	Name: ANONCHK Value: 0
.hs-sites.com/	1970-01-20 15:45:37	Name: _lo_uid Value: 197266-1663777358305-6cedac92a9e6bb20
.hs-sites.com/	1970-01-20 06:09:37	Name: _lorid Value: 197266-1663777358305-429fab0f6cabbb0f
.hs-sites.com/	1970-01-20 14:55:13	Name: _lo_v Value: 1
.hs-sites.com/	1970-01-20 10:28:49	Name: __lotl Value: http%3A%2F%2Ftheretirementgroup-5957063.hs-sites.com%2F-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511
.linkedin.com/	1970-01-20 06:52:49	Name: UserMatchHistory Value: AQIDD6eDLSzwLwAAAYNg28aXIRA_735yrM7JkAgfE-i2xQr-PmFlk8OsxRk0oe53D9wiFBOkgxJWUg
.linkedin.com/	1970-01-20 06:52:49	Name: AnalyticsSyncHistory Value: AQLau03bjQOCFQAAAYNg28aX1-zeDmqZgccN9nWiDFK_owsXDoOLg6XtF89UbA2el04vuk5C021hwu0K7lkqXA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:55:13	Name: bcookie Value: "v=2&54a27431-a0c1-421b-8cff-43369c00c4d5"
.linkedin.com/	1970-01-20 06:11:03	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2408:u=1:x=1:i=1663777359:t=1663863759:v=2:sig=AQEAvKkam3wxiy0L0vCOnJ9WR5ZkpiLo"
.hs-sites.com/	1970-01-20 06:11:03	Name: _clsk Value: ini8m7\|1663777359591\|1\|1\|d.clarity.ms/collect
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:55:13	Name: bscookie Value: "v=1&20220921162239b76641f6-c682-4313-8ce5-1f4173be8f0bAQELlbqaEt-EZRWLVsafu2vpIWrHUttn"
.linkedin.com/	1970-01-20 10:28:49	Name: li_gc Value: MTswOzE2NjM3NzczNTk7MjswMjELCYyXcaWJgS1Sfqwi8Q9t1n57Yyy21hjXXC0ZPM8B0Q==
.myfonts.net/	1970-01-20 06:09:39	Name: __cf_bm Value: 9yu.KhyCC2zn0Md5osdLDMicJlreh1sPOYL3a7SP.c0-1663777360-0-Ab9YHqd6CDUjq5I6isVITxygn45G7T2uOi4b+AAAPUtO6tUlMcfuox1gs2JM/y0Yf0mT3fnD52/3On9+O5bowy0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://theretirementgroup-5957063.hs-sites.com/-temporary-slug-afeb31f8-3e6d-40ff-85fb-69312a4f7511 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://api-iam.intercom.io/messenger/web/ping Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5957063.fs1.hubspotusercontent-na1.net
api-iam.intercom.io
api-preview.luckyorange.com
api.hubapi.com
app.hubspot.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.neverbounce.com
cdn2.hubspot.net
d.clarity.ms
d10lpsik1i8c69.cloudfront.net
forms.hsforms.com
forms.hubspot.com
g1188506010.co
g792337340.co
googleads.g.doubleclick.net
hello.myfonts.net
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.intercomcdn.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
retirekit.theretirementgroup.com
settings.luckyorange.com
settings.luckyorange.net
snap.licdn.com
static.fmgsuite.com
static.hotjar.com
static.hsappstatic.net
static.hsstatic.net
there11178.pcapredict.com
theretirementgroup-5957063.hs-sites.com
tools.luckyorange.com
track.hubspot.com
widget.intercom.io
www.clarity.ms
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
api-preview.luckyorange.com
108.138.17.98
13.107.42.14
13.32.99.57
142.250.181.226
143.204.214.192
172.67.75.100
18.205.45.130
18.66.147.43
20.234.93.27
2001:4860:4802:34::36
2600:1901:0:7d2::
2600:9000:2156:ea00:18:6c16:27c0:93a1
2600:9000:2490:c00:11:ad6d:cf00:93a1
2606:2c40::c73c:671f
2606:4700:4400::6812:2128
2606:4700:4400::6812:21ab
2606:4700::6810:5905
2606:4700::6810:7568
2606:4700::6811:47b0
2606:4700::6811:71b0
2606:4700::6811:7d2
2606:4700::6811:82ab
2606:4700::6811:aec8
2606:4700::6811:c9cc
2606:4700::6811:e7cc
2606:4700::6811:f1cc
2606:4700::6811:f449
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:46::44
2620:1ec:c11::200
2a00:1450:4001:809::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
2a02:26f0:3500:16::215:14a0
34.107.203.234
34.117.233.127
40.76.174.66
65.9.66.91
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb
154f9f846ea52b2ce116318dccab9837fe4fd1c2db89ef28b6135d6ca43ad6fa
164be45e6be04413cd65094b16f32e1a0860a2b52a93468fa1d53f09a29f9c5b
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
215fea77d1b996f5f1e5e86bcb35807e53b10f85113047ab17653c7ba02f00ee
2492272c99e57ab9d46f961b8c80aa459a096d5b6b189a972f2e159f2d1117af
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
270a370311bb246a1b54005d05dbb6d51b4f20ac2c3dc19d98e68c20633eeecd
28a2e1fac36c0234bbe1ed8941da180c2060e2033a653f5b3f1e8973c1a45cb0
2bb1bcb06be52f896210198c25a51890ab1bc31c37ecca12b0482fa6817820a4
2bb70668c3a697c9dbeec81da46b468369fea6591ff492d152949f10b07927ec
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
32c7ad96308f6af745d811cb40e0922506fd8a3cec66da79bd81dd5538f4b51b
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3aeda3eb756ae4f403645d59e56e57e5b1ef3f4ead2742c240339b773bf8fc61
3d95df5f9ed7a7604c8307ed90696df90d5747170e945579e2d5c0881ad66fb3
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
4eb3fc82341890850d95b3f98db54d5a7611cc44afbb90cd83d03f455f8f9be8
5370f9aebf11ddcedc652db31afd5b3c2ec7123ecb68f075a9494f4f692620b5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb
58cb0b8c4b7f9c89be1ec675bc1f99f484ba6f53107d0014e8ef5581269459ad
607d571f40b505cc56997c0e242ff9dfdc90d5591651533aa7524d08460ecb11
689ac5216e5e044a5834d0f8446fb6f4cddae3bfe496134bb2a0d0fdaed25ed0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c1dd2850b0994538e73ec503b146d865c6fc24e612a7a00fc5aae8a1c71a453
6eafda6e421fcd8ac5e141da98af953f63188e3c278de5afb19324598f8cc14e
7320ceea5c47b2ab9122f0ffce6396a6768b250fb7637a24937a212ca0552a86
796e2286b5d7de72fa39d1bda2e168d18d1adebdaf53b8c50f800b192d57b984
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
87365b52e61ce1f1e536bc9d68df10c54806618a91165bfec69a25c2e65ddacd
88cec41f64559290087dbf9ed8b0cd08a798660963feed233671c39d90b75100
89d6f64fc4b6b092d092522cfbfcdcb2c6df75832018868995c3b3422ee1c68e
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
90b227b3dae06f271673703d1243294176b5dd61451e9f551cc187e331252140
91be5e51e61355ad3d0437321595ef56d38ffb0ecd30fdc1482ecb071d18c1c0
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f
9a5e61551f48f60913a298393f904c4d8b35a973d3db3e942e88ef6046e31c87
9eaf29c79712ea88600538e8068c436ed6ea89b1e0a236d73ad7483f56dad075
9f2d47516d007e01db3d27daba1ba1388c1148f0c2ea77f54ab3b15df1cc733f
a25a83fecb1b209713abb8bb9b394a8c9462465f9bd7ed8a75a8dd2a6cf7b942
ac9859cce1a917e02aed963bf1351b847bd893cab6229204f03af99d71713048
ad96268c084f73bfd7caff9b12708aaa3958f5b691852a66ca6edbff5cbb3b97
b25b6da7cac638479a8c7d633f3615af0ce60e2da6e8d90b74ad99b1f00f966d
b263adfb9ff9c13c1a4d89d5c8b465acddf5d2dd93b442cb9a6aca1a60fac1a9
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b688dbfb414971a0ec75448083128b19f398c757f2b00006ad9df736ec423f6c
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee
c08f9fdd969cd7eac9b18f1de4be38d1ea4650583a3860a774ce034fe99e7532
c14631222ec9e2c46d6fbf74532cacf1ac3bc3e19d53be6c5a02829b0e08f717
c4ba4c8fe7b99043a9d210d70a9ab15828bcbfef561dadbe95ac10f30eea3981
c4cd75adc03675cf1f97860824e512e2413ff1c16c67e76d15706415a7dbbbc3
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e
c9c171ea76ea0e419ab01c14eb3b61116301d60f8cc263de243c6717c0e874f9
cfb4d8e2fe93a564a78948f5903a96d8736d655d4765ade6d390317c31616c51
d1267c11ca67937890903f649f995d7575caac5a85c3ebb8f436ae25000fe6cd
d164f1ca2c7eccb8418bb85f297ea20677908da34f074de7597fc8561c421d1a
d3208cfa5ef112cb02b5c9b160f3f40a75961b113c5de6017416704eadc88999
d39868b5840702e61160b50ff8bbc582582b92399179f27a33738563a7fd2ade
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34596b6202d6fa60e6716441d8309ff1abd8136c22a7124506f33e9f1f46108
facdb180b697f86f717823c9b0690f55f4792754d6df3bfe356624240d9a0253
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0
fd9c50f3f0b864600334ab89b24b4b6130e6392a573b8c49cbfdeb238459848c
ff2429c38fa33dd294ea971c72a4b8580536c0d1854fe86cf61dbaa425d454ad

theretirementgroup-5957063.hs-sites.com Open in urlscan Pro 2606:4700::6810:7568 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

95 Requests

83 %HTTPS

68 %IPv6

36 Domains

46 Subdomains

40 IPs

3 Countries

1362 kBTransfer

4427 kBSize

37 Cookies

23 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

theretirementgroup-5957063.hs-sites.com Open in urlscan Pro
2606:4700::6810:7568 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

83 %
HTTPS

68 %
IPv6

36
Domains

46
Subdomains

40
IPs

3
Countries

1362 kB
Transfer

4427 kB
Size

37
Cookies

95 HTTP transactions
0 data transactions