www.protectingwealthkit-native.com Open in urlscan Pro
3.69.136.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.conservative-politics.com/a/1537/click/14856/3661726/425c13f513bdfb70ad5e78e20a6191383abcbd67/437bd60e5b02fdb4d7bc1e74a6dc...
Effective URL:
https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=P...
Submission: On October 10 via api (October 10th 2023, 12:17:18 am UTC) from NL — Scanned from NL

Summary HTTP 85 Redirects Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 34 domains to perform 85 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.protectingwealthkit-native.com.
TLS certificate: Issued by R3 on September 6th 2023. Valid for: 3 months.

This is the only time www.protectingwealthkit-native.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	20.225.97.235 20.225.97.235	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	18.193.209.105 18.193.209.105	16509 (AMAZON-02) (AMAZON-02)
1	3.69.136.55 3.69.136.55	16509 (AMAZON-02) (AMAZON-02)
2	13.224.189.14 13.224.189.14	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:5e00:b:3165:13c0:21	16509 (AMAZON-02) (AMAZON-02)
1	34.111.80.119 34.111.80.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	184.72.178.168 184.72.178.168	14618 (AMAZON-AES) (AMAZON-AES)
1 4	44.199.123.65 44.199.123.65	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:dc00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
16	52.222.250.12 52.222.250.12	16509 (AMAZON-02) (AMAZON-02)
3	13.32.99.67 13.32.99.67	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::10 2a02:2638:d::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:4400::6812:27b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	13.32.99.8 13.32.99.8	16509 (AMAZON-02) (AMAZON-02)
3	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
1 5	2606:4700:20:... 2606:4700:20::681a:3b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	108.138.17.27 108.138.17.27	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	35.82.85.66 35.82.85.66	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::ac43:484f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:be59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:fba8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
85	40

2 35.238.129.105 (Council Bluffs, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.conservative-politics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.225.97.235 (San Antonio, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rs-stripe.conservative-politics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.rev-stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.209.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com

track.roinattrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com

www.protectingwealthkit-native.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-14.fra2.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:5e00:b:3165:13c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1wbjksx0xxdn3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.80.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.80.111.34.bc.googleusercontent.com

www.gcjdjhs3e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.72.178.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-178-168.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.199.123.65 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-123-65.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:dc00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.222.250.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-12.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-67.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:27b5 (United States)

ASN13335 (CLOUDFLARENET, US)

df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:3b4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us.mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-27.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.82.85.66 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-85-66.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:484f (United States)

ASN13335 (CLOUDFLARENET, US)

mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:be59 (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:fba8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cloudfront.net d1wbjksx0xxdn3.cloudfront.net d9hhrg4mnvzow.cloudfront.net	279 KB
6	mgln.ai 1 redirects cdn.mgln.ai — Cisco Umbrella Rank: 143946 mgln.ai — Cisco Umbrella Rank: 35651 us.mgln.ai — Cisco Umbrella Rank: 215511	5 KB
6	criteo.com 2 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4198 sslwidget.criteo.com — Cisco Umbrella Rank: 2408 widget.us.criteo.com — Cisco Umbrella Rank: 25599 gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541	29 KB
6	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 27104 cdn.trustedform.com — Cisco Umbrella Rank: 31790	37 KB
4	google.nl www.google.nl — Cisco Umbrella Rank: 8860	780 B
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2	883 B
4	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 7018 track.hubspot.com — Cisco Umbrella Rank: 2658 api.hubspot.com — Cisco Umbrella Rank: 5258	23 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	353 KB
3	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 10398 js.callrail.com — Cisco Umbrella Rank: 11864	12 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	2 KB
3	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 31611	66 KB
3	conservative-politics.com 3 redirects links.conservative-politics.com rs-stripe.conservative-politics.com	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 521	1 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 3200	123 B
2	gstatic.com www.gstatic.com	20 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 869	514 B
2	t.co t.co — Cisco Umbrella Rank: 614	493 B
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 53383 business.newsbreak.com — Cisco Umbrella Rank: 15476	3 KB
2	ubembed.com df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com — Cisco Umbrella Rank: 742877 assets.ubembed.com — Cisco Umbrella Rank: 13511	49 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	89 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 36641	244 B
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 26844	37 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5287	22 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2528	20 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 8407	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 153	425 B
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 3174	6 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 792	15 KB
1	gcjdjhs3e.com www.gcjdjhs3e.com — Cisco Umbrella Rank: 790689	19 KB
1	protectingwealthkit-native.com www.protectingwealthkit-native.com	10 KB
1	roinattrack.com 1 redirects track.roinattrack.com — Cisco Umbrella Rank: 238680	732 B
1	rev-stripe.com 1 redirects tr.rev-stripe.com — Cisco Umbrella Rank: 139348	417 B
85	34

	Domain	Requested by
16	d9hhrg4mnvzow.cloudfront.net	www.protectingwealthkit-native.com cdn.trustedform.com
4	mgln.ai	1 redirects cdn.mgln.ai
4	www.google.nl	www.protectingwealthkit-native.com
4	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
4	www.googletagmanager.com	www.protectingwealthkit-native.com www.googletagmanager.com
3	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
2	api.hubspot.com	js.usemessages.com
2	pixel.tapad.com	2 redirects
2	js.callrail.com	cdn.callrail.com
2	www.google.com	www.protectingwealthkit-native.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	analytics.twitter.com	www.protectingwealthkit-native.com cdn.trustedform.com
2	t.co	www.protectingwealthkit-native.com cdn.trustedform.com
2	connect.facebook.net	www.protectingwealthkit-native.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	cdn.trustedform.com	www.protectingwealthkit-native.com api.trustedform.com
2	events.ub-analytics.com	d1wbjksx0xxdn3.cloudfront.net
2	builder-assets.unbounce.com	www.protectingwealthkit-native.com
2	links.conservative-politics.com	2 redirects
1	js.usemessages.com	js-na1.hs-scripts.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hubspot.com
1	us.mgln.ai	www.protectingwealthkit-native.com
1	www.facebook.com	www.protectingwealthkit-native.com
1	www.googleadservices.com	1 redirects
1	mug.criteo.com	www.protectingwealthkit-native.com
1	business.newsbreak.com	static.newsbreak.com
1	assets.ubembed.com	df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	widget.us.criteo.com	www.protectingwealthkit-native.com
1	sslwidget.criteo.com	1 redirects
1	cdn.mgln.ai	www.protectingwealthkit-native.com
1	cdn.callrail.com	www.googletagmanager.com
1	static.newsbreak.com	www.protectingwealthkit-native.com
1	cdn.pdst.fm	www.protectingwealthkit-native.com
1	static.ads-twitter.com	www.protectingwealthkit-native.com
1	df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	js.hubspot.com	www.protectingwealthkit-native.com
1	www.gcjdjhs3e.com	www.protectingwealthkit-native.com
1	d1wbjksx0xxdn3.cloudfront.net	www.protectingwealthkit-native.com
1	www.protectingwealthkit-native.com
1	track.roinattrack.com	1 redirects
1	tr.rev-stripe.com	1 redirects
1	rs-stripe.conservative-politics.com	1 redirects
85	50

This site contains no links.

Subject Issuer	Validity	Valid
www.protectingwealthkit-native.com R3	`2023-09-06` - `2023-12-05`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
gcjdjhs3e.com Starfield Secure Certificate Authority - G2	`2023-03-14` - `2024-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.js.ubembed.com E1	`2023-08-21` - `2023-11-19`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-09-22` - `2023-12-21`	3 months	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-06-25` - `2024-07-23`	a year	crt.sh
swappy.callrail.com Amazon RSA 2048 M02	`2023-07-11` - `2024-08-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-12` - `2023-11-12`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-11-14` - `2023-11-14`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Frame ID: FDDA5C2224FDEA49899A848ACDA85F83
Requests: 81 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.protectingwealthkit-native.com&origin=onetag
Frame ID: 9321569D8EE14AA8D9F4619B15F50193
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Retirement News | Sean Hannity

Page URL History Show full URLs

http://links.conservative-politics.com/a/1537/click/14856/3661726/425c13f513bdfb70ad5e78e20a6191383abcbd67/437bd60e... HTTP 308
https://links.conservative-politics.com/a/1537/click/14856/3661726/425c13f513bdfb70ad5e78e20a6191383abcbd67/437bd60e... HTTP 302
https://rs-stripe.conservative-politics.com/stripe/redirect?cs_email=dave.grootegoed@draeger.com&cs_stripeid=121116&cs_o... HTTP 301
https://tr.rev-stripe.com/stripe/redirect?cs_email=dave.grootegoed@draeger.com&cs_stripeid=121116&cs_o... HTTP 303
https://track.roinattrack.com/c5fba42c-3704-439f-bca7-67e0fecdc6b9?devicetype=apple&campline=27993&pub=286... HTTP 302
https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-9... Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

85
Requests

93 %
HTTPS

49 %
IPv6

34
Domains

50
Subdomains

40
IPs

4
Countries

1130 kB
Transfer

2826 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.conservative-politics.com/a/1537/click/14856/3661726/425c13f513bdfb70ad5e78e20a6191383abcbd67/437bd60e5b02fdb4d7bc1e74a6dc1234919110ea/ HTTP 308
https://links.conservative-politics.com/a/1537/click/14856/3661726/425c13f513bdfb70ad5e78e20a6191383abcbd67/437bd60e5b02fdb4d7bc1e74a6dc1234919110ea/ HTTP 302
https://rs-stripe.conservative-politics.com/stripe/redirect?cs_email=dave.grootegoed@draeger.com&cs_stripeid=121116&cs_offset=2&cs_esp=maropost HTTP 301
https://tr.rev-stripe.com/stripe/redirect?cs_email=dave.grootegoed@draeger.com&cs_stripeid=121116&cs_offset=2&cs_esp=maropost HTTP 303
https://track.roinattrack.com/c5fba42c-3704-439f-bca7-67e0fecdc6b9?devicetype=apple&campline=27993&pub=2862&cst=0.41&pi_adid=904880&pi_clickid=edba33c92c304fc3b7aa59d5f4e052ee HTTP 302
https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16968970332280.06933798914833056 HTTP 301
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16968970332280.06933798914833056

Request Chain 40

https://sslwidget.criteo.com/event?a=99723&v=5.18.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26pr%3D0%26p%3D1&p2=e%3Ddis&adce=1&tld=protectingwealthkit-native.com&dy=1&fu=https%253A%252F%252Fwww.protectingwealthkit-native.com%252F4822%252F%253F%253Fsfcid%253D701Qh000001kFI7%2526ls%253D001-Native-Power-Inbox-October-2023%2526cn%253D855-910-6027%2526utm_source%253DPower-Inbox-October-2023%2526utm_medium%253DNative%2526utm_campaign%253D701Qh000001kFI7%2526cid%253Dw44sn5rn004meg6s2lsiom9c&ceid=8b081f81-8ffd-4b30-beaf-347ac12dd1cb&dtycbr=55242 HTTP 302
https://widget.us.criteo.com/event?a=99723&v=5.18.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26pr%3D0%26p%3D1&p2=e%3Ddis&adce=1&tld=protectingwealthkit-native.com&dy=1&fu=https%253A%252F%252Fwww.protectingwealthkit-native.com%252F4822%252F%253F%253Fsfcid%253D701Qh000001kFI7%2526ls%253D001-Native-Power-Inbox-October-2023%2526cn%253D855-910-6027%2526utm_source%253DPower-Inbox-October-2023%2526utm_medium%253DNative%2526utm_campaign%253D701Qh000001kFI7%2526cid%253Dw44sn5rn004meg6s2lsiom9c&ceid=8b081f81-8ffd-4b30-beaf-347ac12dd1cb&dtycbr=55242

Request Chain 54

https://gum.criteo.com/sid/json?origin=onetag&domain=protectingwealthkit-native.com&sn=ChromeSyncframe&so=0&topUrl=www.protectingwealthkit-native.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=AnTZLXw0WTNwdkdZT0RWZ2xLM0lWbk5HZ3NSK2hSUVBIODU4VEl5VTRQNVpyWlJ5d2toZ2RMYVMyRVZ4MDk5a0NIbVlrSFk1aUtqcG1hMEJsZERERzZ0WVAzTmppb3lOVjErZDhRamdXOXlBa2xFTENBR2xzOEw2eDQvZ3ZrYnlaRnl5NTdla29ialp2MTNqcjhpLzdjU0ZGc1lSd2FVYnlRNDd5YzUycFBMc0VQc2JYbHU2RnFDU0RWc0p4bFd2TzBLUlJZZUNTSEpLWTJPSjNVNmpMTFI3M3RuOHF6WERlZGF3R0hYTzhqdU90QkJyazBMS01tZC9SRUlRVUFqRE5ibDNnU3BlZjhZTXhnYXg3RjNMeG9mTkJvZldKL01NS096WGRXSmRCdUFhUEpXOD18&cppv=2

Request Chain 59

https://www.googleadservices.com/pagead/conversion/964382751/wcm?cc=ZZ&dn=8554653472&cl=PrYxCOGT_csBEJ-g7csD&ct_eid=2 HTTP 302
https://www.google.nl/pagead/attribution/wcm?cc=ZZ&dn=8554653472&cl=PrYxCOGT_csBEJ-g7csD

Request Chain 63

https://mgln.ai/pixel/sync.gif HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3365&partner_device_id=257a73e2-8aa7-407b-8fc4-432027ef8cd7&partner_url=https%3A%2F%2Fus.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3365&partner_device_id=257a73e2-8aa7-407b-8fc4-432027ef8cd7&partner_url=https%3A%2F%2Fus.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://us.mgln.ai/pixel?tapad_id=31db1ebb-36b7-48c2-93f2-13baf5f8a606

85 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.protectingwealthkit-native.com/4822/
Redirect Chain

http://links.conservative-politics.com/a/1537/click/14856/3661726/425c13f513bdfb70ad5e78e20a6191383abcbd67/437bd60e5b02fdb4d7bc1e74a6dc1234919110ea/
https://links.conservative-politics.com/a/1537/click/14856/3661726/425c13f513bdfb70ad5e78e20a6191383abcbd67/437bd60e5b02fdb4d7bc1e74a6dc1234919110ea/
https://rs-stripe.conservative-politics.com/stripe/redirect?cs_email=dave.grootegoed@draeger.com&cs_stripeid=121116&cs_offset=2&cs_esp=maropost
https://tr.rev-stripe.com/stripe/redirect?cs_email=dave.grootegoed@draeger.com&cs_stripeid=121116&cs_offset=2&cs_esp=maropost
https://track.roinattrack.com/c5fba42c-3704-439f-bca7-67e0fecdc6b9?devicetype=apple&campline=27993&pub=2862&cst=0.41&pi_adid=904880&pi_clickid=edba33c92c304fc3b7aa59d5f4e052ee
https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701...

54 KB
10 KB

140ms
36ms

Document
text/html

3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 25c1352fda5bb80ed562d19e654b03c30619c1af19b33c33161ec3b5e7941a60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-length: 9160
content-location: https://www.protectingwealthkit-native.com/4822/
content-type: text/html; charset=utf-8
date: Tue, 10 Oct 2023 00:17:12 GMT
etag: "d:657ae838d0624a91a0ffaaab9870cd38"
link: <https://www.protectingwealthkit-native.com/4822/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: d47a1fc1-6697-4389-bb6a-579f46793b11
x-unbounce-variant: d
x-unbounce-visitorid: 657ae838-d062-4a91-a0ff-aaab9870cd38

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Tue, 10 Oct 2023 00:17:12 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
pragma: no-cache
server: nginx

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 121ms
33ms Stylesheet
text/css 13.224.189.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-14.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:43 GMT
content-encoding: gzip
via: 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
x-amz-version-id: fMGT9YqOCj6GvXj65o03BPFmMJDaNxvc
x-amz-cf-pop: FRA2-C1
age: 6503010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
last-modified: Tue, 11 Jul 2023 16:18:48 GMT
server: AmazonS3
etag: "99b89a3d5f7bab4f89aad694ef70a6d8"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: oo0Nioxw0e_NB9br-73bwvLrwjKkXsCwMGxj6SLNhRt3Yzk5Oer_YA==

GET
H2 200 bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js Show response
d1wbjksx0xxdn3.cloudfront.net/lts/ 43 KB
43 KB 124ms
37ms Script
application/javascript 2600:9000:223e:5e00:b:3165:13c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wbjksx0xxdn3.cloudfront.net/lts/bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:5e00:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92175bf4a96909409add4c3f85b28af6a234ac81972ce9c2a17aa261172b30ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 21:12:38 GMT
x-amz-version-id: L8NSUzd.VhCea40EMWB5R42ATfjEGDgY
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified: Tue, 26 Sep 2023 20:49:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 1134276
etag: "e31f6a704f0c9b178435edc2658c9e37"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43694
x-amz-cf-id: QdL4iOrZgwpRn2BnCcTdijCoU3IjsoxFhew2U58AVFjeWAmbfGHuCg==

GET
H2 200 everflow.js Show response
www.gcjdjhs3e.com/scripts/sdk/ 60 KB
19 KB 216ms
128ms Script
text/javascript 34.111.80.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gcjdjhs3e.com/scripts/sdk/everflow.js
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.80.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.80.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 30c7fe83526fffa4fcfc81960bdbfe988d4742caded8244074ec42cad6c6d7cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:13 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: bad5a00a-4e01-4dc9-9e28-f04b8864dfb8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
92 KB 129ms
54ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RMR6FP5GFT

Requested by

Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e406ee05e5a2d4a9efd5d6a5154b5d96e41e53a059c5a690953fc791e2932fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94277
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Oct 2023 00:17:13 GMT

GET
H2 200 main.bundle-b8bce47.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 38ms
37ms Script
application/javascript 13.224.189.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-14.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:30:14 GMT
content-encoding: gzip
via: 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
x-amz-version-id: 6jHAL9fP889t4NCAfewK2ptLZfkpx6Fe
x-amz-cf-pop: FRA2-C1
age: 6745620
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33784
last-modified: Tue, 11 Jul 2023 16:18:45 GMT
server: AmazonS3
etag: "3208b0848f289d158acfc0caf5894954"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZlhhRfYCv47rmDYc0JYkXiG4JNzO6OC_K9JpOSJxM-zGPIZS0pOEHA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 368 KB
101 KB 105ms
104ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c83704468761d117476069a5e9e6ccbb1afa0ec1fb9647047c07356124c3386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103205
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Oct 2023 00:17:13 GMT

GET
H2 200 3704751.js Show response
js.hubspot.com/analytics/ 66 KB
22 KB 210ms
145ms Script
text/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/analytics/3704751.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6317e889f2b7f798454d48f6fb7ad821c1575850120a17a548b347b7c026d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:13 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: 8AZJK0H61YPXJAD3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: d9fbb1f7-0697-4c02-980d-b928f35a142d
x-envoy-upstream-service-time: 32
x-amz-id-2: BokTEIpqs3hvQoAUbRqSN6+I4bdAIp/AFUibjWpv7fST24CAMe6H23/jfasX/GlOMvm2nf/olOs=
x-evy-trace-listener: listener_https
x-request-id: d9fbb1f7-0697-4c02-980d-b928f35a142d
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 15 Sep 2023 17:56:12 GMT
server: cloudflare
etag: W/"920886e8eb90a008c945940dd00ab765"
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYCXjxkI41MFn8oQC%2FpRbE0eDSdc1cjNO1ImfZt6UchmGl1PzIlA2UiuE4m749mOhOUQye7sm%2B1XCgnIz2ZnHyFP0GUpIZUabOAGgBIfPY1%2Fe70Ays24CmpjgPptuU%2FSQBBqPHSHAFwA305X"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-8ghtd
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 813aadda38ab662d-AMS
expires: Tue, 10 Oct 2023 00:22:13 GMT

OPTIONS
H2 200 i
events.ub-analytics.com/_ub/ Frame 0
0 335ms
104ms Preflight 184.72.178.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ub-analytics.com/_ub/i
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.178.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-178-168.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.protectingwealthkit-native.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.protectingwealthkit-native.com
access-control-max-age: 3600
content-length: 0
date: Tue, 10 Oct 2023 00:17:13 GMT
server: akka-http/10.2.9

POST
H2 200 i
events.ub-analytics.com/_ub/ 2 B
244 B 309ms
103ms Ping
text/plain 184.72.178.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ub-analytics.com/_ub/i
Requested by: Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/lts/bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.178.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-178-168.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.protectingwealthkit-native.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.protectingwealthkit-native.com
date: Tue, 10 Oct 2023 00:17:13 GMT
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server: akka-http/10.2.9
content-length: 2
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16968970332280.06933798914833056
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16968970332280.06933798914833056

8 KB
4 KB

246ms
147ms

Script
application/javascript

2600:9000:223d:dc00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16968970332280.06933798914833056
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Server: 2600:9000:223d:dc00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a76d88b7b1a45847972eb466049e9cf80efdba8c87b1ade5ba4fbbd683560ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:15 GMT
x-amz-version-id: YdFZ_HTfVRPt8KhmE7xqqw9DhZRwrykq
content-encoding: gzip
last-modified: Mon, 09 Oct 2023 18:29:37 GMT
server: AmazonS3
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"b344d68cffc8ea1db29bf1fd47d218f0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: 2T-DFfVQBKv8C7ndStd8cP0WqLv3GEy0mf8fyNdMcTui7ZsxRaSACw==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16968970332280.06933798914833056
date: Tue, 10 Oct 2023 00:17:13 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 016ab179-bg-1_11hc0u01hc0fu00000001o.jpg
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 22 KB
23 KB 124ms
38ms Image
image/jpeg 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/016ab179-bg-1_11hc0u01hc0fu00000001o.jpg
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58f7c7c754de9b5fd0e1d2d3feb58c22927ec730e70d4b52e3f195c34be4a848

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 05:11:46 GMT
x-amz-version-id: NIEDKbgkCHxhR9DBewoSBksEUPPjtU_7
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24174328
etag: "6f7287d3b79c0ccbf431b798c86bd4e0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 22633
x-amz-cf-id: H3fZGM3M3U4vIsmECbwCy3O8GEEY6VE09ROuxHaQhsN7Kt9IBW5uuQ==

GET
H2 200 d18cffbc-star-bar-blue_11hc01k00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 7 KB
7 KB 129ms
43ms Image
image/jpeg 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/d18cffbc-star-bar-blue_11hc01k00000000000001o.jpg
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1450ba7d8456a1bce2ae070223cb5657be57e8c8635e748a294f7a81b584de91

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 05:11:46 GMT
x-amz-version-id: ayEPcbP9_NAgkmoGonUVa7K.AcyeQviW
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24174328
etag: "add67b249e340de43b84f074fe5ba62c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 7176
x-amz-cf-id: W0cPZNwX2IAzAmEfi2XHfG75g80DLhlOJBuG4EQMJ1dTuTJkS8G6QQ==

GET
BLOB 200
OK 57708a6f-3d66-48d2-bcc6-f59d6cad4d24
https://www.protectingwealthkit-native.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.protectingwealthkit-native.com/57708a6f-3d66-48d2-bcc6-f59d6cad4d24
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 11 KB
1 KB 122ms
34ms Stylesheet
text/css 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:regular,700,300

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

042f7cef3600e8d7efe2e92f8a207f2e5fc9f8111799ab2fb8f7da095e8c5403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 18:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 20110
x-amzn-requestid: 5f3fe699-7637-4852-a876-39f13a2d7d4d
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: MjBrYGQgIAMEYIQ=
content-length: 835
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-6524497b-5777ee6034ff504b72a22cf7
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: 5ZdCfFAWrKOydi9Hdp4i58Tn4yXXVmR5EB-4u2Dylu1Gy0g03pcBEw==

GET
H2 200 5783b835-advertorial-header-retirement-news-with-sean-hannity-v3_10kr099000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 38 KB
38 KB 105ms
82ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/5783b835-advertorial-header-retirement-news-with-sean-hannity-v3_10kr099000000000000028.png
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4983f5eceeafb7210a2528e8ec888c3cb7aaba5d000ed1756c669e2a94186c0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 11:02:46 GMT
x-amz-version-id: A6BqIL_PUYcF1xBWPi1WW7fRS.cnpqOZ
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Thu, 13 Oct 2022 19:33:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 29855668
etag: "90979cc32ea747b1cea1d804d98129e3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 38928
x-amz-cf-id: 3k4bPRkL71dZ1HvAuVAUU0E1URt0JjVcvctIzZeJ-3_CnnwIX7XZ7w==

GET
H2 200 6e7f02be-check-mark-blue-8_100q00r000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 433 B
827 B 67ms
44ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/6e7f02be-check-mark-blue-8_100q00r000000000000028.png
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d4319f4850dea87c0028b30342636962ae6d5fd80ad3ce72ca71d6bf61d01f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:02 GMT
x-amz-version-id: qwa.GEBPgZxJ.ZMznK1Gn_kCaRLbD9WS
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223992
etag: "b7366a1d4d2c75e490474c9e8038b335"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 433
x-amz-cf-id: xdYiP_NRTqWycDbA6Mws_iyxiuOmcFA2BUF1Ag79FMeyFQ4aygwKKw==

GET
H2 200 f28fdcda-hannity-offer-stack-no-logo-1_109f06f000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 18 KB
19 KB 89ms
66ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/f28fdcda-hannity-offer-stack-no-logo-1_109f06f000000000000028.png
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7b6a52fc13c8f1aea6c893c3db5ef151153de0cd6a61184cd778a715814b59b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:03 GMT
x-amz-version-id: k_1_Wqih8HOu75JFzISzhqIE3.q2dvyJ
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223991
etag: "79145a0f658ce2aec3fcdba71eccaf92"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 18697
x-amz-cf-id: ih5hBgq8Gnqq_zhwtqWh1tkNbKLEjit7gXAL7OJNikl4Y7jp2KO9gQ==

GET
H2 200 61fafb86-hannity-edited_107h0nj07h097000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 27 KB
27 KB 95ms
72ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/61fafb86-hannity-edited_107h0nj07h097000000028.png
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17cda12cacab7a4cdd1fabd9114ba6bf3dd211237cb990a7eb3a4ada7f75c520

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:04 GMT
x-amz-version-id: F21eoCVZA_vgwPWqudGoTInZYZgfhZgW
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223990
etag: "53c8a5c29da79d92a13bdfe7ac7c62f8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 27578
x-amz-cf-id: WLeVHr_CfFsUwon8ntNXOR7BeYm1p5--8TfLJHEfbgRWc2Yp1KZZYQ==

GET
H2 200 b2a93c59-badge-101-2_1036036000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 4 KB
5 KB 86ms
86ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/b2a93c59-badge-101-2_1036036000000000000028.png
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9bf37b194c0de1fcf0407fff6d4038739e6408899af1ef1750fb14bbda27522d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:04 GMT
x-amz-version-id: Le4NWxZlFdH_joAk_pBajUytz8qIxgk_
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223989
etag: "7608ad0251f512f46f0d33068dbd4455"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4416
x-amz-cf-id: mmAQHwxMqtSH8_kNxzDAviGJ8Pulj3WqGDp1fLrBvkSt_NEDyGpJOg==

GET
H2 200 26268d95-sean-hannity-book-mockup-1_105g06h000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 10 KB
11 KB 84ms
84ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/26268d95-sean-hannity-book-mockup-1_105g06h000000000000028.png
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89321b3785ec9c9b07c9c31788281a28d11f8f6d5e322b940cef1ae18ae9af56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:05 GMT
x-amz-version-id: D5_2rC7SDw2olDGBX_8.XTdlO0D.CQoJ
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223989
etag: "6c7252962e08398ecb1e7b848bc97c1f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 10746
x-amz-cf-id: r2yQlZHZl3qsB6BwgVU9QOTjSY_uupand73sMTvbIH-YYxOX_derYA==

GET
H2 200 5aed1041-white-goldco-logo-gold-flame_104501l000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 2 KB
2 KB 87ms
86ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/5aed1041-white-goldco-logo-gold-flame_104501l000000000000028.png
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92a8a1e89f3e916218ba5e54e11a52a4cfca4cb3ac4341f82edf945c98dce7b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:05 GMT
x-amz-version-id: D8U2.nnRIWNAQ.ab.eWUVZaQ7qiV_5ol
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223989
etag: "fc1a83a98feef349bfe188d66eb86108"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1621
x-amz-cf-id: KbV71kie_MdZlf6U_nCxWxV4rFVaQdAQs1kvMaYhw9sHwlXUs9rpSA==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
267 B 303ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RMR6FP5GFT&gtm=45je3a40&_p=1247099412&_gaz=1&cid=482594483.1696897033&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696897033&sct=1&seg=0&dl=https%3A%2F%2Fwww.protectingwealthkit-native.com%2F4822%2F%3F%3Fsfcid%3D701Qh000001kFI7%26ls%3D001-Native-Power-Inbox-October-2023%26cn%3D855-910-6027%26utm_source%3DPower-Inbox-October-2023%26utm_medium%3DNative%26utm_campaign%3D701Qh000001kFI7%26cid%3Dw44sn5rn004meg6s2lsiom9c&dt=Retirement%20News%20%7C%20Sean%20Hannity&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&epn.siteSpeedSampleRate=100
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RMR6FP5GFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.protectingwealthkit-native.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
267 B 312ms
33ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RMR6FP5GFT&cid=482594483.1696897033&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RMR6FP5GFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.protectingwealthkit-native.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 343ms
69ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RMR6FP5GFT&cid=482594483.1696897033&gtm=45je3a40&aip=1&z=207568053

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 313ms
59ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Oct 2023 23:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1540
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 10 Oct 2023 01:51:33 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 319ms
68ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=99273

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

98d5d20f2267b28a5edbbc909523335a973aa79ec153337147d9fa66eeac639a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-964382751

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04bb614638f8b55064ee1ca1e795f1099b5f6f0c45ebb1a6afff8f01157ebf15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81661
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Oct 2023 00:17:13 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-964382751&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RMR6FP5GFT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9fa6a55ebfe734240f73866ee94e2d77795b76967c2ed6698744d949b173d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81654
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Oct 2023 00:17:13 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 279ms
35ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 10 Oct 2023 00:17:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: WSMQtWqrz/inH3gHvW0nZ8psXOPTgXRhEsQ82Mh+43cocR6t9b5xgKcixRSJHBA3qpLTT7aEJHBnyN43NpRotA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com/ 468 B
717 B 409ms
160ms Script
application/javascript 2606:4700:4400::6812:27b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54937305736d1d944401888374357edd5dc2a559486e646c787924523b76aff1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:13 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
etag: W/"c8e9fb4abfbce4447cadff645cbeb56e-v0.180.1"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 813aaddc9a211cb6-AMS

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 262ms
31ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:13 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-fra-eddf8230083-FRA

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 220ms
26ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 23:28:49 GMT
content-encoding: gzip
age: 2904
x-guploader-uploadid: ADPycdt3AifeLY-dx9cR79YcbLVGyJGgcZjgykV83jy_0HHwyU6qrxvzsH1UtOXm3cXew3uG9Ccpv54DnnZbMpFqKZ1WYw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Tue, 10 Oct 2023 00:28:49 GMT

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 274ms
34ms Script
application/javascript 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1696982400000
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
date: Mon, 09 Oct 2023 08:27:45 GMT
x-amz-cf-pop: FRA60-P3
age: 71169
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: rJ8QK1c5s2lt5pEuAvhBhLIX3put77UlwFRMd5vc7PESUPrDt2YLzQ==

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/518085905/ff67d0d16647477f0675/12/ 37 KB
11 KB 370ms
134ms Script
text/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/518085905/ff67d0d16647477f0675/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

cb73b4719b14c82de450fcb8200639710e15128069dcd71a727ba92c239ef7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 74703c58-0b97-4758-b5de-1e147a614779
x-runtime: 0.006239
referrer-policy: strict-origin-when-cross-origin
etag: W/"cb73b4719b14c82de450fcb820063971"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: gnIW4CHluF3gNpJ4bqNFgoASMJtudZEc_fyeH6XvHgvmNzsawtZyNA==

GET
H2 200 pixel.min.js Show response
cdn.mgln.ai/ 4 KB
2 KB 100ms
33ms Script
application/javascript 2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mgln.ai/pixel.min.js
Requested by: Host: www.protectingwealthkit-native.com
URL: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ccd0c0f3d7a88ddbae1648ae059a9e2a52540e691a7af0df30e4d3b2292bbc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:13 GMT
x-amz-version-id: Qluw.Dmpsqk5N8uDOhUTz5or_W6D3CxC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NXFEPP0CBBF292A0
age: 6526
x-amz-id-2: 3+t909IvwlJl6Sf4VmQFJH3zwQUYtxf+GO7Hwv1pAzxG39G/vwQZDZhj+hX9GS8bwf787FOIejU=
last-modified: Thu, 08 Dec 2022 20:53:16 GMT
server: cloudflare
etag: W/"37bf51efaf3af89068b080c2d9635113"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fH81nmLmjdoqnqcpLyMYFWKMGkFN3oDoVYvBK9iZVqT9PhzCUELqgppSUKt5u0wKNaLoj0dylchqr13HP9SXNEVmA67uiAsEAmdXkMY4kYoW6wbOnEhHbmVXbGgtQ%2BrGjttQuc1rJ7kD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 813aaddd3b64b944-AMS

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.ub-assets.com/fonts/s/opensans/v36/ 47 KB
48 KB 115ms
37ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:regular,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:regular,700,300
Origin: https://www.protectingwealthkit-native.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 48432
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 2166120
x-amzn-requestid: 689b13cb-4253-4f9b-9e52-38143129235a
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: LRKZTGUvoAMES9w=
content-length: 48465
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-65038aa1-37dff5dd5cc23cd31fc8b9a3
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: PXg3FCZ3m77wn8E-wmc2Y7t6PbC3ISNXNM-cXg2NQT2OMsnBZ7dJYA==

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.ub-assets.com/fonts/s/opensanscondensed/v23/ 16 KB
17 KB 149ms
72ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:regular,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:regular,700,300
Origin: https://www.protectingwealthkit-native.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 17:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 16324
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 27238953
x-amzn-requestid: 7a6be0af-70e8-4503-87eb-fe5642eceb46
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cUtbJGuDoAMFxcw=
content-length: 16347
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6384f5e0-287fca9e5a6865321fa59bc5
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: AJN8-RcKOd10Lg7oxhHvKHtZeDqXIdH4ZiW2-MexmOKXfhdka1qWjQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
222 B 40ms
39ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1247099412&t=pageview&_s=1&dl=https%3A%2F%2Fwww.protectingwealthkit-native.com%2F4822%2F%3F%3Fsfcid%3D701Qh000001kFI7%26ls%3D001-Native-Power-Inbox-October-2023%26cn%3D855-910-6027%26utm_source%3DPower-Inbox-October-2023%26utm_medium%3DNative%26utm_campaign%3D701Qh000001kFI7%26cid%3Dw44sn5rn004meg6s2lsiom9c&ul=en-us&de=UTF-8&dt=Retirement%20News%20%7C%20Sean%20Hannity&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1726664766&gjid=54031132&cid=482594483.1696897033&tid=UA-27499361-13&_gid=1708562278.1696897034&_r=1&_slc=1&gtm=45He3a40n81NDSFVDK&z=1645990097

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.protectingwealthkit-native.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.protectingwealthkit-native.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 init Show response
mgln.ai/ 0
1 KB 317ms
308ms XHR
text/plain 2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgln.ai/init

Requested by

Host: cdn.mgln.ai
URL: https://cdn.mgln.ai/pixel.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:14 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 0
x-xss-protection: 0
x-request-id: 1c6d291f-fd7b-48d4-9af1-c7b19078cbfd
x-runtime: 0.003289
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.protectingwealthkit-native.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03SRV%2Bt2xufMB3cMJB6IXd6nOoE3cb7IeJBWwO%2FFRXRn%2BE3iMYTP64l0wyN%2BCY6i7Kmv4Qobg4uoZGv7fqiUEC9SP7Q9gBIqKG9me9JUNvxugIvzdl9gi2SmU8lrx%2FgVy9jC7XY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Set-Cookie
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
cf-ray: 813aadddebbdb944-AMS

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=99723&v=5.18.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26pr%3D0%26p%3D1&p2=e%3Ddis&adce=1&tld=protectingwealthkit-native.com&dy=1&fu=https%253...
https://widget.us.criteo.com/event?a=99723&v=5.18.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26pr%3D0%26p%3D1&p2=e%3Ddis&adce=1&tld=protectingwealthkit-native.com&dy=1&fu=https%253...

20 B
365 B

349ms
116ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=99723&v=5.18.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26pr%3D0%26p%3D1&p2=e%3Ddis&adce=1&tld=protectingwealthkit-native.com&dy=1&fu=https%253A%252F%252Fwww.protectingwealthkit-native.com%252F4822%252F%253F%253Fsfcid%253D701Qh000001kFI7%2526ls%253D001-Native-Power-Inbox-October-2023%2526cn%253D855-910-6027%2526utm_source%253DPower-Inbox-October-2023%2526utm_medium%253DNative%2526utm_campaign%253D701Qh000001kFI7%2526cid%253Dw44sn5rn004meg6s2lsiom9c&ceid=8b081f81-8ffd-4b30-beaf-347ac12dd1cb&dtycbr=55242

Requested by

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1becc3540a3ea6804b73defa8cf1308bb04b2bce536b18cb9ac3b4eae6bbc21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9182068
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=99723&v=5.18.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26pr%3D0%26p%3D1&p2=e%3Ddis&adce=1&tld=protectingwealthkit-native.com&dy=1&fu=https%253A%252F%252Fwww.protectingwealthkit-native.com%252F4822%252F%253F%253Fsfcid%253D701Qh000001kFI7%2526ls%253D001-Native-Power-Inbox-October-2023%2526cn%253D855-910-6027%2526utm_source%253DPower-Inbox-October-2023%2526utm_medium%253DNative%2526utm_campaign%253D701Qh000001kFI7%2526cid%253Dw44sn5rn004meg6s2lsiom9c&ceid=8b081f81-8ffd-4b30-beaf-347ac12dd1cb&dtycbr=55242
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3074263
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 952351091531861 Show response
connect.facebook.net/signals/config/ 141 KB
35 KB 192ms
192ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/952351091531861?v=2.9.132&r=stable&domain=www.protectingwealthkit-native.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ce842f1391402668881fad678cda067de05611e7b5b9433ec0767c5622344d2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 10 Oct 2023 00:17:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: lMykUuh67iDI6WbjMPc6aigEh75KU5EMrryLy19WPX9ECRXe/F6EGtHbgbDc9OwbuunRSb8D1jdjkJ7veEKpew==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 198ms
136ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=37febe4b-f0f8-4957-b591-f71cd078901f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=be6ff218-2ccb-40d5-9675-2c33ea9d93f3&tw_document_href=https%3A%2F%2Fwww.protectingwealthkit-native.com%2F4822%2F%3F%3Fsfcid%3D701Qh000001kFI7%26ls%3D001-Native-Power-Inbox-October-2023%26cn%3D855-910-6027%26utm_source%3DPower-Inbox-October-2023%26utm_medium%3DNative%26utm_campaign%3D701Qh000001kFI7%26cid%3Dw44sn5rn004meg6s2lsiom9c&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3n8j&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 106
date: Tue, 10 Oct 2023 00:17:13 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 93b4fe61874a472d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 15a57b166843d58aa63fdfbbd0016ac4e7ed87b1a0aade59a1dcde9ebd0c60fd
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 195ms
133ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=37febe4b-f0f8-4957-b591-f71cd078901f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=be6ff218-2ccb-40d5-9675-2c33ea9d93f3&tw_document_href=https%3A%2F%2Fwww.protectingwealthkit-native.com%2F4822%2F%3F%3Fsfcid%3D701Qh000001kFI7%26ls%3D001-Native-Power-Inbox-October-2023%26cn%3D855-910-6027%26utm_source%3DPower-Inbox-October-2023%26utm_medium%3DNative%26utm_campaign%3D701Qh000001kFI7%26cid%3Dw44sn5rn004meg6s2lsiom9c&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3n8j&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 10 Oct 2023 00:17:13 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: d88e4e95cd7fa928
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e5bf231fe550fc16fa4d83fadcd330d43fbb527867e723c51062279835100d90
content-length: 43

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 108ms
33ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-964382751

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 23:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 10 Oct 2023 00:46:36 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964382751/ 3 KB
2 KB 122ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964382751/?random=1696897033936&cv=11&fst=1696897033936&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.protectingwealthkit-native.com%2F4822%2F%3F%3Fsfcid%3D701Qh000001kFI7%26ls%3D001-Native-Power-Inbox-October-2023%26cn%3D855-910-6027%26utm_source%3DPower-Inbox-October-2023%26utm_medium%3DNative%26utm_campaign%3D701Qh000001kFI7%26cid%3Dw44sn5rn004meg6s2lsiom9c&hn=www.googleadservices.com&frm=0&tiba=Retirement%20News%20%7C%20Sean%20Hannity&auid=307886520.1696897033&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-964382751

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16ff3140df103d109eb1a85c6cf1f0511b7829bad6ae4a9d4ef1ac6e61a263cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1464
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9321 15 KB
6 KB 88ms
33ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.protectingwealthkit-native.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=99273

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.protectingwealthkit-native.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 00:17:13 GMT
server: Kestrel
server-processing-duration-in-ticks: 250270
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 114ms
37ms Script
application/javascript 108.138.17.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com
URL: https://df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:37 GMT
content-encoding: gzip
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 12981218
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: JeHK6Vnb0xGEI_-iosCWH6YQUKmTxRClUZiPE2NwxYaTgsdCgzkQLw==

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
123 B 170ms
169ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json
Referer: https://www.protectingwealthkit-native.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 10 Oct 2023 00:17:14 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 9b3a59ce681186b660d0152e8a68f768
cache-control: private
function-execution-id: 8lombf8m5vqp
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 209ms
135ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.protectingwealthkit-native.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Tue, 10 Oct 2023 00:17:14 GMT
function-execution-id: wchlheoqt6xf
server: Google Frontend
x-cloud-trace-context: 3f64105f43bf9e101968aa4869c7fa9a

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 34ms
33ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-27499361-13&cid=482594483.1696897033&jid=1726664766&gjid=54031132&_gid=1708562278.1696897034&_u=YADAAEAAAAAAACAAI~&z=643874183

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.protectingwealthkit-native.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 10 Oct 2023 00:17:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.protectingwealthkit-native.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 528ms
172ms Ping
application/json 35.82.85.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1592573416912576514&uid=1-yuey8w47-lnjkoj5h&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fwww.protectingwealthkit-native.com%2F4822%2F%3F%3Fsfcid%3D701Qh000001kFI7%26ls%3D001-Native-Power-Inbox-October-2023%26cn%3D855-910-6027%26utm_source%3DPower-Inbox-October-2023%26utm_medium%3DNative%26utm_campaign%3D701Qh000001kFI7%26cid%3Dw44sn5rn004meg6s2lsiom9c&rl=&ts=1696897033426&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=Retirement%20News%20%7C%20Sean%20Hannity&bn=Chrome%20117&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36&tz=-120&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_term=&utm_content=&utm_campaign=701Qh000001kFI7&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1696982400000
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.82.85.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-82-85-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 115ms
42ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27499361-13&cid=482594483.1696897033&jid=1726664766&_u=YADAAEAAAAAAACAAI~&z=676768538

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 69ms
69ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27499361-13&cid=482594483.1696897033&jid=1726664766&_u=YADAAEAAAAAAACAAI~&z=676768538

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9321
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=protectingwealthkit-native.com&sn=ChromeSyncframe&so=0&topUrl=www.protectingwealthkit-native.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=AnTZLXw0WTNwdkdZT0RWZ2xLM0lWbk5HZ3NSK2hSUVBIODU4VEl5VTRQNVpyWlJ5d2toZ2RMYVMyRVZ4MDk5a0NIbVlrSFk1aUtqcG1hMEJsZERERzZ0WVAzTmppb3lOVjErZDhRamdXOXlBa2xFTENBR2xzOEw2eDQvZ3...

468 B
691 B

84ms
26ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AnTZLXw0WTNwdkdZT0RWZ2xLM0lWbk5HZ3NSK2hSUVBIODU4VEl5VTRQNVpyWlJ5d2toZ2RMYVMyRVZ4MDk5a0NIbVlrSFk1aUtqcG1hMEJsZERERzZ0WVAzTmppb3lOVjErZDhRamdXOXlBa2xFTENBR2xzOEw2eDQvZ3ZrYnlaRnl5NTdla29ialp2MTNqcjhpLzdjU0ZGc1lSd2FVYnlRNDd5YzUycFBMc0VQc2JYbHU2RnFDU0RWc0p4bFd2TzBLUlJZZUNTSEpLWTJPSjNVNmpMTFI3M3RuOHF6WERlZGF3R0hYTzhqdU90QkJyazBMS01tZC9SRUlRVUFqRE5ibDNnU3BlZjhZTXhnYXg3RjNMeG9mTkJvZldKL01NS096WGRXSmRCdUFhUEpXOD18&cppv=2

Requested by

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2d429b96d36ab2e18cf9b6c95111a81415a279d566a3a6b10ded0080c42fb635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 974408
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=AnTZLXw0WTNwdkdZT0RWZ2xLM0lWbk5HZ3NSK2hSUVBIODU4VEl5VTRQNVpyWlJ5d2toZ2RMYVMyRVZ4MDk5a0NIbVlrSFk1aUtqcG1hMEJsZERERzZ0WVAzTmppb3lOVjErZDhRamdXOXlBa2xFTENBR2xzOEw2eDQvZ3ZrYnlaRnl5NTdla29ialp2MTNqcjhpLzdjU0ZGc1lSd2FVYnlRNDd5YzUycFBMc0VQc2JYbHU2RnFDU0RWc0p4bFd2TzBLUlJZZUNTSEpLWTJPSjNVNmpMTFI3M3RuOHF6WERlZGF3R0hYTzhqdU90QkJyazBMS01tZC9SRUlRVUFqRE5ibDNnU3BlZjhZTXhnYXg3RjNMeG9mTkJvZldKL01NS096WGRXSmRCdUFhUEpXOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 247334
content-length: 0
expires: 0

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
19 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 14:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18760
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Oct 2024 14:31:16 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/964382751/ 42 B
154 B 48ms
43ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964382751/?random=1696897033936&cv=11&fst=1696896000000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.protectingwealthkit-native.com%2F4822%2F%3F%3Fsfcid%3D701Qh000001kFI7%26ls%3D001-Native-Power-Inbox-October-2023%26cn%3D855-910-6027%26utm_source%3DPower-Inbox-October-2023%26utm_medium%3DNative%26utm_campaign%3D701Qh000001kFI7%26cid%3Dw44sn5rn004meg6s2lsiom9c&frm=0&tiba=Retirement%20News%20%7C%20Sean%20Hannity&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2713571305&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/964382751/ 42 B
154 B 72ms
69ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/964382751/?random=1696897033936&cv=11&fst=1696896000000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.protectingwealthkit-native.com%2F4822%2F%3F%3Fsfcid%3D701Qh000001kFI7%26ls%3D001-Native-Power-Inbox-October-2023%26cn%3D855-910-6027%26utm_source%3DPower-Inbox-October-2023%26utm_medium%3DNative%26utm_campaign%3D701Qh000001kFI7%26cid%3Dw44sn5rn004meg6s2lsiom9c&frm=0&tiba=Retirement%20News%20%7C%20Sean%20Hannity&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2713571305&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 swap_session.json Show response
js.callrail.com/group/0/ff67d0d16647477f0675/12/ 142 B
802 B 312ms
210ms XHR
application/json 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.callrail.com/group/0/ff67d0d16647477f0675/12/swap_session.json

Requested by

Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/518085905/ff67d0d16647477f0675/12/swap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

db06ad7259928650f70b9e297b46e5583f735a516b2288ae724590937051d582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.protectingwealthkit-native.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Oct 2023 00:17:14 GMT
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-length: 142
x-xss-protection: 1; mode=block
x-request-id: e4c0bc6e-c25f-40c2-9119-11c0ddf2376b
x-runtime: 0.083102
referrer-policy: strict-origin-when-cross-origin
etag: W/"db06ad7259928650f70b9e297b46e558"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin
x-amz-cf-id: Kl8sx3HV7NQQQ16kOUq7nAbmiJcsUfGiHS-zbDcbFtjP_zsJVzO0wg==

GET
H3

200

wcm Show response
www.google.nl/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/964382751/wcm?cc=ZZ&dn=8554653472&cl=PrYxCOGT_csBEJ-g7csD&ct_eid=2
https://www.google.nl/pagead/attribution/wcm?cc=ZZ&dn=8554653472&cl=PrYxCOGT_csBEJ-g7csD

80 B
111 B

41ms
41ms

XHR
application/json

2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.nl/pagead/attribution/wcm?cc=ZZ&dn=8554653472&cl=PrYxCOGT_csBEJ-g7csD

Requested by

Protocol

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Tue, 10 Oct 2023 00:17:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.nl/pagead/attribution/wcm?cc=ZZ&dn=8554653472&cl=PrYxCOGT_csBEJ-g7csD
access-control-allow-origin: https://www.protectingwealthkit-native.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 102ms
33ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=952351091531861&ev=PageView&dl=https%3A%2F%2Fwww.protectingwealthkit-native.com&rl=&if=false&ts=1696897034135&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=28&fbp=fb.1.1696897034132.1995702399&pm=1&hrl=220c59&ler=empty&it=1696897033899&coo=false&cs_cc=1&cas=1381110688594907%2C1307639062624690%2C4934826163311700%2C4917656824955599%2C2376755495783678%2C3282851478423874%2C2752743721456124%2C3466342496724894%2C3029533707087606%2C2567151189984924%2C2247856001950576%2C3313421728675399%2C2712860605410024%2C2462236590477912%2C2010650865695330%2C2098881000122891&exp=a1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 10 Oct 2023 00:17:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 view
mgln.ai/ Frame 0
0 157ms
103ms Preflight 2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mgln.ai/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.protectingwealthkit-native.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.protectingwealthkit-native.com
access-control-expose-headers: Set-Cookie
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 813aade02d9d0bcb-AMS
content-length: 0
date: Tue, 10 Oct 2023 00:17:14 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1696897034&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=nrMf%2F6vj6mPAR43gaoMR3V9Bj4HyLeJ87WtoTdB75%2Bs%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1696897034&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=nrMf%2F6vj6mPAR43gaoMR3V9Bj4HyLeJ87WtoTdB75%2Bs%3D
server: cloudflare
via: 1.1 vegur

POST
H2 204 view Show response
mgln.ai/ 0
306 B 128ms
128ms XHR
text/plain 2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgln.ai/view

Requested by

Host: cdn.mgln.ai
URL: https://cdn.mgln.ai/pixel.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.protectingwealthkit-native.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 10 Oct 2023 00:17:14 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 0
x-xss-protection: 0
x-request-id: 5401b474-bffc-4dd2-b38c-92f34fadfe51
x-runtime: 0.002882
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.protectingwealthkit-native.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BSxKv0%2BrnZQS9sKbchODYdYIA%2BJEJaaZwXl42k%2BaiX9gEqWaAkgg7gMGNiimq2TWiFt6OQs4PbFfaohz5enR60I5zkkYy2F1kFr0V6%2FeYKmueEWP1VDJO3zLQlh%2BbVDM%2BgKOoA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Set-Cookie
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
cf-ray: 813aade0dd33b944-AMS

GET
H2

200

pixel
us.mgln.ai/
Redirect Chain

https://mgln.ai/pixel/sync.gif
https://pixel.tapad.com/idsync/ex/receive?partner_id=3365&partner_device_id=257a73e2-8aa7-407b-8fc4-432027ef8cd7&partner_url=https%3A%2F%2Fus.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3365&partner_device_id=257a73e2-8aa7-407b-8fc4-432027ef8cd7&partner_url=https%3A%2F%2Fus.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D
https://us.mgln.ai/pixel?tapad_id=31db1ebb-36b7-48c2-93f2-13baf5f8a606

43 B
591 B

309ms
299ms

Image
image/gif

2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.mgln.ai/pixel?tapad_id=31db1ebb-36b7-48c2-93f2-13baf5f8a606

Requested by

Protocol

Server

2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:15 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding: binary
content-disposition: inline; filename="magellan_pixel.gif"; filename*=UTF-8''magellan_pixel.gif
content-length: 43
x-xss-protection: 0
x-request-id: 8ebf33ae-9ea0-4102-935c-90c4c774d673
x-runtime: 0.003213
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a065920df8cc4016d67c3a464be90099"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RM5cmT2JkJl5xIG2%2F0hfJPnoyC8J0wn%2BloC5bQOLpTSLoZoLI%2F4Ey2RK4ClMTQ3VkJYmcFAA2JjbPM75VK%2BUUR%2Bxr04tsVDvWxjRW6WSUnx0Q4Cp8c9byn7bqwM0thZRH3ji8xddQaU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, private, must-revalidate
cf-ray: 813aade35e80b944-AMS

Redirect headers

date: Tue, 10 Oct 2023 00:17:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://us.mgln.ai/pixel?tapad_id=31db1ebb-36b7-48c2-93f2-13baf5f8a606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 icap.js Show response
js.callrail.com/group/0/ff67d0d16647477f0675/12/ 22 B
541 B 186ms
186ms Script
text/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.callrail.com/group/0/ff67d0d16647477f0675/12/icap.js?t=1696897034400&GoogleAnalytics4__ga=GA1.2.482594483.1696897033&GoogleAnalytics4__ga_RMR6FP5GFT=GS1.1.1696897033.1.0.1696897033.60.0.0&ga=GA1.2.482594483.1696897033&uuid=f700eb7c-23b0-4d47-b69d-efc0b70a8336&ids%5B%5D=518085905

Requested by

Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/518085905/ff67d0d16647477f0675/12/swap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:14 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-length: 22
x-xss-protection: 1; mode=block
x-request-id: 14cff2c4-95b0-444b-81ba-2415441b7230
x-runtime: 0.059274
referrer-policy: strict-origin-when-cross-origin
etag: W/"1643b5cec44cc597bc2cce3448ce5434"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: YqKTufEjfkSYiLGAz1B3alN5wVmyyikh4pvE98eC1rgVd40Sp_jf2Q==

GET
H2 200 3704751.js Show response
js-na1.hs-scripts.com/ 1 KB
1 KB 199ms
129ms Script
application/javascript 2606:4700::6810:be59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/3704751.js

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/analytics/3704751.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:be59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d04508ac1d164d348bad8ef0ebb76a5a1132191619366e7b2ba8ca39853483c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2238aed3-8c6f-4ad3-86ef-c807eb195a17
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2238aed3-8c6f-4ad3-86ef-c807eb195a17
last-modified: Mon, 09 Oct 2023 22:42:25 GMT
server: cloudflare
x-trace: 2BF5705520536621C5C2F330025199BDC61A70AC7D000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.protectingwealthkit-native.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-kz7hh
cf-ray: 813aade5ba281ca7-AMS

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
578 B 145ms
144ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3335903367&v=1.1&a=3704751&pu=https%3A%2F%2Fwww.protectingwealthkit-native.com%2F4822%2F%3F%3Fsfcid%3D701Qh000001kFI7%26ls%3D001-Native-Power-Inbox-October-2023%26cn%3D855-910-6027%26utm_source%3DPower-Inbox-October-2023%26utm_medium%3DNative%26utm_campaign%3D701Qh000001kFI7%26cid%3Dw44sn5rn004meg6s2lsiom9c&t=Retirement+News+%7C+Sean+Hannity&cts=1696897035061&vi=908e861615bcc40fd5ba6d4e0aa50e39&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4455ed63-c225-46cb-ab8c-af049db8fab9
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4455ed63-c225-46cb-ab8c-af049db8fab9
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOpy6wVFQyvAURZDw%2Fdr1VW1IqbCKAMYJ1J6VoH1QJLJUP2jLULTc%2BDQF%2FsrcA0znnlOytPkAGFGR8h6k03oGZpYH%2FXOh5ga%2BvUNSRkPS91le7LWyhmXgdkfHl122Tr%2FArT4P8IBrQdU2mvWso8l"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-p49q2
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 813aade54e37662d-AMS
x-robots-tag: none

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 309ms
104ms XHR
application/json 44.199.123.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16968970332280.06933798914833056
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.199.123.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-123-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 2cd13d31c492ffffc55f914c179e9945f84163cc3ed1ba04358205e3966ab58a

Request headers

Referer: https://www.protectingwealthkit-native.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Oct 2023 00:17:15 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/3704751/ 65 KB
20 KB 460ms
405ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/3704751/banner.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/3704751.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c252fe0cabb78d805a1d7a8d1eca4478eb44b872d64f85515d5094ab1b589307

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:15 GMT
x-amz-version-id: cZ7ihzZOjtcYt6olbQKFTqkPVyD.9vgA
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: K6EV4X08XNV8HVHH
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: fe63c608-7088-4d0a-80a8-8475c6ab293c
x-envoy-upstream-service-time: 19
x-amz-id-2: pKmdvyAgCumHYRPd8+U+TBqW7kjkhYupXxIMiI+3WVMcnnI9E/95R/AqcYhEbDcV2X7vqadgpiI0645IMZ4nKQ==
x-evy-trace-listener: listener_https
x-request-id: fe63c608-7088-4d0a-80a8-8475c6ab293c
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 26 Sep 2023 19:14:42 GMT
server: cloudflare
etag: W/"241a98143aab8f4d6eecb60b02b42787"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.goldirakit-email-1p.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-c5f7fd779-7gpw4
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 813aade6dce20b62-AMS
expires: Tue, 10 Oct 2023 00:22:15 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 76 KB
22 KB 97ms
33ms Script
application/javascript 2606:4700::6811:fba8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/3704751.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fba8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375fab8cd866ba618630e49036f0373b7693dbff589140c489017185d4092fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:15 GMT
x-amz-version-id: ox9i7AJUcGNeHtamA4MecCiw7bDVoEmE
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 91
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14347/bundles/project.js&cfRay=813aabb14f680a70-AMS
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 2000ab90-cca8-4e87-aa41-51c90e8a0c8f
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2000ab90-cca8-4e87-aa41-51c90e8a0c8f
last-modified: Thu, 05 Oct 2023 02:05:19 UTC
server: cloudflare
etag: W/"c45075af7860f89c815bfe1becd1495f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-s4jft
cf-ray: 813aade6ee1d0a5c-AMS
x-amz-cf-id: iIj8nyDGwFpKvorrkTKQLzXJtctvgK-MtxfFmWj5O2PsZBZwrRtC4A==
x-hs-target-asset: conversations-embed/static-1.14347/bundles/project.js

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 199ms
135ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3704751&conversations-embed=static-1.14347&mobile=false&messagesUtk=14df61861eef4f1cb2c27826fe5a515c&traceId=14df61861eef4f1cb2c27826fe5a515c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.protectingwealthkit-native.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.protectingwealthkit-native.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 813aade79f5bb8f7-AMS
content-length: 18
content-type: text/plain; charset=utf-8
date: Tue, 10 Oct 2023 00:17:15 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9hQPIYoxmCBwTVuVgPk15lsixuGcXpVW8r9jmPJg1PEy1qpnAWRdX%2BXb17I7rJFIgD3WG9O8iM40K4hCmk3wy6sRThiutWymh1p1nFbtg03de5kBI79pHLOQ1kS9lQaOv4ixaca5FM%2FSK9S1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-fg7ss
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: eadad8e9-26b1-4371-b233-ebcd95a4bf16
x-request-id: eadad8e9-26b1-4371-b233-ebcd95a4bf16
x-trace: 2B5797A5512F4DA47C760BC89843E72D37E6915FE2000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 472 B
1 KB 150ms
149ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4703cee3e81e71ae0ad104744d00d19bd02c602d42df26d0a29d9c81871aba67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.protectingwealthkit-native.com/
accept-language: nl-NL,nl;q=0.9
X-HubSpot-Messages-Uri: https://www.protectingwealthkit-native.com/4822/??sfcid=701Qh000001kFI7&ls=001-Native-Power-Inbox-October-2023&cn=855-910-6027&utm_source=Power-Inbox-October-2023&utm_medium=Native&utm_campaign=701Qh000001kFI7&cid=w44sn5rn004meg6s2lsiom9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 00:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a02a35ab-302b-4086-92af-3e34961c85d9
x-envoy-upstream-service-time: 16
content-length: 335
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a02a35ab-302b-4086-92af-3e34961c85d9
server: cloudflare
x-trace: 2BDF9ADF5B9FF531FDA50830603B766C6B14D47A6C000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.protectingwealthkit-native.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-ff5vt
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsEXs6iB8qJaz9kLYMW4KlUlQxt7Kzx2jsiYWUe7et18u4ztAqqeNfe4GclfqKq7wPlM6zPMAPxh5znY6zup2RwcF7JKg7%2FxPKXTiK9ADc8sJwynAYrclpWOvwCNHheEAiMs4rhlgWN4s7RjVg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 813aade87fabb8f7-AMS
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 trustedform-1.9.3.js Show response
cdn.trustedform.com/ 84 KB
33 KB 39ms
39ms Script
application/javascript 2600:9000:223d:dc00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16968970332280.06933798914833056
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:dc00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec3dba88e0b5374439c23448ca4d34a999e9f08bcaa5e44f058397201fb6b4fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 7O5V6jq2s2Z07whTQpyrcP1MCTtgwEP.
content-encoding: gzip
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
date: Tue, 10 Oct 2023 00:17:15 GMT
last-modified: Mon, 09 Oct 2023 18:29:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 24
etag: W/"02936930bfbc8e968a050052f7ee268b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: vAgSJTNxF84KVapb58b07uEsNdmRnT5bf9IXnqaz0hnJSvoVEpL1MQ==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/6c6e29eec38566860a9f99acbf6f887ad582e1f2/ 0
159 B 206ms
206ms XHR
text/plain 44.199.123.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/6c6e29eec38566860a9f99acbf6f887ad582e1f2/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.199.123.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-123-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.protectingwealthkit-native.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 10 Oct 2023 00:17:15 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/5783b835-advertorial-header-retirement-news-with-sean-hannity-v3_10kr099000000000000028.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4983f5eceeafb7210a2528e8ec888c3cb7aaba5d000ed1756c669e2a94186c0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 11:02:46 GMT
x-amz-version-id: A6BqIL_PUYcF1xBWPi1WW7fRS.cnpqOZ
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Thu, 13 Oct 2022 19:33:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 29855670
etag: "90979cc32ea747b1cea1d804d98129e3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 38928
x-amz-cf-id: fu6JoF51UCydYPz55ghauFDw1Ag5DUn5l0uY3iSTXbPm8fv83RnLXw==

GET
H2 200 6e7f02be-check-mark-blue-8_100q00r000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 433 B
826 B 39ms
38ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/6e7f02be-check-mark-blue-8_100q00r000000000000028.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d4319f4850dea87c0028b30342636962ae6d5fd80ad3ce72ca71d6bf61d01f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:02 GMT
x-amz-version-id: qwa.GEBPgZxJ.ZMznK1Gn_kCaRLbD9WS
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223994
etag: "b7366a1d4d2c75e490474c9e8038b335"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 433
x-amz-cf-id: wryfGo_VeLnYEli1msOo91Axmrk7-eZ-5St702AXNzU5Awr-yYKEYg==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/f28fdcda-hannity-offer-stack-no-logo-1_109f06f000000000000028.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7b6a52fc13c8f1aea6c893c3db5ef151153de0cd6a61184cd778a715814b59b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:03 GMT
x-amz-version-id: k_1_Wqih8HOu75JFzISzhqIE3.q2dvyJ
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223993
etag: "79145a0f658ce2aec3fcdba71eccaf92"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 18697
x-amz-cf-id: vXZfEF3mRyxrZCNM3rZXASqhKAyhi9fHf97sJKNQ6mDLphE1_8B1Rg==

GET
H2 200 61fafb86-hannity-edited_107h0nj07h097000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 27 KB
27 KB 43ms
41ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/61fafb86-hannity-edited_107h0nj07h097000000028.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17cda12cacab7a4cdd1fabd9114ba6bf3dd211237cb990a7eb3a4ada7f75c520

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:04 GMT
x-amz-version-id: F21eoCVZA_vgwPWqudGoTInZYZgfhZgW
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223992
etag: "53c8a5c29da79d92a13bdfe7ac7c62f8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 27578
x-amz-cf-id: A6LQq6nRr6LpTHePCyvgFQdUZlxfbbvmx0nSuwA5DDFKPFpKBXLYdw==

GET
H2 200 b2a93c59-badge-101-2_1036036000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 4 KB
5 KB 42ms
41ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/b2a93c59-badge-101-2_1036036000000000000028.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9bf37b194c0de1fcf0407fff6d4038739e6408899af1ef1750fb14bbda27522d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:04 GMT
x-amz-version-id: Le4NWxZlFdH_joAk_pBajUytz8qIxgk_
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223991
etag: "7608ad0251f512f46f0d33068dbd4455"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4416
x-amz-cf-id: ZrN7eUAooPf2cgfmgLG_TaUkEMGUWx635wh9rd8FXw8JuaTYRa5ALw==

GET
H2 200 26268d95-sean-hannity-book-mockup-1_105g06h000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 10 KB
11 KB 42ms
41ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/26268d95-sean-hannity-book-mockup-1_105g06h000000000000028.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89321b3785ec9c9b07c9c31788281a28d11f8f6d5e322b940cef1ae18ae9af56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:05 GMT
x-amz-version-id: D5_2rC7SDw2olDGBX_8.XTdlO0D.CQoJ
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223991
etag: "6c7252962e08398ecb1e7b848bc97c1f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 10746
x-amz-cf-id: QgwsnPOQnTaqe5biCQpI4EqH_nLMl_CgRRQ3cYN_Chttsl6hOq3yGA==

GET
H2 200 5aed1041-white-goldco-logo-gold-flame_104501l000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/ 2 KB
2 KB 43ms
42ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.protectingwealthkit-native.com/4822/5aed1041-white-goldco-logo-gold-flame_104501l000000000000028.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92a8a1e89f3e916218ba5e54e11a52a4cfca4cb3ac4341f82edf945c98dce7b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:24:05 GMT
x-amz-version-id: D8U2.nnRIWNAQ.ab.eWUVZaQ7qiV_5ol
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24223991
etag: "fc1a83a98feef349bfe188d66eb86108"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1621
x-amz-cf-id: 1RQ3jTQ13pi_6R5VH7DzjVKTC-AF0AQ6A4VJpIO1dAlwAK3TYxWEPw==

GET
H2 200 adsct
t.co/i/ 43 B
117 B 135ms
134ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 10 Oct 2023 00:17:15 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 76f8ebecdfc3e59a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 15a57b166843d58aa63fdfbbd0016ac4e7ed87b1a0aade59a1dcde9ebd0c60fd
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
118 B 208ms
207ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 177
date: Tue, 10 Oct 2023 00:17:15 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 6e0ffd8196bc5a81
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e5bf231fe550fc16fa4d83fadcd330d43fbb527867e723c51062279835100d90
content-length: 43

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/6c6e29eec38566860a9f99acbf6f887ad582e1f2/ 0
159 B 198ms
197ms XHR
text/plain 44.199.123.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/6c6e29eec38566860a9f99acbf6f887ad582e1f2/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.199.123.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-123-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.protectingwealthkit-native.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 10 Oct 2023 00:17:15 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RMR6FP5GFT&gtm=45je3a40&_p=1247099412&cid=482594483.1696897033&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696897033&sct=1&seg=0&dl=https%3A%2F%2Fwww.protectingwealthkit-native.com%2F4822%2F%3F%3Fsfcid%3D701Qh000001kFI7%26ls%3D001-Native-Power-Inbox-October-2023%26cn%3D855-910-6027%26utm_source%3DPower-Inbox-October-2023%26utm_medium%3DNative%26utm_campaign%3D701Qh000001kFI7%26cid%3Dw44sn5rn004meg6s2lsiom9c&dt=Retirement%20News%20%7C%20Sean%20Hannity&en=page_variant&_ee=1&epn.siteSpeedSampleRate=100&ep.variant_id=d&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RMR6FP5GFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.protectingwealthkit-native.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 00:17:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.protectingwealthkit-native.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.protectingwealthkit-native.com/4822/	1970-01-20 19:46:34	Name: ubpv Value: d%2Cd47a1fc1-6697-4389-bb6a-579f46793b11
links.conservative-politics.com/	1970-01-20 15:22:20	Name: _session_id Value: 4067f570e144cb7689650f2f2721354f
.rev-stripe.com/	1970-01-20 15:23:03	Name: eid3197 Value: edba33c92c304fc3b7aa59d5f4e052ee
.track.roinattrack.com/	1970-01-20 15:23:03	Name: c5fba42c-3704-439f-bca7-67e0fecdc6b9-v4 Value: o_HIy7ghPhq7VL7fLrYzySWDZhVUSYyWbx87uMnLxFY
.track.roinattrack.com/	1970-01-21 00:07:13	Name: cc-v4 Value: A0sjOJ3Vf%2FTq8wfOn65Ki7k4bDKHumyU4XOlyDCTEgtUW4GAr%2FxH2jRAT%2FaC7%2FJOrFntIMukfH9%2FOgN0Zb1DPYToIHHvmQmiZEJ%2BJSMtqjOkoL2OhwImf6K%2FGlPp9KMeA5dlzXY6SwW%2BWVdvb8rdUg%3D%3D
www.protectingwealthkit-native.com/	1970-01-20 19:40:49	Name: ubvs Value: 657ae838-d062-4a91-a0ff-aaab9870cd38
.protectingwealthkit-native.com/	1970-01-20 15:25:56	Name: ubvt Value: v2%7C657ae838-d062-4a91-a0ff-aaab9870cd38%7Cd47a1fc1-6697-4389-bb6a-579f46793b11%3Ad%3Asingle
.protectingwealthkit-native.com/	1970-01-21 00:57:37	Name: _ga_RMR6FP5GFT Value: GS1.1.1696897033.1.0.1696897033.60.0.0
.protectingwealthkit-native.com/	1970-01-20 17:31:13	Name: _gcl_au Value: 1.1.307886520.1696897033
.hubspot.com/	1970-01-20 15:21:38	Name: __cf_bm Value: E4IhbWDqWoH5Bmz_foH_Bh1c6fvHke1FJdRCs3az_5E-1696897033-0-AbZLQCIN81ovPgOX13k/S6wBxR7uVueoZ7Xf71NFyIXTjWOcrjyvsyOpkwrC2HseA4sudgvtB6X4Zg0588Le9UA=
.js.ubembed.com/	1970-01-20 15:21:38	Name: __cf_bm Value: ck7UOIeLfjbZo0sg2LoVzSQYKQlexxa6DBawj4rvGZw-1696897033-0-ARpqqZrTlQTufpPsHBRRWUBdc/J9Pyh2jd433JcuCKDeSJOYRQ1kRQYiN1stO7kGGtPO21E3R2H8RxgC4CrDOAM=
.protectingwealthkit-native.com/	1970-01-21 00:57:37	Name: _ga Value: GA1.2.482594483.1696897033
.protectingwealthkit-native.com/	1970-01-20 15:23:03	Name: _gid Value: GA1.2.1708562278.1696897034
.protectingwealthkit-native.com/	1970-01-20 15:21:37	Name: _gat_UA-27499361-13 Value: 1
www.protectingwealthkit-native.com/	1970-01-21 00:07:13	Name: __pdst Value: d318db8b30ec41379e8f14e831b64cc6
.protectingwealthkit-native.com/	1970-01-21 00:57:37	Name: __nbpix_uid Value: 1-yuey8w47-lnjkoj5h
.protectingwealthkit-native.com/	1969-12-31 23:59:59	Name: __nbpix_utm Value: {"utm_source":"Power-Inbox-October-2023","utm_medium":"Native","utm_campaign":"701Qh000001kFI7"}
.criteo.com/	1970-01-21 00:43:13	Name: uid Value: d1a4ca8a-54b1-48ef-8906-2a0de9ceb073
.doubleclick.net/	1970-01-20 15:21:37	Name: test_cookie Value: CheckForPermission
.protectingwealthkit-native.com/	1970-01-21 00:07:13	Name: calltrk_referrer Value: direct
.protectingwealthkit-native.com/	1970-01-21 00:07:13	Name: calltrk_landing Value: https%3A//www.protectingwealthkit-native.com/4822/%3F%3Fsfcid%3D701Qh000001kFI7%26ls%3D001-Native-Power-Inbox-October-2023%26cn%3D855-910-6027%26utm_source%3DPower-Inbox-October-2023%26utm_medium%3DNative%26utm_campaign%3D701Qh000001kFI7%26cid%3Dw44sn5rn004meg6s2lsiom9c
.protectingwealthkit-native.com/	1970-01-21 00:07:13	Name: calltrk_session_id Value: f700eb7c-23b0-4d47-b69d-efc0b70a8336
.twitter.com/	1970-01-21 00:57:37	Name: personalization_id Value: "v1_IrS+rFk1jvB4upS4ErE+GA=="
.t.co/	1970-01-21 00:57:37	Name: muc_ads Value: d44ba51d-94d2-46ae-be6e-aa88cd1a93eb
.protectingwealthkit-native.com/	1970-01-20 17:31:13	Name: _fbp Value: fb.1.1696897034132.1995702399
.protectingwealthkit-native.com/	1970-01-21 00:51:01	Name: cto_bundle Value: CqvWql83MndNTGdXZDBxeHc0anlqbnI0WVJZJTJCN3lDbXVCUUVxSXFXUXpuaSUyQks4czIlMkJXbUFUJTJGRXVSbm1RMkpETGE5RGNsbzFzJTJGUnkxMkNKJTJCWWU1RFJVeVhOMk0zWkF6NGlSQU5WaEd1WXFXZkFZbjc3bHhRc1BNNWVSSnNoYWYyVWNnTVV2anFXaTIlMkJOTUZVU0N2NWRGMEFRMEpMWkx3alU5TlIxbzRGcVBVY3pmVSUzRA
.mgln.ai/	1970-01-20 16:48:01	Name: tracking_id Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTFOMkUzTTJVeUxUaGhZVGN0TkRBM1lpMDRabU0wTFRRek1qQXlOMlZtT0dOa055ST0iLCJleHAiOiIyMDIzLTEyLTA5VDAwOjE3OjE0LjEzOVoiLCJwdXIiOiJjb29raWUudHJhY2tpbmdfaWQifX0%3D--245a35b9b22655c870158a549a159cf5a49218ae
.tapad.com/	1970-01-20 16:48:01	Name: TapAd_TS Value: 1696897034698
.tapad.com/	1970-01-20 16:48:01	Name: TapAd_DID Value: 31db1ebb-36b7-48c2-93f2-13baf5f8a606
.tapad.com/	1970-01-20 16:48:01	Name: TapAd_3WAY_SYNCS Value:
www.protectingwealthkit-native.com/	1970-01-20 19:40:49	Name: __hstc Value: 46971576.908e861615bcc40fd5ba6d4e0aa50e39.1696897035059.1696897035059.1696897035059.1
www.protectingwealthkit-native.com/	1970-01-20 19:40:49	Name: hubspotutk Value: 908e861615bcc40fd5ba6d4e0aa50e39
www.protectingwealthkit-native.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.protectingwealthkit-native.com/	1970-01-20 15:21:38	Name: __hssc Value: 46971576.1.1696897035060

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.hubspot.com
api.trustedform.com
assets.ubembed.com
builder-assets.unbounce.com
business.newsbreak.com
cdn.callrail.com
cdn.mgln.ai
cdn.pdst.fm
cdn.trustedform.com
connect.facebook.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com
dynamic.criteo.com
events.ub-analytics.com
fonts.ub-assets.com
googleads.g.doubleclick.net
gum.criteo.com
js-na1.hs-scripts.com
js.callrail.com
js.hs-banner.com
js.hubspot.com
js.usemessages.com
links.conservative-politics.com
mgln.ai
mug.criteo.com
pixel.tapad.com
region1.analytics.google.com
rs-stripe.conservative-politics.com
sslwidget.criteo.com
static.ads-twitter.com
static.newsbreak.com
stats.g.doubleclick.net
t.co
tr.rev-stripe.com
track.hubspot.com
track.roinattrack.com
us-central1-adaptive-growth.cloudfunctions.net
us.mgln.ai
widget.us.criteo.com
www.facebook.com
www.gcjdjhs3e.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.protectingwealthkit-native.com
104.244.42.5
104.244.42.67
108.138.17.27
13.224.189.14
13.32.27.107
13.32.99.67
13.32.99.8
142.250.185.130
146.75.116.157
178.250.1.11
178.250.1.9
18.193.209.105
184.72.178.168
20.225.97.235
2001:4860:4802:34::36
2001:4860:4802:36::36
2600:9000:223d:dc00:1c:7f1a:6680:93a1
2600:9000:223e:5e00:b:3165:13c0:21
2606:4700:20::681a:3b4
2606:4700:20::ac43:484f
2606:4700:4400::6812:22e5
2606:4700:4400::6812:27b5
2606:4700::6810:be59
2606:4700::6811:fba8
2606:4700::6813:9a53
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:82b::2004
2a00:1450:400c:c0c::9b
2a02:2638:3::c
2a02:2638:d::10
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.69.136.55
34.111.113.62
34.111.80.119
35.238.129.105
35.244.142.80
35.82.85.66
44.199.123.65
52.222.250.12
74.119.119.150
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
042f7cef3600e8d7efe2e92f8a207f2e5fc9f8111799ab2fb8f7da095e8c5403
04bb614638f8b55064ee1ca1e795f1099b5f6f0c45ebb1a6afff8f01157ebf15
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0ce842f1391402668881fad678cda067de05611e7b5b9433ec0767c5622344d2
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1450ba7d8456a1bce2ae070223cb5657be57e8c8635e748a294f7a81b584de91
1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d
16ff3140df103d109eb1a85c6cf1f0511b7829bad6ae4a9d4ef1ac6e61a263cb
17cda12cacab7a4cdd1fabd9114ba6bf3dd211237cb990a7eb3a4ada7f75c520
1becc3540a3ea6804b73defa8cf1308bb04b2bce536b18cb9ac3b4eae6bbc21c
25c1352fda5bb80ed562d19e654b03c30619c1af19b33c33161ec3b5e7941a60
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c83704468761d117476069a5e9e6ccbb1afa0ec1fb9647047c07356124c3386
2cd13d31c492ffffc55f914c179e9945f84163cc3ed1ba04358205e3966ab58a
2d04508ac1d164d348bad8ef0ebb76a5a1132191619366e7b2ba8ca39853483c
2d429b96d36ab2e18cf9b6c95111a81415a279d566a3a6b10ded0080c42fb635
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
30c7fe83526fffa4fcfc81960bdbfe988d4742caded8244074ec42cad6c6d7cd
375fab8cd866ba618630e49036f0373b7693dbff589140c489017185d4092fd4
44ccd0c0f3d7a88ddbae1648ae059a9e2a52540e691a7af0df30e4d3b2292bbc
4703cee3e81e71ae0ad104744d00d19bd02c602d42df26d0a29d9c81871aba67
4a76d88b7b1a45847972eb466049e9cf80efdba8c87b1ade5ba4fbbd683560ad
4d4319f4850dea87c0028b30342636962ae6d5fd80ad3ce72ca71d6bf61d01f1
54937305736d1d944401888374357edd5dc2a559486e646c787924523b76aff1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58f7c7c754de9b5fd0e1d2d3feb58c22927ec730e70d4b52e3f195c34be4a848
6e406ee05e5a2d4a9efd5d6a5154b5d96e41e53a059c5a690953fc791e2932fe
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
89321b3785ec9c9b07c9c31788281a28d11f8f6d5e322b940cef1ae18ae9af56
92175bf4a96909409add4c3f85b28af6a234ac81972ce9c2a17aa261172b30ba
92a8a1e89f3e916218ba5e54e11a52a4cfca4cb3ac4341f82edf945c98dce7b3
98d5d20f2267b28a5edbbc909523335a973aa79ec153337147d9fa66eeac639a
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9bf37b194c0de1fcf0407fff6d4038739e6408899af1ef1750fb14bbda27522d
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4983f5eceeafb7210a2528e8ec888c3cb7aaba5d000ed1756c669e2a94186c0
a9fa6a55ebfe734240f73866ee94e2d77795b76967c2ed6698744d949b173d04
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
c252fe0cabb78d805a1d7a8d1eca4478eb44b872d64f85515d5094ab1b589307
cb73b4719b14c82de450fcb8200639710e15128069dcd71a727ba92c239ef7ef
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
db06ad7259928650f70b9e297b46e5583f735a516b2288ae724590937051d582
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6317e889f2b7f798454d48f6fb7ad821c1575850120a17a548b347b7c026d05
e7b6a52fc13c8f1aea6c893c3db5ef151153de0cd6a61184cd778a715814b59b
ec3dba88e0b5374439c23448ca4d34a999e9f08bcaa5e44f058397201fb6b4fa
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

www.protectingwealthkit-native.com Open in urlscan Pro 3.69.136.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

93 %HTTPS

49 %IPv6

34 Domains

50 Subdomains

40 IPs

4 Countries

1130 kBTransfer

2826 kBSize

34 Cookies

0 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.protectingwealthkit-native.com Open in urlscan Pro
3.69.136.55 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

93 %
HTTPS

49 %
IPv6

34
Domains

50
Subdomains

40
IPs

4
Countries

1130 kB
Transfer

2826 kB
Size

34
Cookies

85 HTTP transactions
2 data transactions