libertythroughwealth.com Open in urlscan Pro
18.233.27.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://events-c.mb.wealthyretirement.com/z/so0ltq6p0n6h04?uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&txnid=94d24aee-856c-494d-a063-e02274a6...
Effective URL:
https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_ei...
Submission: On July 13 via api (July 13th 2024, 10:49:10 pm UTC) from BE — Scanned from DE

Summary HTTP 137 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 74 IPs in 9 countries across 59 domains to perform 137 HTTP transactions. The main IP is 18.233.27.104, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is libertythroughwealth.com.
TLS certificate: Issued by R3 on May 16th 2024. Valid for: 3 months.

This is the only time libertythroughwealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6811:1d55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	18.233.27.104 18.233.27.104	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
2	3.5.28.22 3.5.28.22	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
8	2606:4700:20:... 2606:4700:20::681a:316	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.239.36.125 18.239.36.125	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	16.182.99.209 16.182.99.209	16509 (AMAZON-02) (AMAZON-02)
1	143.204.9.30 143.204.9.30	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 _) (CDN77 _)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
4	18.245.60.50 18.245.60.50	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	54.231.236.64 54.231.236.64	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f14:5db... 2600:1f14:5db:eb22:3666:3d48:6c2b:699e	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
4	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.139.243.113 108.139.243.113	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
4	70.42.32.223 70.42.32.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
17	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.227.219.3 13.227.219.3	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c1f::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1	3.255.41.64 3.255.41.64	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::201b	15169 (GOOGLE) (GOOGLE)
1 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.117.16 74.119.117.16	19750 (AS-CRITEO) (AS-CRITEO)
1	2a02:2638:3::19 2a02:2638:3::19	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	156.146.33.140 156.146.33.140	60068 (CDN77 _) (CDN77 _)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
2 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	81.17.55.106 81.17.55.106	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.243.204.162 34.243.204.162	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	108.128.229.205 108.128.229.205	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.120.61.114 3.120.61.114	16509 (AMAZON-02) (AMAZON-02)
1	35.161.189.124 35.161.189.124	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.68.17.97 3.68.17.97	16509 (AMAZON-02) (AMAZON-02)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4280:fe7f:ae22:8bd3:8025	14618 (AMAZON-AES) (AMAZON-AES)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.194.20.131 54.194.20.131	16509 (AMAZON-02) (AMAZON-02)
1	18.184.16.168 18.184.16.168	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2	54.244.219.56 54.244.219.56	16509 (AMAZON-02) (AMAZON-02)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
3	44.216.98.119 44.216.98.119	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:235... 2600:9000:235a:8600:11:edc5:140:93a1	16509 (AMAZON-02) (AMAZON-02)
137	74

1 2606:4700::6811:1d55 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

events-c.mb.wealthyretirement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.233.27.104 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-27-104.compute-1.amazonaws.com

libertythroughwealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.28.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

portrait-tracker.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.36.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-125.ams58.r.cloudfront.net

cdn.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.182.99.209 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

portrait-tracker.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.9.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-9-30.mxp64.r.cloudfront.net

accessibilityserver.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.60.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-50.fra60.r.cloudfront.net

dnzkifeab6.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.231.236.64 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb22:3666:3d48:6c2b:699e (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.243.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-113.mxp63.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-3.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1f::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.255.41.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::19 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

measurement-api.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 156.146.33.140 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 663193551.fra.cdn77.com

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.106 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.204.162 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-204-162.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.229.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-229-205.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.61.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-61-114.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.161.189.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-189-124.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.17.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-17-97.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:fe7f:ae22:8bd3:8025 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.20.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-20-131.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.16.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-16-168.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.244.219.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-219-56.us-west-2.compute.amazonaws.com

api.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.216.98.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-98-119.compute-1.amazonaws.com

e-10348.adzerk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:235a:8600:11:edc5:140:93a1 (United States)

ASN16509 (AMAZON-02, US)

dkwegfj7whlol.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	11 KB
10	amazonaws.com portrait-tracker.s3.amazonaws.com — Cisco Umbrella Rank: 575780 dnzkifeab6.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 520317 s3.amazonaws.com	3 MB
9	lytics.io c.lytics.io — Cisco Umbrella Rank: 12441	79 KB
8	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3218 tr.outbrain.com — Cisco Umbrella Rank: 3152 wave.outbrain.com — Cisco Umbrella Rank: 3169 sync.outbrain.com — Cisco Umbrella Rank: 847	12 KB
7	libertythroughwealth.com 1 redirects libertythroughwealth.com	35 KB
6	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 460 sslwidget.criteo.com — Cisco Umbrella Rank: 1961 widget.us.criteo.com — Cisco Umbrella Rank: 20844 measurement-api.criteo.com — Cisco Umbrella Rank: 1729 dis.criteo.com — Cisco Umbrella Rank: 700	7 KB
6	userway.org cdn.userway.org — Cisco Umbrella Rank: 4181 api.userway.org — Cisco Umbrella Rank: 4070	64 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	579 KB
5	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333 px4.ads.linkedin.com — Cisco Umbrella Rank: 5939	3 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	162 KB
3	cloudfront.net dkwegfj7whlol.cloudfront.net	137 KB
3	adzerk.net e-10348.adzerk.net — Cisco Umbrella Rank: 837574	4 KB
3	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 629 cm.adform.net — Cisco Umbrella Rank: 1365	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 265	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 67 region1.google-analytics.com — Cisco Umbrella Rank: 2681	21 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 326	15 KB
3	getblueshift.com cdn.getblueshift.com — Cisco Umbrella Rank: 16850 api.getblueshift.com — Cisco Umbrella Rank: 15340	4 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 524	739 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 232	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1831	1 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 133 cm.g.doubleclick.net — Cisco Umbrella Rank: 264	669 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 661	8 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 3786	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 829 script.hotjar.com — Cisco Umbrella Rank: 1135	60 KB
2	taboola.com trc.taboola.com — Cisco Umbrella Rank: 721 sync-t1.taboola.com — Cisco Umbrella Rank: 1683	506 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1885	2 KB
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1271	378 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1969	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2828	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 6597	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 53616	153 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 414	140 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2541	398 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2678	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 548	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 402	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 886	225 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1028	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1591	882 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 691	815 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 13744	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 743	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 577	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 824	342 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 699	163 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 383	235 B
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 405	1 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1517	500 B
1	google.de www.google.de — Cisco Umbrella Rank: 9452	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3541
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 876	394 B
1	t.co t.co — Cisco Umbrella Rank: 767	376 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 726	16 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 779	14 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 839	15 KB
1	accessibilityserver.org accessibilityserver.org — Cisco Umbrella Rank: 33499	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 352	19 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 736	30 KB
1	wealthyretirement.com 1 redirects events-c.mb.wealthyretirement.com	2 KB
137	59

	Domain	Requested by
17	www.facebook.com	libertythroughwealth.com connect.facebook.net
9	c.lytics.io	portrait-tracker.s3.amazonaws.com c.lytics.io libertythroughwealth.com
7	libertythroughwealth.com	1 redirects libertythroughwealth.com code.jquery.com
6	www.googletagmanager.com	portrait-tracker.s3.amazonaws.com libertythroughwealth.com www.googletagmanager.com www.google-analytics.com
5	cdn.userway.org	accessibilityserver.org cdn.userway.org libertythroughwealth.com
5	connect.facebook.net	libertythroughwealth.com connect.facebook.net
4	px.ads.linkedin.com	1 redirects snap.licdn.com
4	dnzkifeab6.execute-api.us-east-1.amazonaws.com	portrait-tracker.s3.amazonaws.com
3	dkwegfj7whlol.cloudfront.net
3	e-10348.adzerk.net
3	ib.adnxs.com	2 redirects
3	tr.outbrain.com	amplify.outbrain.com
3	s3.amazonaws.com	www.googletagmanager.com s3.amazonaws.com
3	bat.bing.com	libertythroughwealth.com bat.bing.com
3	portrait-tracker.s3.amazonaws.com	libertythroughwealth.com portrait-tracker.s3.amazonaws.com
2	api.getblueshift.com	cdn.getblueshift.com
2	sync.1rx.io	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	wave.outbrain.com	amplify.outbrain.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.yimg.com	libertythroughwealth.com s.yimg.com
2	dev.visualwebsiteoptimizer.com	libertythroughwealth.com
2	amplify.outbrain.com	libertythroughwealth.com amplify.outbrain.com
1	secure.gravatar.com
1	sync.targeting.unrulymedia.com
1	cm.adform.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	eb2.3lift.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	dis.criteo.com
1	x.bidswitch.net
1	cm.g.doubleclick.net
1	measurement-api.criteo.com	sslwidget.criteo.com
1	widget.us.criteo.com	libertythroughwealth.com
1	sslwidget.criteo.com	1 redirects
1	storage.googleapis.com	c.lytics.io
1	sp.analytics.yahoo.com	libertythroughwealth.com
1	www.google.de	libertythroughwealth.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	px4.ads.linkedin.com	libertythroughwealth.com
1	analytics.twitter.com	libertythroughwealth.com
1	t.co	libertythroughwealth.com
1	static.criteo.net	www.googletagmanager.com
1	snap.licdn.com	libertythroughwealth.com
1	static.hotjar.com	libertythroughwealth.com
1	static.ads-twitter.com	www.googletagmanager.com
1	api.userway.org	cdn.userway.org
1	trc.taboola.com	libertythroughwealth.com
1	accessibilityserver.org	libertythroughwealth.com
1	cdn.getblueshift.com	portrait-tracker.s3.amazonaws.com
1	cdn.jsdelivr.net	libertythroughwealth.com
1	code.jquery.com	libertythroughwealth.com
1	events-c.mb.wealthyretirement.com	1 redirects
137	76

This site contains links to these domains. Also see Links.

Domain
nicaclinic.org
e-10348.adzerk.net

Subject Issuer	Validity	Valid
libertythroughwealth.com R3	`2024-05-16` - `2024-08-14`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-22` - `2024-07-21`	3 months	crt.sh
lytics.io WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.getblueshift.com Amazon RSA 2048 M02	`2024-06-08` - `2025-07-06`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
accessibilityserver.org Amazon RSA 2048 M03	`2023-10-07` - `2024-11-03`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2024-05-07` - `2024-08-05`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon RSA 2048 M03	`2024-01-08` - `2025-02-04`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2024-06-29` - `2025-07-31`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-27` - `2024-09-24`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-08` - `2024-08-28`	2 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
storage.googleapis.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-15` - `2024-08-07`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.id5-sync.com E6	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
itm.ivitrack.com R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
digitalcontent.gfs.com Amazon RSA 2048 M02	`2024-06-13` - `2025-07-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Frame ID: 95DDA0164A6E383A3A53700E999EBBB0
Requests: 101 HTTP requests in this frame

Frame: https://portrait-tracker.s3.amazonaws.com/index.html
Frame ID: 579AE2B5B7731BCADC67618727DCDA64
Requests: 1 HTTP requests in this frame

Frame: https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait
Frame ID: 3A28BE1E3A2C3B358051EDAC67330D73
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=libertythroughwealth.com&origin=onetag
Frame ID: 3EC38A89BA05E75E993778FFF3E874B7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2C38D35239464729749F7E65E40BC617
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1F9F98F62E51C40341F093C96B0DD1F1
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-rT5yXjUtg-Gjw5TSR8_gt9b4gQblzTyfbenDew&google_cm&google_hm=ay1yVDV5WGpVdGctR2p3NVRTUjhfZ3Q5YjRnUWJselR5ZmJlbkRldw
Frame ID: 15264750CA04DB11158AE84BD1E8C798
Requests: 28 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/comments.php?app_id=555402891275842&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff465ddde2ee8251c%26domain%3Dlibertythroughwealth.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flibertythroughwealth.com%252Ff6bf5dc4672f63512%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Flibertythroughwealth.com%2F2024%2F06%2F21%2Fa-fathers-biggest-wish%2F&locale=en_US&numposts=10&sdk=joey&version=v2.5&width=
Frame ID: A46801870049D20D532FAADC79A8F323
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

This Father’s Biggest Wish

Page URL History Show full URLs

https://events-c.mb.wealthyretirement.com/z/so0ltq6p0n6h04?uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&txnid=94d24aee-856... HTTP 307
https://libertythroughwealth.com/webview/a-fathers-biggest-wish?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5... HTTP 301
https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

137
Requests

95 %
HTTPS

33 %
IPv6

59
Domains

76
Subdomains

74
IPs

9
Countries

4540 kB
Transfer

7200 kB
Size

54
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://nicaclinic.org/individual-donations/
Title: The Roberto Clemente Health Clinic

Search URL Search Domain Scan URL

URL: https://e-10348.adzerk.net/r?e=eyJ2IjoiMS4xMiIsImF2Ijo4OTcxOTUsImF0IjoxOCwiYnQiOjAsImNtIjo2MTQ1NzQyLCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjE0OTQ4Nzg5NCwiZGkiOiI1OTYzNGJhZjc4YjU0MDk1YWUyNTEyNjI0MGI0YWI2NyIsImRqIjowLCJpaSI6ImNkNTRkMjUxNzU4YjQ2MDViNzcxNDViOTAxY2JjMGQzIiwiZG0iOjMsImZjIjozMzExMDg0MzAsImZsIjoxNzU0MzUyOSwiaXAiOiI1NC4yMTEuMTg0LjEyNCIsImt3Ijoic3VwcG9ydCIsIm1rIjoic3VwcG9ydCIsIm53IjoxMDM0OCwicGMiOjUwLCJvcCI6NTAsIm1wIjo1MCwiZWMiOjAsImdtIjowLCJlcCI6bnVsbCwicHIiOjE3NTk4OSwicnQiOjUsInJzIjo1MDAsInNhIjoiNTUiLCJzYiI6ImktMDAwMGE4OGZkYWMzNzJmZmUiLCJzcCI6MjkwMTcwOSwic3QiOjExNTUxOTYsInRyIjp0cnVlLCJ1ayI6InVlMS1hNTlmMjg2MGZiN2E0MjY0Yjk2YmQ0ZjFjOTk4YjYyMyIsInRzIjoxNzIwOTEwOTQ4OTc3LCJwbiI6IklJbUtZWnhreWtJQWhmSm1rYlJEIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwiYmkiOjEsInR6IjoiVVRDIiwidXIiOm51bGx9&s=9i-cYdxXBupRKfodGvc8MaFOPLY&url=https%3A%2F%2Fpro.monumenttradersalliance.com%2Fm%2F2159008%3Fadz_e%3DeyJ2IjoiMS4xMiIsImF2Ijo4OTcxOTUsImF0IjoxOCwiYnQiOjAsImNtIjo2MTQ1NzQyLCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjE0OTQ4Nzg5NCwiZGkiOiI1OTYzNGJhZjc4YjU0MDk1YWUyNTEyNjI0MGI0YWI2NyIsImRqIjowLCJpaSI6ImNkNTRkMjUxNzU4YjQ2MDViNzcxNDViOTAxY2JjMGQzIiwiZG0iOjMsImZjIjozMzExMDg0MzAsImZsIjoxNzU0MzUyOSwiaXAiOiI1NC4yMTEuMTg0LjEyNCIsImt3Ijoic3VwcG9ydCIsIm1rIjoic3VwcG9ydCIsIm53IjoxMDM0OCwicGMiOjUwLCJvcCI6NTAsIm1wIjo1MCwiZWMiOjAsImdtIjowLCJlcCI6bnVsbCwicHIiOjE3NTk4OSwicnQiOjUsInJzIjo1MDAsInNhIjoiNTUiLCJzYiI6ImktMDAwMGE4OGZkYWMzNzJmZmUiLCJzcCI6MjkwMTcwOSwic3QiOjExNTUxOTYsInRyIjp0cnVlLCJ1ayI6InVlMS1hNTlmMjg2MGZiN2E0MjY0Yjk2YmQ0ZjFjOTk4YjYyMyIsInRzIjoxNzIwOTEwOTQ4OTc4LCJwbiI6IklJbUtZWnhreWtJQWhmSm1rYlJEIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwiYmkiOjEsInR6IjoiVVRDIiwiZXQiOjJ9%26adz_s%3DkTT5-RRsGcdxbIuHJ5t-kzwnYEQ
Title: support

Search URL Search Domain Scan URL

URL: https://e-10348.adzerk.net/r?e=eyJ2IjoiMS4xMiIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDIsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6MTY1Mzc0MzA1LCJkaSI6IjE3NzE0YzQ5YWU3ZTRhNTk5YmVmZmQzNzBkOTk3MTg3IiwiZGoiOjAsImlpIjoiY2RlZTBiMGQ5MzU3NDk1YjhmMmZjYWJjMzA3NTcyYzEiLCJkbSI6MywiZmMiOjM0ODIyMTEzMCwiZmwiOjE3NTQzNTI5LCJpcCI6IjMuMjM5Ljk2LjIwNSIsIm53IjoxMDM0OCwicGMiOjUwLCJvcCI6NTAsIm1wIjo1MCwiZHAiOjguOTczMTQ0LCJkbiI6OC45NzMxNDQsImRnIjo4Ljk3MzE0NCwiZWMiOjExLjgyODcyLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6IjU1Iiwic2IiOiJpLTAwMGJiMTY4ZWUyYmM4MjEzIiwic3AiOjEwMjI2MzksInN0IjoxMTU1MTk2LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtZGIwNWVjYjkwNzY0NDg0OWFlNDNkMTYyYWZhNzBjY2IiLCJ0cyI6MTcyMDkxMDk0ODA5MCwicG4iOiJzcGFjZWFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJ1ciI6bnVsbH0&s=AHgGp1rjWB7nyXepovo8h0tzaAg&bsft_lx=348221130&url=https%3A%2F%2Fpro.oxfordclub.com%2Fm%2F2199091%3Fadz_e%3DeyJ2IjoiMS4xMiIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDIsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6MTY1Mzc0MzA1LCJkaSI6IjE3NzE0YzQ5YWU3ZTRhNTk5YmVmZmQzNzBkOTk3MTg3IiwiZGoiOjAsImlpIjoiY2RlZTBiMGQ5MzU3NDk1YjhmMmZjYWJjMzA3NTcyYzEiLCJkbSI6MywiZmMiOjM0ODIyMTEzMCwiZmwiOjE3NTQzNTI5LCJpcCI6IjMuMjM5Ljk2LjIwNSIsIm53IjoxMDM0OCwicGMiOjUwLCJvcCI6NTAsIm1wIjo1MCwiZHAiOjguOTczMTQ0LCJkbiI6OC45NzMxNDQsImRnIjo4Ljk3MzE0NCwiZWMiOjExLjgyODcyLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6IjU1Iiwic2IiOiJpLTAwMGJiMTY4ZWUyYmM4MjEzIiwic3AiOjEwMjI2MzksInN0IjoxMTU1MTk2LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtZGIwNWVjYjkwNzY0NDg0OWFlNDNkMTYyYWZhNzBjY2IiLCJ0cyI6MTcyMDkxMDk0ODA5MSwicG4iOiJzcGFjZWFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJldCI6Mn0%26adz_s%3DoMOsasHtOZyQlQhiFWx7_Jb1rs0%26adz_p%3DEBRKZ57Z%26s3%3D1%26placement%3D1%26s4%3Dwebview%26s5%3Dblueshift%26s6%3D20240624_WR_Green
Title: The Ultimate Passive Income Play

Search URL Search Domain Scan URL

URL: https://e-10348.adzerk.net/r?e=eyJ2IjoiMS4xMiIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDIsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6MzkzNTE0MDcxLCJkaSI6IjE3NzE0YzQ5YWU3ZTRhNTk5YmVmZmQzNzBkOTk3MTg3IiwiZGoiOjEsImlpIjoiOWU1YmQzMjlkYjllNGFkODk0MDViNzM4NjczZWE4NTQiLCJkbSI6MywiZmMiOjU2OTM4NjYzOSwiZmwiOjE3NTQzNTI5LCJpcCI6IjMuMjM5Ljk2LjIwNSIsIm53IjoxMDM0OCwicGMiOjUwLCJvcCI6NTAsIm1wIjo1MCwiZHAiOjguODQwODAyLCJkbiI6OC44NDA4MDIsImRnIjo4Ljg0MDgwMiwiZWMiOjguOTYzMTQ0LCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6IjU1Iiwic2IiOiJpLTAwMGJiMTY4ZWUyYmM4MjEzIiwic3AiOjEwMjI2MzksInN0IjoxMTU1MTk2LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtZGIwNWVjYjkwNzY0NDg0OWFlNDNkMTYyYWZhNzBjY2IiLCJ0cyI6MTcyMDkxMDk0ODA5MywicG4iOiJzcGFjZWFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJ1ciI6bnVsbH0&s=XdFtjq9_WRUxe42mDfkfvqnZh-8&bsft_lx=569386639&url=https%3A%2F%2Fpro.monumenttradersalliance.com%2Fm%2F2336324%3Fadz_e%3DeyJ2IjoiMS4xMiIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDIsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6MzkzNTE0MDcxLCJkaSI6IjE3NzE0YzQ5YWU3ZTRhNTk5YmVmZmQzNzBkOTk3MTg3IiwiZGoiOjEsImlpIjoiOWU1YmQzMjlkYjllNGFkODk0MDViNzM4NjczZWE4NTQiLCJkbSI6MywiZmMiOjU2OTM4NjYzOSwiZmwiOjE3NTQzNTI5LCJpcCI6IjMuMjM5Ljk2LjIwNSIsIm53IjoxMDM0OCwicGMiOjUwLCJvcCI6NTAsIm1wIjo1MCwiZHAiOjguODQwODAyLCJkbiI6OC44NDA4MDIsImRnIjo4Ljg0MDgwMiwiZWMiOjguOTYzMTQ0LCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6IjU1Iiwic2IiOiJpLTAwMGJiMTY4ZWUyYmM4MjEzIiwic3AiOjEwMjI2MzksInN0IjoxMTU1MTk2LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtZGIwNWVjYjkwNzY0NDg0OWFlNDNkMTYyYWZhNzBjY2IiLCJ0cyI6MTcyMDkxMDk0ODA5MywicG4iOiJzcGFjZWFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJldCI6Mn0%26adz_s%3DztNFh3VGhSIUFxEXmZFcNq05F6g%26adz_p%3DEPSU46CF%26s3%3D2%26placement%3D2%26s4%3Dwebview%26s5%3Dblueshift%26s6%3D20240624_WR_Green
Title: Famous Georgia Trader Reveals #1 Trade On Monday, Monday, July 15

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://events-c.mb.wealthyretirement.com/z/so0ltq6p0n6h04?uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&txnid=94d24aee-856c-494d-a063-e02274a61e87&mid=8843fd79-83c1-4a10-8f45-ca7c78131614&utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_ek=2024-06-24T20:30:34Z&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE&bsft_mime_type=html&bsft_tv=9&bsft_lx=28 HTTP 307
https://libertythroughwealth.com/webview/a-fathers-biggest-wish?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE HTTP 301
https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=541065&time=1720910945867&url=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=541065&time=1720910945867&url=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&e_ipv6=AQJlfn22apEILQAAAZCuSR8GnbxZSY3u3KKhOugBr8fCLNyud1goMuTf94UHwvIJ56YDGbqy

Request Chain 74

https://sslwidget.criteo.com/event?a=55939&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=Rf07-18wMmxndGFsTFFMMDR1a2t0JTJGYUJlTGFlQjJVREpqJTJCbnYlMkZrZVBVU0JOMW14YWx2NFZ3VHNNbndmcVJqSkFWZTIxWG12a3BqRWJzJTJGQUx0OExVdTd0YTBrMkI4TnpyQkhoT2tadVBaJTJGVnNOakRNZ3FPJTJGeHBFMlUwV0JwNTI4Z3NSVnBoVEIlMkZtUkpzVHZoUjBXJTJCb1p1ZGFXakhPQlJsVGxmT1JUWFRlUmJFWWRjJTNE&sc=%7B%22fbp%22%3A%22fb.1.1720910945920.105745293428931783%22%7D&tld=libertythroughwealth.com&fu=https%253A%252F%252Flibertythroughwealth.com%252Fwebview%252Fa-fathers-biggest-wish%252F%253Fsrc%253Demail%2526bsft_aaid%253D782fb40b-7585-4cb2-b342-5e6bb6114589%2526bsft_eid%253Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%2526utm_medium%253Demail%2526utm_source%253Dblueshift%2526bsft_clkid%253D035fdadf-e01f-4ec9-a769-db6d2a16df8e%2526bsft_uid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%2526bsft_mid%253D8843fd79-83c1-4a10-8f45-ca7c78131614%2526bsft_txnid%253D94d24aee-856c-494d-a063-e02274a61e87%2526bsft_utid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%2526bsft_mime_type%253Dhtml%2526bsft_ek%253D2024-06-24T20%25253A30%25253A34Z%2526bsft_lx%253D28%2526bsft_tv%253D9%2526pk%253Db509e14c9b46959debc21bd642eb3f00%2526utm_campaign%253D20240624_WR_Green%2526vid2%253Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%2526listCode%253DWEALTHRE&ceid=83d1e45e-bc97-42f4-8175-dc90e52d2ab4 HTTP 302
https://widget.us.criteo.com/event?a=55939&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=Rf07-18wMmxndGFsTFFMMDR1a2t0JTJGYUJlTGFlQjJVREpqJTJCbnYlMkZrZVBVU0JOMW14YWx2NFZ3VHNNbndmcVJqSkFWZTIxWG12a3BqRWJzJTJGQUx0OExVdTd0YTBrMkI4TnpyQkhoT2tadVBaJTJGVnNOakRNZ3FPJTJGeHBFMlUwV0JwNTI4Z3NSVnBoVEIlMkZtUkpzVHZoUjBXJTJCb1p1ZGFXakhPQlJsVGxmT1JUWFRlUmJFWWRjJTNE&sc=%7B%22fbp%22%3A%22fb.1.1720910945920.105745293428931783%22%7D&tld=libertythroughwealth.com&fu=https%253A%252F%252Flibertythroughwealth.com%252Fwebview%252Fa-fathers-biggest-wish%252F%253Fsrc%253Demail%2526bsft_aaid%253D782fb40b-7585-4cb2-b342-5e6bb6114589%2526bsft_eid%253Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%2526utm_medium%253Demail%2526utm_source%253Dblueshift%2526bsft_clkid%253D035fdadf-e01f-4ec9-a769-db6d2a16df8e%2526bsft_uid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%2526bsft_mid%253D8843fd79-83c1-4a10-8f45-ca7c78131614%2526bsft_txnid%253D94d24aee-856c-494d-a063-e02274a61e87%2526bsft_utid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%2526bsft_mime_type%253Dhtml%2526bsft_ek%253D2024-06-24T20%25253A30%25253A34Z%2526bsft_lx%253D28%2526bsft_tv%253D9%2526pk%253Db509e14c9b46959debc21bd642eb3f00%2526utm_campaign%253D20240624_WR_Green%2526vid2%253Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%2526listCode%253DWEALTHRE&ceid=83d1e45e-bc97-42f4-8175-dc90e52d2ab4

Request Chain 87

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6546487627581125922

Request Chain 91

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x320wjUtg-Gjw5TSR8_gt9b4gQZlDQ7Oa13PMA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x320wjUtg-Gjw5TSR8_gt9b4gQZlDQ7Oa13PMA&C=1

Request Chain 92

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=1KdJtPEPyKtqaprK-LnIgZZ2cEbwCwtJ HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1KdJtPEPyKtqaprK-LnIgZZ2cEbwCwtJ

Request Chain 110

https://c1.adform.net/serving/cookie/match?party=10015&cid=k-IgHPlzUtg-Gjw5TSR8_gt9b4gQYXSAnHxB61bA HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-IgHPlzUtg-Gjw5TSR8_gt9b4gQYXSAnHxB61bA HTTP 302
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-IgHPlzUtg-Gjw5TSR8_gt9b4gQYXSAnHxB61bA&adform_v=1

Request Chain 111

https://sync.1rx.io/usersync/criteodsp/k-4Jx-EjUtg-Gjw5TSR8_gt9b4gQa5lgYLCkqw_g HTTP 302
https://sync.1rx.io/usersync/criteodsp/k-4Jx-EjUtg-Gjw5TSR8_gt9b4gQa5lgYLCkqw_g?zcc=1&cb=1720910947419 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fceecbb6-8743-44e7-a3c5-ddd3da05369f-003

137 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
libertythroughwealth.com/webview/a-fathers-biggest-wish/
Redirect Chain

https://events-c.mb.wealthyretirement.com/z/so0ltq6p0n6h04?uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&txnid=94d24aee-856c-494d-a063-e02274a61e87&mid=8843fd79-83c1-4a10-8f45-ca7c78131614&utid=7385b1cd...
https://libertythroughwealth.com/webview/a-fathers-biggest-wish?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=bl...
https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=b...

16 KB
4 KB

382ms
381ms

Document
text/html

18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5e2ed6b5f2472e1c1536aaddb38c624f2dffa7d5cdd98052f4a6620c624abd00

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: libertythroughwealth.com
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jul 2024 22:49:04 GMT
Server: nginx
Transfer-Encoding: chunked
X-Cache-Status: MISS

Redirect headers

Access-Control-Allow-Origin: libertythroughwealth.com
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jul 2024 22:49:03 GMT
Location: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Server: nginx
Transfer-Encoding: chunked
X-Cache-Status: MISS
X-Redirect-By: WordPress

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 155ms
48ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://libertythroughwealth.com/
Origin: https://libertythroughwealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2315515
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-mxp6934-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1720910945.572765,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 443855, 176274

GET
H/1.1 200
OK all.js Show response
portrait-tracker.s3.amazonaws.com/ 38 KB
38 KB 404ms
135ms Script
application/javascript 3.5.28.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/all.js
Requested by: Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.28.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0d442120d2b60deb30df02e017358ba9e8057e57af2a52aadaceb08200dc5118

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:05 GMT
x-amz-version-id: DJTsKKAXZAjX88yytY8IZ9oo.cyFutLW
Last-Modified: Tue, 12 Mar 2024 18:03:33 GMT
Server: AmazonS3
x-amz-request-id: PZR02NXAK5Z3PA9T
ETag: "7a4866af82b3d9c4147211938ab5004d"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 38527
x-amz-id-2: Dw61C2G/SUZcE9D2v3fqGZPMC/Ju36houDBedMzmm4KGMMGivL+cMTl4VNCJuizNePlz1Qdt80s9a8QPeQzRhy5DRXtmZI9zCarfcuOgTNQ=

GET
H2 200 foundation.min.css
cdn.jsdelivr.net/npm/foundation-sites@6.7.4/dist/css/ 132 KB
19 KB 145ms
48ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/foundation-sites@6.7.4/dist/css/foundation.min.css

Requested by

Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

229d6077e7d50edc21b4fbde98ddd834327691ca0c12f91e99a38ae42e1a9116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertythroughwealth.com/
Origin: https://libertythroughwealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jul 2024 22:49:04 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2827098
x-jsd-version: 6.7.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19194
x-served-by: cache-fra-eddf8230118-FRA, cache-mxp6971-MXP
x-jsd-version-type: version
etag: W/"20ef1-bhEYyg3UHPtQeklGmSXYZB57t6s"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK single-webview.css
libertythroughwealth.com/wp-content/plugins/og-plugins-webview/styles/ 1 KB
612 B 117ms
117ms Stylesheet
text/css 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://libertythroughwealth.com/wp-content/plugins/og-plugins-webview/styles/single-webview.css
Requested by: Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 607c6dfb3c8ebb75b9c2dea3bbcba23568b9d4ade5d59f17f4bca068b7a1c361

Request headers

Referer: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:04 GMT
Content-Encoding: br
Last-Modified: Wed, 09 Aug 2023 18:44:29 GMT
Server: nginx
ETag: W/"64d3de8d-426"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK LTWlogo.svg
libertythroughwealth.com/wp-content/uploads/2019/08/ 20 KB
20 KB 353ms
234ms Image
image/svg+xml 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libertythroughwealth.com/wp-content/uploads/2019/08/LTWlogo.svg
Requested by: Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d539ac631b4c533e6d77a8ba96acb173159ca2645c85c40ea308e91b7be92c6d

Request headers

Referer: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:04 GMT
Last-Modified: Fri, 30 Aug 2019 19:59:22 GMT
Server: nginx
ETag: "5d69801a-5075"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20597

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 130ms
41ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e6f5d1d79ddea4deaf100f96b051b42862e94c17899df41530ec9ddb444a3cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Jul 2024 22:49:04 GMT
content-md5: 4Ma8/tD2Ncohp4si8rXQ3Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: s4vyicckuapkjUnT89XACn58K3E/6Wi5z/PHAgj9qpYvlauqm0BjJwbsS2IgUfM/FE0ldtfSkkbhpjNSkV8Jrw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b43bed8947df57d92367018eb8b20aae
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "d47cd6db6f634db17adf3cf62672ee67"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 13 Jul 2024 22:56:52 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
86 KB 81ms
40ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3494d717fbe601acc2e1570806d351cb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

1ee5e2d9c15cd32353611a9b37b6207c61b77aa21952cec893475fc8445ac073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://libertythroughwealth.com/
Origin: https://libertythroughwealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Jul 2024 22:49:04 GMT
content-md5: JMjIxVOrt2ZSRK4UjjCeyw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87596
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4292, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: o+SvkDQHmCvHIBLNqI7EcaWhrmR3dwEiZJt6kXBngtgWvs/OWqoYIMSdaLseFeEngO9FFHQWMzyk7+gy5jwbew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6f48c54bf77c4631af37cfb1e1dded42
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "01bdfa98830326db2e23807960485fcd"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 13 Jul 2025 22:11:43 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/ 68 KB
23 KB 145ms
50ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b84647256daa900e5c30a9d2ce23df4ce10661b09173492210bf5448296fca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6527
last-modified: Sat, 13 Jul 2024 21:00:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k6SarlAIxbdiUFn69rOw3rnP3iDXhA%2BCmb%2FZFaKAsYJZ6WeR1gdLbPws4Up20znTLt2EQqEnQ%2F%2FOtJM3dewrvbl%2FmLWL4cGbAsO6WTwJsXZ5VyXoArWhGgFWH7n4NfC549ceC2y79EKC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: 300bb7fd00b2e75c46c573839ffe0bd7
cf-ray: 8a2cd2fec9cc9737-FRA

GET
H/1.1 200
OK blueshift.js Show response
cdn.getblueshift.com/ 6 KB
3 KB 126ms
40ms Script
application/javascript 18.239.36.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getblueshift.com/blueshift.js
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-125.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:28:26 GMT
Content-Encoding: gzip
Via: 1.1 809aab597f9b26cadc42a1c11dd373d8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS58-P2
Age: 1239
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2826
Last-Modified: Wed, 24 Jan 2024 03:44:50 GMT
Server: AmazonS3
ETag: "bd39fba69cd2745738daf44e0e350f6e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Accept-Ranges: bytes
X-Amz-Cf-Id: fZU4S1HhWU-cV_Ay3QktWmiNqsZA30tucDVHA9KXsXOarhSyOJanGQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 365 KB
109 KB 149ms
57ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e1f8a8f53687e0cf9b6201f86d8d7ad6123cb04f5ac19a4f636f9d0912822ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111094
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 22:49:05 GMT

GET
H/1.1 200
OK index.html
portrait-tracker.s3.amazonaws.com/ Frame 579A 0
0 368ms
134ms Document
text/html 16.182.99.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/index.html
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.99.209 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://libertythroughwealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Length: 2371
Content-Type: text/html
Date: Sat, 13 Jul 2024 22:49:06 GMT
ETag: "c029f674b13b082e9a03b16217c3f576"
Last-Modified: Wed, 03 Nov 2021 21:10:09 GMT
Server: AmazonS3
x-amz-id-2: 3cFujtp4rOotm2PuGSojmyk8bIpgw/cv3gqzD573WUfjtk2mhWtJie54qMQXf1vr1KBOCv3QOVg=
x-amz-request-id: 2NNAWVRP5Q1GFW6K
x-amz-version-id: X1zblgbOV1d.Qkc55AyQidmgNGbabuW5

GET
H2 200 widget.js Show response
accessibilityserver.org/ 2 KB
2 KB 169ms
50ms Script
application/javascript 143.204.9.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accessibilityserver.org/widget.js
Requested by: Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.9.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-30.mxp64.r.cloudfront.net
Software: CDN77-Turbo /
Resource Hash: 22308d41eb2f1ef808dfbff8a693c4fd7983e38ea27760ce729566d06c14ef4a

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 Jul 2024 22:34:02 GMT
via: 1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront), 1.1 3324a8ad97d1ad89d31d73e8b93b919a.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10, MXP64-C1
x-accel-date-max: 1720624648
x-amz-server-side-encryption: AES256
age: 1511
x-77-cache: HIT
x-cache: Hit from cloudfront
x-age: 1337
x-accel-date: 1720822700
x-77-nzt: EgwB1GY4tAH3OQUAAAwBJRPCLgH3BgAAAA
x-77-age: 1337
last-modified: Wed, 10 Jul 2024 15:11:03 GMT
server: CDN77-Turbo
x-77-nzt-ray: 6d204d11e21a2bdde5b09166c2f10a34
etag: W/"129978c84821c5891ed6d93b3559c79c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: ptc2wXK1ErDGiwWE-JEjsxImW1OtUFbcjlE-doQh0mTAkKjQeeVi0A==

GET
H2 200 d6523058-27ca-478b-9309-75a917eac054 Show response
c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/ 92 KB
15 KB 229ms
229ms Script
application/json 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/d6523058-27ca-478b-9309-75a917eac054?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22d6523058-27ca-478b-9309-75a917eac054%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_source%22%3A%22blueshift%22%2C%22utm_campaign%22%3A%2220240624_WR_Green%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22de-DE%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22libertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE%22%2C%22_v%22%3A%223.0.36%22%7D&ts=1720910945247&callback=u_920294253685377900

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e20a2d075247f3fa57cb7d15fa82659e0b31bc2d96f3023adfc89b5dfb9c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YBR9zRHqQT1ysnJ3W1SyJz9QULbG%2FAOHtkE3zW3gysVH2vy57B0sTsNKXcCwXKdLSYbM4UIJh8Vh54q5NI9l0XVpWIZ9n%2FLF0nBgMYK8JP4FLF5usoqzp90gct8np%2F6j6%2ByoUxsUYBzS"}],"group":"cf-nel","max_age":604800}
x-lytics-trace: ea2a5f596eda4d3fdd38a4dd6a3853b9
cf-ray: 8a2cd2ffeb399737-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
578 B 169ms
169ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&utm_medium=email&utm_source=blueshift&utm_campaign=20240624_WR_Green&_sesstart=1&_tz=2&_ul=de-DE&_sz=1600x1200&_ts=1720910945243&_nmob=t&_device=desktop&url=libertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&_v=3.0.36&_uid=d6523058-27ca-478b-9309-75a917eac054&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8fWr4lneuoVfoTJzUdQpXzQ5rNDRj9eVBefbYivqtbXZ63F%2FnjyxSEvY9RNTqX8mQ8wKxWFZk5Kw%2Fk4irH%2BooynvqjkwZKvqegOdHD41EwmdndQyDcnoL9VkHul3D%2FGYFfTc7PQS9CUX"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 85046f99b475cfc2ff1feb83fc374af3
cf-ray: 8a2cd2ffeb3b9737-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 widget_app_base_1720624136507.js Show response
cdn.userway.org/widgetapp/2024-07-10-15-08-56/ 154 KB
44 KB 152ms
40ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-07-10-15-08-56/widget_app_base_1720624136507.js
Requested by: Host: accessibilityserver.org
URL: https://accessibilityserver.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 49847a09c0dde66c1b3db7770411d1d0fbb89c01b8e9acd4606000d21f76a549

Request headers

Referer: https://libertythroughwealth.com/
Origin: https://libertythroughwealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 Jul 2024 22:49:05 GMT
via: 1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 49
x-amz-server-side-encryption: AES256
x-accel-date-max: 1720625258
x-77-cache: HIT
x-cache: HIT
x-age: 285687
x-accel-date: 1720625258
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBw7WvDgH391sEAAwBJRPCNAH3pQIAAA
x-accel-expires: @1746544581
x-77-age: 285687
last-modified: Wed, 10 Jul 2024 15:10:57 GMT
server: CDN77-Turbo
etag: W/"a64367dfbcc39d21b8794b26fad20c0b"
x-77-nzt-ray: 90833930693d1bc9610493664f491c20
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: z4LccvJSdIpsTriudyjqYP1RXyR2F44mV0S3LEKtiCQNN00kDInnww==

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
407 B 186ms
77ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3Dd6523058-27ca-478b-9309-75a917eac054%26account_id%3D9c32784e3cc4888a693a7988ad64c63d
Requested by: Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms: 29
date: Sat, 13 Jul 2024 22:49:05 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 27792
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-mxp6966-MXP
pragma: no-cache
server: nginx
x-timer: S1720910946.612566,VS0,VE29
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 GetBlueshiftUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 0
0 405ms
315ms Preflight
application/json 18.245.60.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetBlueshiftUserData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-50.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://libertythroughwealth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 3
content-type: application/json
date: Sat, 13 Jul 2024 22:49:05 GMT
via: 1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
x-amz-apigw-id: a32fWHFHIAMEvYQ=
x-amz-cf-id: t08U_rihLQ-9ucopMO9aApW1qQyrbtQ6J48a7rwGCE6X3q-GlGT1bg==
x-amz-cf-pop: FRA60-P5
x-amzn-requestid: 50b7b752-f028-47a9-ab80-51809cd78875
x-cache: Miss from cloudfront

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
101 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KH3K4WM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

89f3a1af4b1de4dab4e45a74c029b9fbfd2e52a274a195e94e5d7b55ce6be5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103242
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 22:49:05 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 205ms
65ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 13 Jul 2024 22:49:05 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C8C46E1B65064E57A3F5DA8910CE1ED8 Ref B: FRA31EDGE0721 Ref C: 2024-07-13T22:49:05Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H/1.1 200
OK lytics-styles.css
s3.amazonaws.com/assets.oxfordclub.com/css/global/ 445 KB
445 KB 385ms
140ms Stylesheet
text/css 54.231.236.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.236.64 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d1fff3160f71b6e05b833c32b3373aade8f3097895eba9327a8d2db8b984dba5

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:06 GMT
x-amz-version-id: 6xC.U1XOGWy9_7ASvdp3qsjlS_s5nzKN
Last-Modified: Fri, 12 Jul 2024 20:44:38 GMT
Server: AmazonS3
x-amz-request-id: 2NN449FKK2N8CQA4
ETag: "094d35e4503455abafb6ac8033841daf"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 455622
x-amz-id-2: AoVXqJO31WoAlGcClUZOsdR1+Rwg1uaXkbVj1cG2PZLrcMeRtntw4qkqcPaRBZ0FUqP2VO7Osos=

POST
H2 200 GetBlueshiftUserData Show response
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 8 KB
9 KB 681ms
679ms XHR
application/json 18.245.60.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetBlueshiftUserData
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-50.fra60.r.cloudfront.net
Software: /
Resource Hash: 2ac2c510361c71237255f178827dfe30a29827eec40a40e65f83d1106dd94b0a

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
via: 1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
x-amzn-trace-id: Root=1-66930462-231c732979fb840e11e946c9;Parent=622b7769062861fb;Sampled=0;lineage=1b8d1031:0
x-amzn-requestid: 9989ab24-c2ea-4c08-a62b-c97e97f0b8bd
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: a32fZG7qIAMEsNw=
content-length: 8535
x-amz-cf-id: 78LuRuOaMa3MuY1N66Dn9hFhBjdILYWjCgN12XKHWuChzETxnxH-3w==

POST
H2 200 portrait
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/ Frame 3A28 0
0 246ms
166ms Document
text/html 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://libertythroughwealth.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a2cd302cd1a4d5e-FRA
content-encoding: br
content-type: text/html
date: Sat, 13 Jul 2024 22:49:05 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYedWSJfExl5UzlKYxPZFb7mYK1VEG00qV9I0AF5lUDXbMZxQZCrNQ%2BdHblTgWNoOFiLyxoYAoBOs5AACcS%2F%2B4jy7KK17tTSJeJEhXPDjzof62YWw0ziIOB79%2BPCtF3MUVT0FH3f8VAI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000;
via: 1.1 google
x-lytics-trace: 02f5855596e3e6f758890a6e127a9dfb

POST
H2 200 ycrjEXSWMj Show response
api.userway.org/api/tunings/ 1 KB
2 KB 602ms
198ms XHR
application/json 2600:1f14:5db:eb22:3666:3d48:6c2b:699e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/ycrjEXSWMj
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-10-15-08-56/widget_app_base_1720624136507.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:3666:3d48:6c2b:699e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1c1f5174ac506c6b9d1274f504a97a600e524216bf1115f657c54a2f26b04a6d

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
etag: W/"537-fauI3nTFkXZxuLXAuxyvzlNKTbE"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr31dda18630c6419
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 1335
x-service-version: uw-pr

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 71ms
71ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-780277278&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH3K4WM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9f2ceec0f5ca09ce9d9bfac0da79786e3254cb3c8219d63c5fe48ae9165e56de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93213
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 22:49:05 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 135ms
39ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH3K4WM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220053-FRA

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 48ms
48ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-665056240&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH3K4WM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a89e8aba36c3d2fdd2d7b82b415bdc39b3ac082f6ee9a2ef25e7ee617ded84b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86699
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 22:49:05 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 28 KB
9 KB 128ms
40ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 195b49c1fbbf280599238e690f8a3c7e31c8608385a6ae21e90b0798baced2ea

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2024 07:06:19 GMT
Server: AkamaiNetStorage
ETag: "f0a2b8e957b7536ea57179b045ad847a:1718955959.776503"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8611
Expires: Sat, 13 Jul 2024 23:09:05 GMT

GET
H2 200 hotjar-1095827.js Show response
static.hotjar.com/c/ 9 KB
4 KB 196ms
87ms Script
application/javascript 108.139.243.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1095827.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.243.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-243-113.mxp63.r.cloudfront.net

Software

Resource Hash

b9590e9e6ea0a6de1b9144d5d827eb1ccf991443e84d394e2f9e531ae35a4703

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Jul 2024 22:49:05 GMT
via: 1.1 fd9162e6f81538cdbf24b7df628b2bc6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
etag: W/dd6923ecb78b017967d39370a6707ec1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: kFH17pZsubR2UD8QLfAPE9cGiD212TxrmSnLu-TTm5KN4vsgz6dizA==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 152ms
39ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2024 09:19:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=57195
accept-ranges: bytes
content-length: 14011

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 4 KB
2 KB 131ms
42ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=358487&u=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&r=0.8539370047384232
Requested by: Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra2 /
Resource Hash: cf0295bd69941bada66bfac6422a054a375119e6d6e8b296d473f9e878a72555

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: gzip
via: 1.1 google
server: gfra2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 50 KB
16 KB 192ms
90ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH3K4WM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

769c0c15b0505b178f3a245cd21b058c38f1bb0a091ccdfb83ea159bf9da10a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 03 Jul 2024 16:35:03 GMT
server: nginx
etag: W/"66857db7-c699"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Jul 2024 22:49:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
58 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Jul 2024 22:49:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=20, mss=1297, tbw=6605, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: mOI/Nf8x9CuY/djbYHy9RYGKsbuRalAcVMz/PityR4WC5x+Ic7pCqvW67XxVgQqcAlFOIEGJv3zZ2pYV9MMW9A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
7 KB 166ms
40ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 13 Jul 2024 22:19:34 GMT
x-amz-version-id: VxrPrcbofk65n9ysSCXrclM5xFIYS2A5
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: YB6CE5WR1NB7Q2YV
age: 1772
x-amz-server-side-encryption: AES256
content-length: 6672
x-amz-id-2: M2BgdeQ97OctpoWUy3f86X4c8rl/6J+U2kts5TRH7X8OeB8pKo0hcY4mxDSTsuwmMNyx+LePWxo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 15 Aug 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 10 Jul 2024 13:59:59 GMT
server: ATS
etag: "b4dc8f0803272db7e9c028b882573ba1-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
101 KB 79ms
79ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-31V1F7EGC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH3K4WM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

65e8d4b0492c92db72450d96a30e34ecd6d8d7c3805526d77626ff86c8be34bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103890
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jul 2024 22:49:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
39ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH3K4WM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Jul 2024 22:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1198
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 14 Jul 2024 00:29:07 GMT

GET
H2 200 15322609.js Show response
bat.bing.com/p/action/ 335 B
402 B 62ms
62ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15322609.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e6eae0251ff9d9602e618bd779c3c7234b243fb71da5afa4e502443e9c007bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 13 Jul 2024 22:49:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B5734959A6294BFCAD12ABBCA998B260 Ref B: FRA31EDGE0721 Ref C: 2024-07-13T22:49:05Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H3 200 2258146607802329 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 47ms
47ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2258146607802329?v=2.9.161&r=stable&domain=libertythroughwealth.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

6b6bf318fc149f2ea4adb11c840d3d1645d4b2ffadd88369800de88b8c5a06d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Jul 2024 22:49:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12448
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4326, tp=9, tpl=0, uplat=8, ullat=-1
pragma: public
x-fb-debug: QUSDJgYUCisVRRBiGndlUUyTuEIBxB/gP6hKSktcuAwHGl1GMqLkyMPC0btiewgXbsF/1N4PPtL0S4A/rILVJQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
524 B 382ms
124ms Ping
image/gif 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=004342177491680621&referrer=&cht=gtm&marketerId=0040752ca591876c6ab7eb366d24329d4d%2C00b7a913e0b9a7393b20d834711f3a1ceb&name=PAGE_VIEW&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, POST
content-type: image/gif;
access-control-allow-origin: https://libertythroughwealth.com
cache-control: no-cache
access-control-allow-credentials: true
x-traceid: 9f1f5d8ba623ee1e9b11e0b4980a9140
access-control-allow-headers: Content-Type, Authorization
content-length: 54

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 371ms
121ms Script
application/javascript 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=0040752ca591876c6ab7eb366d24329d4d,00b7a913e0b9a7393b20d834711f3a1ceb

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: b48219a7c2a3ba31cd0e74f6bfe859a9
content-length: 39
content-type: application/javascript

GET
H/1.1 200
OK 0040752ca591876c6ab7eb366d24329d4d Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 151ms
40ms Script
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/0040752ca591876c6ab7eb366d24329d4d

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-67.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Sat, 13 Jul 2024 22:49:05 GMT
ob-sent-time: 1720875435428
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
x-traceid: bfd441fb1bcd27c83991e8bcbf787bcc
Content-Length: 22
Expires: Sat, 13 Jul 2024 22:50:05 GMT

GET
H/1.1 200
OK 00b7a913e0b9a7393b20d834711f3a1ceb Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 149ms
40ms Script
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/00b7a913e0b9a7393b20d834711f3a1ceb

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-67.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Sat, 13 Jul 2024 22:49:05 GMT
ob-sent-time: 1720901895383
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
x-traceid: 9ad8fbf133cdd44e09f777fc2e27f265
Content-Length: 22
Expires: Sat, 13 Jul 2024 22:50:05 GMT

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 119ms
40ms Fetch
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:05 GMT
Observe-Browsing-Topics: ?1
Content-Type: text/html
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Content-Length: 26
Expires: Sat, 13 Jul 2024 23:09:05 GMT

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
143 B 129ms
128ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=358487&d=libertythroughwealth.com&u=D5637571FF2702617CC51C7369914B1B4&h=839face2bc128c5b226dfffbe3864df2&t=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 adsct
t.co/i/ 43 B
376 B 271ms
149ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=0c42d63d-cf35-422d-b15c-c365e9da15e1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2cab3e9d-edb2-4139-9ac4-e63edf861812&tw_document_href=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2hf4&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 102
date: Sat, 13 Jul 2024 22:49:05 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c420529815e8bedb
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 82945219d68fcbf49283316b4c74a10018cac40b1f9a48009103609062c365f6
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 319ms
233ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=0c42d63d-cf35-422d-b15c-c365e9da15e1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2cab3e9d-edb2-4139-9ac4-e63edf861812&tw_document_href=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2hf4&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 193
date: Sat, 13 Jul 2024 22:49:05 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 7e54215341786713
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 5dcced8e8b9613f89e568eaf080c0dae8dd75cff1320406f7524e72c3b7f3c58
content-length: 43

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
227 B 48ms
48ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1659440657&t=pageview&_s=1&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&ul=de-de&de=UTF-8&dt=This%20Father%E2%80%99s%20Biggest%20Wish&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=603008667&gjid=1638709313&cid=1805830912.1720910946&tid=UA-344672-29&_gid=4323697.1720910946&_r=1&_slc=1&gtm=45He4790n81KH3K4WMv830717925za200&cd3=&cd5=A%20Father%E2%80%99s%20Biggest%20Wish&cd6=Gustavo%20Adolfo%20Ibarra%20Mar%C3%ADn&cd7=June%2021%2C%202024&cd8=category%3ABeyond%20Wealth%7Cpost_tag%3Aclinic%7Cpost_tag%3Adonate%7Cpost_tag%3ANicaClinic%7Cpost_tag%3ANicaragua%7Cpost_tag%3Anonprofit%7C&cd9=_boz3uvzze1m&cd10=861f355a-256a-455c-99b1-00060d5a8652&cd11=1720910944970&cd12=clinic%7Cdonate%7Cnicaclinic%7Cnicaragua%7Cnonprofit%7C&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=1413544858

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8ad943c94c347363495dc8ccb723e347a136f8cab62e398528e389a7bfd611ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://libertythroughwealth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 314ms
196ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=541065&time=1720910945867&url=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FA6E4C4EBB6A4F87989CF57396FF50CF Ref B: FRAEDGE2018 Ref C: 2024-07-13T22:49:06Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYdKM2hcdxZLuonDz4uew==
x-fs-uuid: 00061d28cda171dc592eea270f3e2e7b

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=541065&time=1720910945867&url=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-75...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=541065&time=1720910945867&url=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7...

0
483 B

287ms
169ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=541065&time=1720910945867&url=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&e_ipv6=AQJlfn22apEILQAAAZCuSR8GnbxZSY3u3KKhOugBr8fCLNyud1goMuTf94UHwvIJ56YDGbqy
Requested by: Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: BC451F39275E4C21BC03EDDD6007699B Ref B: DUS30EDGE0809 Ref C: 2024-07-13T22:49:06Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lva1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYdKM2lFY6XVTlZg2j/3Q==

Redirect headers

date: Sat, 13 Jul 2024 22:49:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: EDE7993ABDD44E0781D552A30B9CA040 Ref B: FRAEDGE2020 Ref C: 2024-07-13T22:49:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=541065&time=1720910945867&url=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&e_ipv6=AQJlfn22apEILQAAAZCuSR8GnbxZSY3u3KKhOugBr8fCLNyud1goMuTf94UHwvIJ56YDGbqy
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYdKM2hFTS49vvtay81Og==

GET
H2 200 405446.json Show response
s.yimg.com/wi/config/ 2 B
465 B 121ms
42ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/405446.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 13 Jul 2024 22:43:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: K88KH88ZEEF1RHRB
age: 308
content-length: 2
x-amz-id-2: BrGl9FQAA9FIriLComitntHPaI2s0onkxaYLSiARwIcHXaP22xhMPFZOSPoGtCI2pBgLOXolq7E=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 138ms
47ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-31V1F7EGC9&gtm=45je4790v9129821282z8830717925za200zb830717925&_p=1720910944971&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1805830912.1720910946&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dr=&dt=A%20Father%E2%80%99s%20Biggest%20Wish&sid=1720910945&sct=1&seg=0&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&en=page_view&_fv=1&_ss=1&ep.author=Gustavo%20Adolfo%20Ibarra%20Mar%C3%ADn&ep.publish_date=June%2021%2C%202024&ep.taxonomy_list=category%3ABeyond%20Wealth%7Cpost_tag%3Aclinic%7Cpost_tag%3Adonate%7Cpost_tag%3ANicaClinic%7Cpost_tag%3ANicaragua%7Cpost_tag%3Anonprofit%7C&epn.timestamp=1720910944970&ep.page_tag_list=clinic%7Cdonate%7Cnicaclinic%7Cnicaragua%7Cnonprofit%7C&up.session_id=_boz3uvzze1m&up.client_id=861f355a-256a-455c-99b1-00060d5a8652&tfd=3278&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-31V1F7EGC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://libertythroughwealth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 221944698376158 Show response
connect.facebook.net/signals/config/ 6 KB
3 KB 44ms
44ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/221944698376158?v=2.9.161&r=stable&domain=libertythroughwealth.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C121%2C223%2C157%2C113%2C129%2C117%2C146

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

2ca7b36e1763fe947b955c52428a040e6de1777c985764a656a0b795595a7e52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Jul 2024 22:49:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2475
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=35, mss=1232, tbw=19574, tp=24, tpl=0, uplat=4, ullat=-1
pragma: public
x-fb-debug: 7yBkXN1PL7vHS4xRDrVTFjjyyGaLFf91G6yLCsK2Yp3FyfOqS06S8PjWwEocebujMDN32eA5uZAF53ATlB1bng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 128ms
42ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2258146607802329&ev=PageView&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910945921&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720910945920.105745293428931783&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2809, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Jul 2024 22:49:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 302ms
216ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2258146607802329&ev=PageView&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910945921&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720910945920.105745293428931783&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x04240cdc245fdd05","source_keys":["1","2"]},{"key_piece":"0x5b7154b3cd97a50f","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 13 Jul 2024 22:49:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391256234164754883", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=21, mss=1297, tbw=9916, tp=-1, tpl=-1, uplat=175, ullat=0
pragma: no-cache
x-fb-debug: qYteu2ZR+QmTwlh5YMXJbAt6t4/laXzEPe6G7NE7CmNAe+4QzVPsmV8j/oHJbbBo1VzJhu8EKQA/NiS5aY2n3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391256234164754883"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
92 KB 54ms
53ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-85799QV7CE&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b0d97848a9d49c741490c3f85715ee8370d4adb2725dd82ab0445c405ad968c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93806
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jul 2024 22:49:05 GMT

GET
H2 204 0
bat.bing.com/action/ 0
179 B 68ms
68ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15322609&Ver=2&mid=5e5958cd-4f47-43ed-88c6-407277b651fe&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=This%20Father%E2%80%99s%20Biggest%20Wish&p=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&r=&lt=2000&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=666397

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jul 2024 22:49:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 750AEC2D3FE94D18B147BC8ACCD92569 Ref B: FRA31EDGE0721 Ref C: 2024-07-13T22:49:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 131ms
45ms Script
application/javascript 13.227.219.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1095827.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-3.ams54.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1089479
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: A_tMRKqWU9hkXxpmiLKCbIqODW3P4eTqioWDyVBlEzGCI6UhmpgyWg==

GET
H2 200 syncframe
gum.criteo.com/ Frame 3EC3 0
0 134ms
45ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=libertythroughwealth.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://libertythroughwealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 22:49:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 311448
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 60ms
42ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=221944698376158&ev=PageView&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910945967&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=28&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2809, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Jul 2024 22:49:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 101ms
84ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=221944698376158&ev=PageView&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910945967&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=28&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 13 Jul 2024 22:49:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391256234297380734", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3526, tp=-1, tpl=-1, uplat=37, ullat=0
pragma: no-cache
x-fb-debug: cIDUvKywSSWjrR0HYtrxLZIxmRAwM/6Vj8HJnUxd7QhLA6AmP1HUcIhOG6I8jGa+CS5DZpf+Ix6QxKGFOPnteA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391256234297380734"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 42ms
41ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2258146607802329&ev=Lytics%20Audiences&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910945968&cd[external_id]=d6523058-27ca-478b-9309-75a917eac054&sw=1600&sh=1200&v=2.9.161&r=stable&ec=1&o=4126&fbp=fb.1.1720910945920.105745293428931783&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3255, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Jul 2024 22:49:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1017 B 216ms
215ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xd93accd00eb4939a","source_keys":["1","2"]},{"key_piece":"0xb3e9bc8680fed714","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 13 Jul 2024 22:49:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391256232859933478", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=21, mss=1297, tbw=11153, tp=-1, tpl=-1, uplat=169, ullat=1
pragma: no-cache
x-fb-debug: dLd8QfawZ70CD6IuzhQPrA7BmMfVETLwFg7XZHq3SRvClufkELAbXP35GqrUjwtAUIXgwbcmhtqm4LkNlNGSbw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391256232859933478"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 42ms
42ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=221944698376158&ev=Lytics%20Audiences&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910945968&cd[external_id]=d6523058-27ca-478b-9309-75a917eac054&sw=1600&sh=1200&v=2.9.161&r=stable&ec=1&o=28&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3371, tp=-1, tpl=-1, uplat=0, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Jul 2024 22:49:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1016 B 103ms
103ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 13 Jul 2024 22:49:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391256232712432019", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=19, mss=1297, tbw=6569, tp=-1, tpl=-1, uplat=62, ullat=0
pragma: no-cache
x-fb-debug: H0mpYum9qR5eBuy/JJTLDPnRqA2y5KrOSEBQoQGufsSrOErOqVK7ctVV6Yielo3essMiF4yHyseYVOuXgEp6fg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391256232712432019"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 176ms
176ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2258146607802329&ev=Lytics%20Audiences&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910945968&cd[suppression_active_subscribers_investme]=true&cd[wrp_video_modal]=true&cd[exclude_active_on_prhealth]=true&cd[libwealt_modal_target]=true&cd[wealthre_modal_target]=true&cd[proftrnd_lytics_modal]=true&cd[786_webinar_libwealt_modal_target]=true&cd[suppore]=true&cd[suppbrk]=true&cd[omt_launch_webinar_modal]=true&cd[suppress_tot_tot_lifetime_oxccc_tot19hot_and_mlb]=true&cd[suppress_oxc_owa_owa20hot]=true&cd[no_oxf_oxf19hot_agb_oxccc_oxcdc]=true&cd[exclude_active_pes_oxc]=true&cd[exclude_active_on_nmt_oxc]=true&cd[exclude_active_on_786hot20_oxc_786_agb]=true&cd[exclude_active_on_totwealt_oxc_mlb]=true&cd[exclude_active_ett_mab_oxc]=true&cd[exclude_active_on_mal_agb_oxc]=true&cd[exclude_active_on_oxc_786_agb_duplicate]=true&cd[tradeday_nonsubscribers]=true&cd[suppress_]=true&cd[suppress_cbp20hot_cbp_agb_oxc]=true&cd[suppress_all_osa20hot_active_osa_buyers_and_oxc_duplicate]=true&cd[suppress_325war_active]=true&cd[786_ipo_suppression]=true&cd[suppress_war_wax_woh]=true&cd[suppress_active_tbl21hot_tbl_mab_oxc]=true&cd[ly_unknown_email]=true&cd[suppress_ore_orl_mab_oxc]=true&cd[exclude_active_on_mwl]=true&cd[exclude_active_on_omt_agb_oxc]=true&cd[suppress_oxc]=true&cd[suppress_active_on_cbp_cbx_asb_asx_mxb]=true&cd[smt_new]=true&cd[default_anon_seg]=true&cd[suppress_active_on_nmt_mlb_and_oxc]=true&cd[suppress_war_wax]=true&cd[suppress_active_on_oxf_oxcdc_agb_and_oxccc]=true&cd[suppress_active_on_brk_oxc_dc_mlb_and_oxc_cc]=true&cd[suppress_active_on_mwl_asb_and_mxb]=true&cd[suppress_active_on_mwl_asb_mxb_and_oxc_cc]=true&cd[suppress_active_on_ata_and_oxc]=true&cd[suppress_active_on_mwl_mwx_or_if_known_email]=true&cd[suppress_mtd_mtx_asb_asx_mxb]=true&cd[suppress_war_wax_woh_and_wohtrial]=true&cd[exclude_active_on_wnm]=true&cd[suppress_oxf_oxl_agb_oxc_dc_and_oxc_cc]=true&cd[tot_fifty_0123]=true&cd[suppress_cbp_asb_mxb]=true&cd[suppress_299s23lv_buyers_or_oxc_active]=true&cd[suppress_299s23lv_buyers]=true&cd[suppress_299s23lv_buyers_dv]=true&cd[suppress_mlb_and_oxc_active]=true&cd[all_except_wealthre_suppressed]=true&cd[all]=true&cd[rbf_mxb_suppressed_]=true&cd[suppress_dpl_hotlist_suppress_dpl_subs]=true&cd[orc_experience_10eb16e2c7f7b4f4128310cc919434e0_decision]=true&cd[orc_experience_97e2f2ea1ff28a1db5a5d226d4d35dc5_decision]=true&cd[orc_experience_be8b450f6dfb2815f2eef05d3ca66f56_decision]=true&cd[orc_experience_38cddb36cbb25ff040b869c9b922d118_decision]=true&cd[orc_experience_ec46afc33ebb8902300228aad63baea2_decision]=true&cd[orc_experience_c594066e4a73ebc890931229a1c97611_decision]=true&cd[orc_experience_4e7a6bbab046b3883cbc178a27a9e94d_decision]=true&cd[orc_experience_dfcd2ca030ee3e5082344f92580596e5_decision]=true&cd[orc_experience_1c5ef2af5e76f9058f1e5bccf086035a_decision]=true&cd[orc_experience_d58acd2b5d11c170b338aca7d2d77a59_decision]=true&cd[orc_experience_7ae5efe8bba0fa7a33c21326b8db0758_decision]=true&cd[orc_experience_42698c34dddb90210d6064716afd5de7_decision]=true&cd[orc_experience_274930a410229dff3c0869dd5c9d5545_decision]=true&cd[orc_experience_43224cbec233e28646921beaa4270168_decision]=true&cd[orc_experience_31ba84a13887e6d8515276e97f31a84e_decision]=true&cd[orc_experience_4fbd970d62a9c0a700ce20e57837a412_decision]=true&cd[orc_experience_bb53ff30364af235a354dffae8fbef2c_decision]=true&cd[orc_experience_b51aa24e2059ccb207a29be07914079c_decision]=true&cd[orc_experience_90daef94fc6c805ef319ce463ddfc6b1_decision]=true&cd[orc_experience_20c7723bd092fd89a0cd66dbb1c3bb1a_decision]=true&cd[orc_experience_763e22fe7d26bb7e254ab44942f40713_decision]=true&cd[orc_experience_57dd6382546d6ee60c56af264047cf27_decision]=true&cd[orc_experience_773a8e0397d83fb205cde84c850217b4_decision]=true&cd[orc_experience_0d43044150ad966afe7e2f37fae75f1f_decision]=true&cd[orc_experience_00af6fe348d0e7bab2a3bfb65d85aaec_decision]=true&cd[orc_experience_fbb1042f654bea32157897dc77b93371_decision]=true&cd[orc_experience_28727308f4a1e7921a81180c7a4887b0_decision]=true&cd[orc_experience_87bafa8adeba0028497dee5920ff3aaf_decision]=true&cd[orc_experience_cee5d767a8126200f6f00c967a06c933_decision]=true&cd[orc_experience_574398b8cc1bfccd9d9075d366961a24_decision]=true&cd[orc_experience_658470c9c357ab5b65925c31cef4cb9d_decision]=true&cd[orc_experience_db1cf70b782b3cfc95d7637749c89713_decision]=true&cd[orc_experience_764f3fcd872129e61cc81bde726af0cb_decision]=true&cd[orc_experience_cfe22eb7c324cdb4c2ec593c993a69aa_decision]=true&cd[orc_experience_89c9bc423bc2c09a1e727dc0c39420fb_decision]=true&cd[orc_experience_570a1dc9e3169262d52e090116fcc189_decision]=true&cd[orc_experience_c0354e88aec23f66740738829bdb4d85_decision]=true&cd[orc_experience_039dff1b122103fd2efc1f38a2f90f02_decision]=true&cd[orc_experience_59045656fae6b70f8c168c1153cd2362_decision]=true&cd[orc_experience_53f3081d74832a181887cc9b7e944f95_decision]=true&cd[orc_experience_476eeeac190f7c3bc9aa83a00c5b60cc_decision]=true&cd[orc_experience_f8290a990220111057cb44939e14044d_decision]=true&cd[orc_experience_b31d441abd55fb5e869273b752703c52_decision]=true&cd[orc_experience_4ac0348d7c9f78738c719d3ca364aeac_decision]=true&cd[orc_experience_40d2acddf975d95d3669d6875a02de1d_decision]=true&cd[orc_experience_83c2457d7d72316da3c54fed4a0f4c55_decision]=true&cd[orc_experience_538b46bfcee11603083cb98dc464bff8_decision]=true&sw=1600&sh=1200&v=2.9.161&r=stable&ec=2&o=4126&fbp=fb.1.1720910945920.105745293428931783&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xd93accd00eb4939a","source_keys":["1","2"]},{"key_piece":"0xb3e9bc8680fed714","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 13 Jul 2024 22:49:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391256234334380442", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=21, mss=1297, tbw=8647, tp=-1, tpl=-1, uplat=108, ullat=0
pragma: no-cache
x-fb-debug: Shixaq6i3JNuXVhB2JqP2Lhg2XAjM5+NnBz86GwKzNFinpHoBhH6sXfIeLW/CH4/cjQEw9UxRAqhOCJPBBoXwQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391256234334380442"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1018 B 107ms
106ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=221944698376158&ev=Lytics%20Audiences&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910945974&cd[suppression_active_subscribers_investme]=true&cd[wrp_video_modal]=true&cd[exclude_active_on_prhealth]=true&cd[libwealt_modal_target]=true&cd[wealthre_modal_target]=true&cd[proftrnd_lytics_modal]=true&cd[786_webinar_libwealt_modal_target]=true&cd[suppore]=true&cd[suppbrk]=true&cd[omt_launch_webinar_modal]=true&cd[suppress_tot_tot_lifetime_oxccc_tot19hot_and_mlb]=true&cd[suppress_oxc_owa_owa20hot]=true&cd[no_oxf_oxf19hot_agb_oxccc_oxcdc]=true&cd[exclude_active_pes_oxc]=true&cd[exclude_active_on_nmt_oxc]=true&cd[exclude_active_on_786hot20_oxc_786_agb]=true&cd[exclude_active_on_totwealt_oxc_mlb]=true&cd[exclude_active_ett_mab_oxc]=true&cd[exclude_active_on_mal_agb_oxc]=true&cd[exclude_active_on_oxc_786_agb_duplicate]=true&cd[tradeday_nonsubscribers]=true&cd[suppress_]=true&cd[suppress_cbp20hot_cbp_agb_oxc]=true&cd[suppress_all_osa20hot_active_osa_buyers_and_oxc_duplicate]=true&cd[suppress_325war_active]=true&cd[786_ipo_suppression]=true&cd[suppress_war_wax_woh]=true&cd[suppress_active_tbl21hot_tbl_mab_oxc]=true&cd[ly_unknown_email]=true&cd[suppress_ore_orl_mab_oxc]=true&cd[exclude_active_on_mwl]=true&cd[exclude_active_on_omt_agb_oxc]=true&cd[suppress_oxc]=true&cd[suppress_active_on_cbp_cbx_asb_asx_mxb]=true&cd[smt_new]=true&cd[default_anon_seg]=true&cd[suppress_active_on_nmt_mlb_and_oxc]=true&cd[suppress_war_wax]=true&cd[suppress_active_on_oxf_oxcdc_agb_and_oxccc]=true&cd[suppress_active_on_brk_oxc_dc_mlb_and_oxc_cc]=true&cd[suppress_active_on_mwl_asb_and_mxb]=true&cd[suppress_active_on_mwl_asb_mxb_and_oxc_cc]=true&cd[suppress_active_on_ata_and_oxc]=true&cd[suppress_active_on_mwl_mwx_or_if_known_email]=true&cd[suppress_mtd_mtx_asb_asx_mxb]=true&cd[suppress_war_wax_woh_and_wohtrial]=true&cd[exclude_active_on_wnm]=true&cd[suppress_oxf_oxl_agb_oxc_dc_and_oxc_cc]=true&cd[tot_fifty_0123]=true&cd[suppress_cbp_asb_mxb]=true&cd[suppress_299s23lv_buyers_or_oxc_active]=true&cd[suppress_299s23lv_buyers]=true&cd[suppress_299s23lv_buyers_dv]=true&cd[suppress_mlb_and_oxc_active]=true&cd[all_except_wealthre_suppressed]=true&cd[all]=true&cd[rbf_mxb_suppressed_]=true&cd[suppress_dpl_hotlist_suppress_dpl_subs]=true&cd[orc_experience_10eb16e2c7f7b4f4128310cc919434e0_decision]=true&cd[orc_experience_97e2f2ea1ff28a1db5a5d226d4d35dc5_decision]=true&cd[orc_experience_be8b450f6dfb2815f2eef05d3ca66f56_decision]=true&cd[orc_experience_38cddb36cbb25ff040b869c9b922d118_decision]=true&cd[orc_experience_ec46afc33ebb8902300228aad63baea2_decision]=true&cd[orc_experience_c594066e4a73ebc890931229a1c97611_decision]=true&cd[orc_experience_4e7a6bbab046b3883cbc178a27a9e94d_decision]=true&cd[orc_experience_dfcd2ca030ee3e5082344f92580596e5_decision]=true&cd[orc_experience_1c5ef2af5e76f9058f1e5bccf086035a_decision]=true&cd[orc_experience_d58acd2b5d11c170b338aca7d2d77a59_decision]=true&cd[orc_experience_7ae5efe8bba0fa7a33c21326b8db0758_decision]=true&cd[orc_experience_42698c34dddb90210d6064716afd5de7_decision]=true&cd[orc_experience_274930a410229dff3c0869dd5c9d5545_decision]=true&cd[orc_experience_43224cbec233e28646921beaa4270168_decision]=true&cd[orc_experience_31ba84a13887e6d8515276e97f31a84e_decision]=true&cd[orc_experience_4fbd970d62a9c0a700ce20e57837a412_decision]=true&cd[orc_experience_bb53ff30364af235a354dffae8fbef2c_decision]=true&cd[orc_experience_b51aa24e2059ccb207a29be07914079c_decision]=true&cd[orc_experience_90daef94fc6c805ef319ce463ddfc6b1_decision]=true&cd[orc_experience_20c7723bd092fd89a0cd66dbb1c3bb1a_decision]=true&cd[orc_experience_763e22fe7d26bb7e254ab44942f40713_decision]=true&cd[orc_experience_57dd6382546d6ee60c56af264047cf27_decision]=true&cd[orc_experience_773a8e0397d83fb205cde84c850217b4_decision]=true&cd[orc_experience_0d43044150ad966afe7e2f37fae75f1f_decision]=true&cd[orc_experience_00af6fe348d0e7bab2a3bfb65d85aaec_decision]=true&cd[orc_experience_fbb1042f654bea32157897dc77b93371_decision]=true&cd[orc_experience_28727308f4a1e7921a81180c7a4887b0_decision]=true&cd[orc_experience_87bafa8adeba0028497dee5920ff3aaf_decision]=true&cd[orc_experience_cee5d767a8126200f6f00c967a06c933_decision]=true&cd[orc_experience_574398b8cc1bfccd9d9075d366961a24_decision]=true&cd[orc_experience_658470c9c357ab5b65925c31cef4cb9d_decision]=true&cd[orc_experience_db1cf70b782b3cfc95d7637749c89713_decision]=true&cd[orc_experience_764f3fcd872129e61cc81bde726af0cb_decision]=true&cd[orc_experience_cfe22eb7c324cdb4c2ec593c993a69aa_decision]=true&cd[orc_experience_89c9bc423bc2c09a1e727dc0c39420fb_decision]=true&cd[orc_experience_570a1dc9e3169262d52e090116fcc189_decision]=true&cd[orc_experience_c0354e88aec23f66740738829bdb4d85_decision]=true&cd[orc_experience_039dff1b122103fd2efc1f38a2f90f02_decision]=true&cd[orc_experience_59045656fae6b70f8c168c1153cd2362_decision]=true&cd[orc_experience_53f3081d74832a181887cc9b7e944f95_decision]=true&cd[orc_experience_476eeeac190f7c3bc9aa83a00c5b60cc_decision]=true&cd[orc_experience_f8290a990220111057cb44939e14044d_decision]=true&cd[orc_experience_b31d441abd55fb5e869273b752703c52_decision]=true&cd[orc_experience_4ac0348d7c9f78738c719d3ca364aeac_decision]=true&cd[orc_experience_40d2acddf975d95d3669d6875a02de1d_decision]=true&cd[orc_experience_83c2457d7d72316da3c54fed4a0f4c55_decision]=true&cd[orc_experience_538b46bfcee11603083cb98dc464bff8_decision]=true&sw=1600&sh=1200&v=2.9.161&r=stable&ec=2&o=28&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 13 Jul 2024 22:49:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391256232405313219", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=21, mss=1297, tbw=7607, tp=-1, tpl=-1, uplat=38, ullat=0
pragma: no-cache
x-fb-debug: Iu+J9vBB2rQ3mILKG+2Nof0VqeJSfSw+1/PO3b2/sdqj622AAsw2aISgXv0OkBORoMByhrBycHV+uO2ZjY0M6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391256232405313219"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame 2C38 0
0 116ms
40ms Document
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://libertythroughwealth.com
Referer: https://libertythroughwealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://libertythroughwealth.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 22:49:06 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=0

POST
H2 200 /
www.facebook.com/tr/ Frame 1F9F 0
0 153ms
77ms Document
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://libertythroughwealth.com
Referer: https://libertythroughwealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://libertythroughwealth.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 22:49:06 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3124, tp=-1, tpl=-1, uplat=38, ullat=38

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 103 KB
22 KB 52ms
52ms Script
text/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Sat, 13 Jul 2024 22:36:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 765
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lBe45C%2Bum9xj%2Br%2B8zOr5hdRCHpbh0d7MCpf7k7rx3C6JaT21yNpTZJmz%2BCXn6K7TXNTCEBlnYCrTFiGouZeEGg1DeGsoqGFG3xtJAKBcg7iKcWZaVeXrepdHBA55Y2eUU9XL6djW%2BNqA"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8a2cd3048fa89737-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 54ms
48ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-85799QV7CE&gtm=45je4790v9131193576za200&_p=1720910944971&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=1805830912.1720910946&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&dt=This%20Father%E2%80%99s%20Biggest%20Wish&sid=1720910946&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_5=A%20Father%E2%80%99s%20Biggest%20Wish&ep.ua_dimension_6=Gustavo%20Adolfo%20Ibarra%20Mar%C3%ADn&ep.ua_dimension_7=June%2021%2C%202024&ep.ua_dimension_8=category%3ABeyond%20Wealth%7Cpost_tag%3Aclinic%7Cpost_tag%3Adonate%7Cpost_tag%3ANicaClinic%7Cpost_tag%3ANicaragua%7Cpost_tag%3Anonprofit%7C&ep.ua_dimension_9=_boz3uvzze1m&ep.ua_dimension_10=861f355a-256a-455c-99b1-00060d5a8652&ep.ua_dimension_11=1720910944970&ep.ua_dimension_12=clinic%7Cdonate%7Cnicaclinic%7Cnicaragua%7Cnonprofit%7C&tfd=3382&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-85799QV7CE&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://libertythroughwealth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 151ms
49ms Ping
text/plain 2a00:1450:400c:c1f::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-85799QV7CE&cid=1805830912.1720910946&gtm=45je4790v9131193576za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-85799QV7CE&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://libertythroughwealth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 100ms
51ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-85799QV7CE&cid=1805830912.1720910946&gtm=45je4790v9131193576za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3&npa=1&frm=0&z=155348387

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
500 B 203ms
74ms Image
image/gif 3.255.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2013%20Jul%202024%2022%3A49%3A06%20GMT&n=-2d&b=This%20Father%E2%80%99s%20Biggest%20Wish&.yp=405446&f=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&enc=UTF-8&yv=1.16.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.255.41.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:06 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.121
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 13 Jul 2024 22:49:06 GMT

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 52ms
52ms Stylesheet
text/css 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Sat, 13 Jul 2024 22:08:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2407
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dW46E3OLoxnWG1wx%2Ffx2oPcLlWopq%2FAuAUGKsTLPp7UcwVBsR7gVppKbqdkIvxBH4mhc5uvQeyMydNgqJaa4CU0OWSr8lIqIUxw%2Frgp0Qzxo6iSWdIgNap7okKk4eLxabVY8P7zgNhv9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8a2cd304eff59737-FRA

GET
H2 200 lytics_overrides.min.css
storage.googleapis.com/lioservices/2470-oxford-club/ 602 B
1 KB 132ms
40ms Stylesheet
text/css 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:01:22 GMT
age: 2864
x-guploader-uploadid: ACJd0NrwLYD3sEfkAaI5qrwrZd8bYEdyuzv134vHTTJWgCatfrni9byMDOoxYbUpnqbrZGwDZj4ufT8UiQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602
last-modified: Thu, 04 Oct 2018 21:47:26 GMT
server: UploadServer
etag: "9df2d5ae6031369aa6e0f3685608cd8c"
x-goog-generation: 1538689646128559
x-goog-hash: crc32c=VZEimQ==, md5=nfLVrmAxNpqm4PNoVgjNjA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 602
accept-ranges: bytes
content-type: text/css
expires: Sat, 13 Jul 2024 23:01:22 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=55939&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=Rf07-18wMmxndGFsTFFMMDR1a2t0JTJGYUJlTGFlQjJVREpqJTJCbnYlMkZrZVBVU0JOMW14YWx2N...
https://widget.us.criteo.com/event?a=55939&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=Rf07-18wMmxndGFsTFFMMDR1a2t0JTJGYUJlTGFlQjJVREpqJTJCbnYlMkZrZVBVU0JOMW14YWx2N...

10 KB
5 KB

389ms
142ms

Script
application/x-javascript

74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=55939&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=Rf07-18wMmxndGFsTFFMMDR1a2t0JTJGYUJlTGFlQjJVREpqJTJCbnYlMkZrZVBVU0JOMW14YWx2NFZ3VHNNbndmcVJqSkFWZTIxWG12a3BqRWJzJTJGQUx0OExVdTd0YTBrMkI4TnpyQkhoT2tadVBaJTJGVnNOakRNZ3FPJTJGeHBFMlUwV0JwNTI4Z3NSVnBoVEIlMkZtUkpzVHZoUjBXJTJCb1p1ZGFXakhPQlJsVGxmT1JUWFRlUmJFWWRjJTNE&sc=%7B%22fbp%22%3A%22fb.1.1720910945920.105745293428931783%22%7D&tld=libertythroughwealth.com&fu=https%253A%252F%252Flibertythroughwealth.com%252Fwebview%252Fa-fathers-biggest-wish%252F%253Fsrc%253Demail%2526bsft_aaid%253D782fb40b-7585-4cb2-b342-5e6bb6114589%2526bsft_eid%253Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%2526utm_medium%253Demail%2526utm_source%253Dblueshift%2526bsft_clkid%253D035fdadf-e01f-4ec9-a769-db6d2a16df8e%2526bsft_uid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%2526bsft_mid%253D8843fd79-83c1-4a10-8f45-ca7c78131614%2526bsft_txnid%253D94d24aee-856c-494d-a063-e02274a61e87%2526bsft_utid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%2526bsft_mime_type%253Dhtml%2526bsft_ek%253D2024-06-24T20%25253A30%25253A34Z%2526bsft_lx%253D28%2526bsft_tv%253D9%2526pk%253Db509e14c9b46959debc21bd642eb3f00%2526utm_campaign%253D20240624_WR_Green%2526vid2%253Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%2526listCode%253DWEALTHRE&ceid=83d1e45e-bc97-42f4-8175-dc90e52d2ab4

Requested by

Protocol

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ac0323103caeb3e19d3ecd23aa5faee9641aa1ea57c29d623e0bc89fe8df697f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 20120494
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=55939&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=Rf07-18wMmxndGFsTFFMMDR1a2t0JTJGYUJlTGFlQjJVREpqJTJCbnYlMkZrZVBVU0JOMW14YWx2NFZ3VHNNbndmcVJqSkFWZTIxWG12a3BqRWJzJTJGQUx0OExVdTd0YTBrMkI4TnpyQkhoT2tadVBaJTJGVnNOakRNZ3FPJTJGeHBFMlUwV0JwNTI4Z3NSVnBoVEIlMkZtUkpzVHZoUjBXJTJCb1p1ZGFXakhPQlJsVGxmT1JUWFRlUmJFWWRjJTNE&sc=%7B%22fbp%22%3A%22fb.1.1720910945920.105745293428931783%22%7D&tld=libertythroughwealth.com&fu=https%253A%252F%252Flibertythroughwealth.com%252Fwebview%252Fa-fathers-biggest-wish%252F%253Fsrc%253Demail%2526bsft_aaid%253D782fb40b-7585-4cb2-b342-5e6bb6114589%2526bsft_eid%253Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%2526utm_medium%253Demail%2526utm_source%253Dblueshift%2526bsft_clkid%253D035fdadf-e01f-4ec9-a769-db6d2a16df8e%2526bsft_uid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%2526bsft_mid%253D8843fd79-83c1-4a10-8f45-ca7c78131614%2526bsft_txnid%253D94d24aee-856c-494d-a063-e02274a61e87%2526bsft_utid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%2526bsft_mime_type%253Dhtml%2526bsft_ek%253D2024-06-24T20%25253A30%25253A34Z%2526bsft_lx%253D28%2526bsft_tv%253D9%2526pk%253Db509e14c9b46959debc21bd642eb3f00%2526utm_campaign%253D20240624_WR_Green%2526vid2%253Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%2526listCode%253DWEALTHRE&ceid=83d1e45e-bc97-42f4-8175-dc90e52d2ab4
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 8876838
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/ 197 KB
14 KB 57ms
57ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

982f7da2aafd4a951d511eb60f4e2c35014500710c959c1dd0ec6fe48b33a24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4661
last-modified: Sat, 13 Jul 2024 21:31:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1J87yhpNAuRnerLBDwdXl8B4XnMZQJpgY4Kr76hFX4jffZHKU9%2FuA5zF7UwV%2BUwyJzzJP8G3p4%2FxRVdo0efIFvAZt8%2Fr0i0IcqNxZYsq3nCCnEFTSUgLSRFRiZUZbhxqhWoTvA9ozxr6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: d1103786c02bb42b7f313351c5446ff7
cf-ray: 8a2cd305b8b29737-FRA

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-07-10-15-08-56/locales/ 621 B
1 KB 70ms
68ms XHR
application/json 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-07-10-15-08-56/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-10-15-08-56/widget_app_base_1720624136507.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 Jul 2024 22:49:06 GMT
via: 1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 293
x-amz-server-side-encryption: AES256
x-accel-date-max: 1720625261
x-77-cache: HIT
x-cache: HIT
x-age: 285685
x-accel-date: 1720625261
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBw7WvDgH39VsEAAwBnJIhJwH3cwIAAA
x-accel-expires: @1746544634
x-77-age: 285685
last-modified: Wed, 10 Jul 2024 15:10:57 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: 90833930693d1bc962049366b6d9bf11
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 9XgtgUeou7dO9QUfW4lW-Rt0d-Sypp-3rO1xFFvrYeCBaOeA9hPeaQ==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
416 B 164ms
163ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Jul 2024 22:49:05 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C6CE1B91F5304794AE92C6B76B1F6D71 Ref B: FRAEDGE2020 Ref C: 2024-07-13T22:49:06Z
linkedin-action: 1
vary: Origin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
access-control-allow-origin: https://libertythroughwealth.com
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYdKM2nt8Oy7ttr7wZiWg==

POST
H2 200 GetLyticsUserData Show response
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 47 KB
48 KB 349ms
348ms XHR
application/json 18.245.60.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-50.fra60.r.cloudfront.net
Software: /
Resource Hash: 8c0b4bf78f5d5e518bc635922a118e570a8ba20262b026e40f12ca4d572c2b96

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Jul 2024 22:49:07 GMT
via: 1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
x-amzn-trace-id: Root=1-66930463-3503284473d207791d5897cb;Parent=5bfe8fc884cf07aa;Sampled=0;lineage=17be0e8a:0
x-amzn-requestid: e0d7ef7d-68bb-41f4-b35b-b5504114a040
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: a32fhFfYIAMEGpQ=
content-length: 48599
x-amz-cf-id: 3oWXzJ9zWIzZ9RS0uaOhZtQ939jrNxZ2sI46jr0t3k3DSTpj2gGRlg==

OPTIONS
H2 200 GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 0
0 313ms
313ms Preflight
application/json 18.245.60.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-50.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://libertythroughwealth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 3
content-type: application/json
date: Sat, 13 Jul 2024 22:49:06 GMT
via: 1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
x-amz-apigw-id: a32fgG76oAMEGJA=
x-amz-cf-id: E55bHBCxcV_wDvOPxVqL-J32SdPK5H2KqEwAb8IfvTQnzn3GSggU8w==
x-amz-cf-pop: FRA60-P5
x-amzn-requestid: 717c3c09-35d9-4afa-a45c-678c5b3ec7b7
x-cache: Miss from cloudfront

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
451 B 164ms
164ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?email=suspect%40safeonweb.be&_ts=1720910946705&_nmob=t&_device=desktop&url=libertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&_ga=GA1.1.1805830912.1720910946&_uid=d6523058-27ca-478b-9309-75a917eac054&_v=3.0.36&_uido=d6523058-27ca-478b-9309-75a917eac054

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xoj2gvrKYBP3ul8nCL9Ju3QIy7EpLzQeU9aaKqkFM5AEg%2F0bPxIXvonXzQgphQ1r6GZ4nGjDF7aazT2gm2N84RNzymlGgO1H10%2BEtFBr%2FBYwFF7s%2BCHz%2FxJe7%2Fd1tj%2B8ZNqXxYTiPq8x"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 38850cab713adba01c0df63c3b9222f4
cf-ray: 8a2cd3090c129737-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 register-trigger
measurement-api.criteo.com/ 0
0 143ms
47ms Fetch 2a02:2638:3::19
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://measurement-api.criteo.com/register-trigger?partner_id=55939&uid=c0f73175-66a5-447e-b6e3-339831e67e16&event_name=Page&islcc=0&amount_local=0&amount_euro=0&client_side_event_id=83d1e45e-bc97-42f4-8175-dc90e52d2ab4

Requested by

Host: sslwidget.criteo.com
URL: https://sslwidget.criteo.com/event?a=55939&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=Rf07-18wMmxndGFsTFFMMDR1a2t0JTJGYUJlTGFlQjJVREpqJTJCbnYlMkZrZVBVU0JOMW14YWx2NFZ3VHNNbndmcVJqSkFWZTIxWG12a3BqRWJzJTJGQUx0OExVdTd0YTBrMkI4TnpyQkhoT2tadVBaJTJGVnNOakRNZ3FPJTJGeHBFMlUwV0JwNTI4Z3NSVnBoVEIlMkZtUkpzVHZoUjBXJTJCb1p1ZGFXakhPQlJsVGxmT1JUWFRlUmJFWWRjJTNE&sc=%7B%22fbp%22%3A%22fb.1.1720910945920.105745293428931783%22%7D&tld=libertythroughwealth.com&fu=https%253A%252F%252Flibertythroughwealth.com%252Fwebview%252Fa-fathers-biggest-wish%252F%253Fsrc%253Demail%2526bsft_aaid%253D782fb40b-7585-4cb2-b342-5e6bb6114589%2526bsft_eid%253Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%2526utm_medium%253Demail%2526utm_source%253Dblueshift%2526bsft_clkid%253D035fdadf-e01f-4ec9-a769-db6d2a16df8e%2526bsft_uid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%2526bsft_mid%253D8843fd79-83c1-4a10-8f45-ca7c78131614%2526bsft_txnid%253D94d24aee-856c-494d-a063-e02274a61e87%2526bsft_utid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%2526bsft_mime_type%253Dhtml%2526bsft_ek%253D2024-06-24T20%25253A30%25253A34Z%2526bsft_lx%253D28%2526bsft_tv%253D9%2526pk%253Db509e14c9b46959debc21bd642eb3f00%2526utm_campaign%253D20240624_WR_Green%2526vid2%253Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%2526listCode%253DWEALTHRE&ceid=83d1e45e-bc97-42f4-8175-dc90e52d2ab4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"12470385745560744392","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"}
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://libertythroughwealth.com
access-control-allow-credentials: true
content-length: 0

GET
H3 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/2024-07-10-15-08-56/free/ 31 KB
13 KB 61ms
60ms Script
application/javascript 156.146.33.140
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-07-10-15-08-56/free/remediation-tool-free.js?ts=1720624136507
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-10-15-08-56/widget_app_base_1720624136507.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.140 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 78793ed6af79a53f0a983daa7bf01fb2151d5c76938994e9a0a3f9b820714c42

Request headers

Referer: https://libertythroughwealth.com/
Origin: https://libertythroughwealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 Jul 2024 22:49:06 GMT
via: 1.1 18a0c3f5e09e58d51d2e5d6f596d202e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 109
x-amz-server-side-encryption: AES256
x-accel-date-max: 1720624646
x-77-cache: HIT
x-cache: HIT
x-age: 286300
x-accel-date: 1720624646
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3XF4EAAwB1GY4EQH3AgAAAA
x-accel-expires: @1746544644
x-77-age: 286300
last-modified: Wed, 10 Jul 2024 15:11:02 GMT
server: CDN77-Turbo
etag: W/"9db409bc341a6520412b5c42d90785b2"
x-77-nzt-ray: cf8787278297d5b862049366395f722f
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 5yF4Dwz44LrRA7WoowN-gBTuMh1k3jpoXGKuc6kvMu0sf7yuHhGFaw==

GET
H3 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 81ms
40ms Image
image/svg+xml 156.146.33.140
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by: Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.140 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 Jul 2024 22:49:06 GMT
via: 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 110
x-amz-server-side-encryption: AES256
x-accel-date-max: 1720624643
x-77-cache: HIT
x-cache: HIT
x-age: 286303
x-accel-date: 1720624643
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3X14EAAwB1GY4EQH3AQAAAA
x-accel-expires: @1746544642
x-77-age: 286303
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: cf8787271f9d59ba6204936694063f31
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: bsl0u-r-j6uOK92vgBFfQPKjaeLEdYGi8bNDthewe4fEA64XjfDVJA==

GET
H3 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 80ms
40ms Image
image/svg+xml 156.146.33.140
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: libertythroughwealth.com
URL: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.140 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 Jul 2024 22:49:06 GMT
via: 1.1 38dab0d877593711162f7409f4fc8fca.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 110
x-amz-server-side-encryption: AES256
x-accel-date-max: 1720624643
x-77-cache: HIT
x-cache: HIT
x-age: 286303
x-accel-date: 1720624643
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3X14EAAwBnJIhHwH3AQAAAA
x-accel-expires: @1746544642
x-77-age: 286303
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: cf8787271f9d66ba62049366da954931
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: cfRUG33CkEQvwwg18E9J_OIZxzyVtI2seAGAnhUJ6TqTvQqffawqOA==

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 1526 170 B
409 B 144ms
50ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-rT5yXjUtg-Gjw5TSR8_gt9b4gQblzTyfbenDew&google_cm&google_hm=ay1yVDV5WGpVdGctR2p3NVRTUjhfZ3Q5YjRnUWJselR5ZmJlbkRldw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 1526 43 B
235 B 251ms
43ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-LCjEmjUtg-Gjw5TSR8_gt9b4gQZiN3e5lpWk3A&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1526
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6546487627581125922

43 B
370 B

44ms
44ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6546487627581125922

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1284433
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:07 GMT
an-x-request-uuid: ceb627c5-91c6-4b89-93f8-63f2daf93873
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6546487627581125922
x-proxy-origin: 80.255.7.101; 80.255.7.101; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 1526 43 B
163 B 240ms
39ms Image
image/gif 81.17.55.106
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-PB4aRjUtg-Gjw5TSR8_gt9b4gQaYyjxO-jE7jA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.106 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1526 0
99 B 148ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-o6Kw4DUtg-Gjw5TSR8_gt9b4gQZSq-KZT5N8ow
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41376

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 1526 49 B
342 B 189ms
50ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-NjAvgjUtg-Gjw5TSR8_gt9b4gQaEmFgink-tNA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:06 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 1526
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x320wjUtg-Gjw5TSR8_gt9b4gQZlDQ7Oa13PMA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x320wjUtg-Gjw5TSR8_gt9b4gQZlDQ7Oa13PMA&C=1

43 B
324 B

61ms
59ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x320wjUtg-Gjw5TSR8_gt9b4gQZlDQ7Oa13PMA&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXVRBgpqf5rdkAoC%2BapMHI%2FqiUtCZnLz7Tc2cGzWtkoF94Mh7p%2FA9JqnPDT4TqR0QoE6bvFekmR%2BeBsoBnwIy3gDsUXeGaQfPCFDEab71afd7GiSjEzw3i171ynL0NAVFrQT"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8a2cd30b0dcc4534-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TIcn%2B8PB1%2Ba96%2BUEZtJw3ZCDtSxJGmxz2hiEnRfv0DLCRBq8DD05I7io07PuIUp9B4t16CZlxmN%2FQaLOOiLlRa0pDJ9gQK4QhWc3185f1tJl5kpsGpAZ1l%2FSBmRunTitqBgH"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-x320wjUtg-Gjw5TSR8_gt9b4gQZlDQ7Oa13PMA&C=1
cache-control: no-cache
cf-ray: 8a2cd30a9d014534-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 1526
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=1KdJtPEPyKtqaprK-LnIgZZ2cEbwCwtJ
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1KdJtPEPyKtqaprK-LnIgZZ2cEbwCwtJ

42 B
717 B

59ms
58ms

Image
image/gif

34.243.204.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1KdJtPEPyKtqaprK-LnIgZZ2cEbwCwtJ

Protocol

Server

34.243.204.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-204-162.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v062-0e0affe6b.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sat, 13 Jul 2024 22:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: RjYXwpyLTms=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v062-03737a6b6.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sat, 13 Jul 2024 22:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: V0cvePn6TWw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1KdJtPEPyKtqaprK-LnIgZZ2cEbwCwtJ
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 1526 43 B
1 KB 130ms
40ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-gDkgBTUtg-Gjw5TSR8_gt9b4gQYcKVMQIlafLw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 13 Jul 2024 22:49:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame 1526 43 B
199 B 213ms
53ms Image
image/gif 108.128.229.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-I7yZXjUtg-Gjw5TSR8_gt9b4gQZT56hLgeFg9A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.128.229.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-229-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 Jul 2024 22:49:07 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 1526 42 B
265 B 170ms
50ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-zpGGCTUtg-Gjw5TSR8_gt9b4gQYaG9IZ8X-uDA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:06 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 cksync.php
contextual.media.net/ Frame 1526 60 B
815 B 179ms
91ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-H6-PvDUtg-Gjw5TSR8_gt9b4gQbp6wifKcazEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 13 Jul 2024 22:49:07 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 60
x-mnet-hl2: E
expires: Sat, 13 Jul 2024 22:49:07 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 1526 0
882 B 131ms
43ms Image
text/html 3.120.61.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-xnzb4zUtg-Gjw5TSR8_gt9b4gQa0s4QDwhbkUA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.61.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-61-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:07 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 1526 43 B
423 B 634ms
206ms Image
image/gif 35.161.189.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-URM7BDUtg-Gjw5TSR8_gt9b4gQa63vmO_0NFVQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.189.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-189-124.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:07 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 1526 0
218 B 363ms
121ms Image
text/plain 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-RWDalzUtg-Gjw5TSR8_gt9b4gQbmX10MZct1jA&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:07 GMT
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: b3b0841480d81af20296e5224ea6d872
content-length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 1526 0
225 B 156ms
46ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-cybvqjUtg-Gjw5TSR8_gt9b4gQa0-3C8sYqXfA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 13 Jul 2024 22:49:05 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 1526 0
239 B 198ms
41ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-a1uzkzUtg-Gjw5TSR8_gt9b4gQZ5oEMLVF_llg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 1526 0
35 B 151ms
39ms Image
text/plain 3.68.17.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-qBKWQDUtg-Gjw5TSR8_gt9b4gQYGT79_DxDgMA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.17.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-17-97.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:07 GMT

GET
H2 200 um
criteo-sync.teads.tv/ Frame 1526 23 B
163 B 215ms
65ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-OAOKqjUtg-Gjw5TSR8_gt9b4gQaLaYH-tftqpQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 22:49:07 GMT
pragma: no-cache
date: Sat, 13 Jul 2024 22:49:07 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.1
content-length: 23
content-type: image/gif

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 1526 43 B
398 B 443ms
119ms Image
image/gif 2600:1f18:612b:4280:fe7f:ae22:8bd3:8025
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-2Rg6cjUtg-Gjw5TSR8_gt9b4gQadPE9YnMcL4Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:fe7f:ae22:8bd3:8025 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 13 Jul 2024 22:49:07 GMT
server: nginx
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 1526 37 B
140 B 116ms
39ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-lSIRODUtg-Gjw5TSR8_gt9b4gQblGeRwMHm4jg&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 1526 43 B
153 B 108ms
35ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-v5RQljUtg-Gjw5TSR8_gt9b4gQYSL-CDgvEkug
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 Jul 2024 22:49:07 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 1526 0
235 B 141ms
52ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-BDkT7zUtg-Gjw5TSR8_gt9b4gQYx1Cu-s9eFUw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jul 2024 22:49:07 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 12 Jul 2024 22:49:07 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 1526 0
38 B 264ms
56ms Image
text/plain 54.194.20.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-NCkdKTUtg-Gjw5TSR8_gt9b4gQaUZmh-6kwT7Q&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.20.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-20-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:07 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 1526 0
44 B 130ms
39ms Image
text/plain 18.184.16.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-eVvzdzUtg-Gjw5TSR8_gt9b4gQablWZlQmTo5A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.16.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-16-168.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:07 GMT
server: awselb/2.0

GET
H2

200

pixel
cm.adform.net/ Frame 1526
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10015&cid=k-IgHPlzUtg-Gjw5TSR8_gt9b4gQYXSAnHxB61bA
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-IgHPlzUtg-Gjw5TSR8_gt9b4gQYXSAnHxB61bA
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-IgHPlzUtg-Gjw5TSR8_gt9b4gQYXSAnHxB61bA&adform_v=1

43 B
164 B

128ms
41ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-IgHPlzUtg-Gjw5TSR8_gt9b4gQYXSAnHxB61bA&adform_v=1
Protocol: H2
Server: 37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:07 GMT
last-modified: Thu, 11 May 2023 07:59:59 GMT
server: nginx
accept-ranges: bytes
etag: "645ca07f-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-IgHPlzUtg-Gjw5TSR8_gt9b4gQYXSAnHxB61bA&adform_v=1
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

RX-fceecbb6-8743-44e7-a3c5-ddd3da05369f-003
sync.targeting.unrulymedia.com/csync/ Frame 1526
Redirect Chain

https://sync.1rx.io/usersync/criteodsp/k-4Jx-EjUtg-Gjw5TSR8_gt9b4gQa5lgYLCkqw_g
https://sync.1rx.io/usersync/criteodsp/k-4Jx-EjUtg-Gjw5TSR8_gt9b4gQa5lgYLCkqw_g?zcc=1&cb=1720910947419
https://sync.targeting.unrulymedia.com/csync/RX-fceecbb6-8743-44e7-a3c5-ddd3da05369f-003

43 B
378 B

152ms
47ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-fceecbb6-8743-44e7-a3c5-ddd3da05369f-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:07 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-fceecbb6-8743-44e7-a3c5-ddd3da05369f-003
pragma: no-cache
date: Sat, 13 Jul 2024 22:49:07 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H/1.1 200
OK ltw-favicon.png
libertythroughwealth.com/wp-content/uploads/2022/01/ 2 KB
3 KB 117ms
117ms Other
image/png 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://libertythroughwealth.com/wp-content/uploads/2022/01/ltw-favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: be80be7e124d18d66cc18c6e8247d1c83211115c1bb856d5ce2101765d22450d

Request headers

Referer: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:06 GMT
Last-Modified: Tue, 11 Jan 2022 20:15:01 GMT
Server: nginx
ETag: "61dde545-9e3"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2531

GET
H2 200 setuid
ib.adnxs.com/ Frame 1526 43 B
1 KB 40ms
40ms Image
image/gif 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-1h_sADUtg-Gjw5TSR8_gt9b4gQbOZy50WWdBbA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 22:49:07 GMT
an-x-request-uuid: 0c33e1d1-8ca4-4ae1-868d-5d66bf0e9bfa
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK admin-ajax.php Show response
libertythroughwealth.com/wp-admin/ 34 KB
7 KB 1633ms
1633ms XHR
text/html 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://libertythroughwealth.com/wp-admin/admin-ajax.php

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-27-104.compute-1.amazonaws.com

Software

nginx /

Resource Hash

36c5e39521cae1a586d826b2f9fc252ab651a8a4b68defd8a69952be4953f99f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://libertythroughwealth.com/webview/a-fathers-biggest-wish/?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 13 Jul 2024 22:49:09 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://libertythroughwealth.com
Cache-Control: no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: Origin, X-Requested-With, X-WP-Nonce, Content-Type, Accept, Authorization
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK ajax-loader.gif
portrait-tracker.s3.amazonaws.com/ 3 KB
4 KB 136ms
136ms Image
image/gif 3.5.28.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portrait-tracker.s3.amazonaws.com/ajax-loader.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.28.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:08 GMT
x-amz-version-id: null
Last-Modified: Tue, 29 Sep 2020 18:47:39 GMT
Server: AmazonS3
x-amz-request-id: KT897SCRWF94MPK1
ETag: "a51c5608d01acf32df728f299767f82b"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 3208
x-amz-id-2: qV7elQth3VQD2PdDF3lHIYrtlwzXUfA63G39Ql67d+dj38tX1qIPuv+QmxTKllRe7VcF9wPwU5lDhUIYg3+La8s/CB3uSrg73dB05am40z4=

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
235 B 647ms
221ms XHR
image/gif 54.244.219.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1720910948&e=article_view&r=&z=69661&x=5475fa15fca6698857e67e2705849cfa&k=cb79c9a6-18d7-eb26-fb2d-ff78d5b980de&u=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&products_json=%5B%7B%22sku%22%3A%22libertythroughwealth_com_72912%22%7D%5D
Requested by: Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.244.219.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-219-56.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://libertythroughwealth.com
date: Sat, 13 Jul 2024 22:49:08 GMT
access-control-expose-headers: etag
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/gif

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
236 B 638ms
220ms XHR
image/gif 54.244.219.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1720910948&e=pageload&r=&z=724843&x=5475fa15fca6698857e67e2705849cfa&k=cb79c9a6-18d7-eb26-fb2d-ff78d5b980de&u=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%2F%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE
Requested by: Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.244.219.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-219-56.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://libertythroughwealth.com
date: Sat, 13 Jul 2024 22:49:08 GMT
access-control-expose-headers: etag
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/gif

GET
H2 200 comments.php
www.facebook.com/v2.5/plugins/ Frame A468 0
0 69ms
69ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/comments.php?app_id=555402891275842&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff465ddde2ee8251c%26domain%3Dlibertythroughwealth.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flibertythroughwealth.com%252Ff6bf5dc4672f63512%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Flibertythroughwealth.com%2F2024%2F06%2F21%2Fa-fathers-biggest-wish%2F&locale=en_US&numposts=10&sdk=joey&version=v2.5&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3494d717fbe601acc2e1570806d351cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Sat, 13 Jul 2024 22:49:09 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391256246037302047"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391256246037302047"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3308, tp=-1, tpl=-1, uplat=30, ullat=0
x-fb-debug: MGxg2pzPn5kCozJGX/fOUAl5OZYlNCPYIuoPMbSFfJHrgoc3P3L5PoxfhoCD5ym7i/Wu7fuUm19iGC5mybzL6Q==
x-frame-options: DENY
x-xss-protection: 0

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
524 B 123ms
123ms Ping
image/gif 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=06748148899376014&referrer=&marketerId=0040752ca591876c6ab7eb366d24329d4d%2C00b7a913e0b9a7393b20d834711f3a1ceb&name=PAGE_VIEW&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, POST
content-type: image/gif;
access-control-allow-origin: https://libertythroughwealth.com
cache-control: no-cache
access-control-allow-credentials: true
x-traceid: 3a43fae8a9a28317907aa56fa87301c8
access-control-allow-headers: Content-Type, Authorization
content-length: 54

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
145 B 139ms
137ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Jul 2024 22:49:08 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4E07B1C025C64842A02B9132E3E32004 Ref B: FRAEDGE2020 Ref C: 2024-07-13T22:49:09Z
linkedin-action: 1
vary: Origin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
access-control-allow-origin: https://libertythroughwealth.com
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYdKM3Q9aLyjDLr40TsEw==

GET
H2 200 a2d31738ea02b94d53c97da2598b0969
secure.gravatar.com/avatar/ 1 KB
2 KB 126ms
39ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/a2d31738ea02b94d53c97da2598b0969?s=96&d=mm&r=g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 54ee9bbe2550cd9323f302ba77e47d14fcb84cec7c628521b9f19cd52ce37cef

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 13 Jul 2024 22:49:09 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="a2d31738ea02b94d53c97da2598b0969.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/a2d31738ea02b94d53c97da2598b0969?s=96&d=mm&r=g>; rel="canonical"
content-length: 1447
alt-svc: h3=":443"; ma=86400
expires: Sat, 13 Jul 2024 22:54:09 GMT

GET
H/1.1 200
OK Isometric_Happy_Businessman.jpg
s3.amazonaws.com/assets.oxfordclub.com/emails/images/ 2 MB
2 MB 144ms
142ms Image
image/jpeg 54.231.236.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/emails/images/Isometric_Happy_Businessman.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.236.64 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e390edc295eb450a4093697097a00c049654ac28a6514dd6bf29f7c84f8c3d4

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:10 GMT
x-amz-version-id: wXKf50nU37SEjFpE6AhHsBXMCMvGvW7x
Last-Modified: Wed, 08 Mar 2023 17:40:33 GMT
Server: AmazonS3
x-amz-request-id: 7RKZ10WSB53QEX35
ETag: "d30b23a166765a6b4b4dc6ec0ee5b62c"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 2592868
x-amz-id-2: dXRLgfcTYnaIjv6X98mra+3C3+X8eyCfNw4vu2iHeJxgRpzBfyuIUJv3uDVPTOiLe0mWnOSQD3o=

GET
H2 200 i.gif
e-10348.adzerk.net/ 43 B
1 KB 405ms
133ms Image
image/gif 44.216.98.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e-10348.adzerk.net/i.gif?e=eyJ2IjoiMS4xMiIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDIsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6MTY1Mzc0MzA1LCJkaSI6IjE3NzE0YzQ5YWU3ZTRhNTk5YmVmZmQzNzBkOTk3MTg3IiwiZGoiOjAsImlpIjoiY2RlZTBiMGQ5MzU3NDk1YjhmMmZjYWJjMzA3NTcyYzEiLCJkbSI6MywiZmMiOjM0ODIyMTEzMCwiZmwiOjE3NTQzNTI5LCJpcCI6IjMuMjM5Ljk2LjIwNSIsIm53IjoxMDM0OCwicGMiOjUwLCJvcCI6NTAsIm1wIjo1MCwiZHAiOjguOTczMTQ0LCJkbiI6OC45NzMxNDQsImRnIjo4Ljk3MzE0NCwiZWMiOjExLjgyODcyLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6IjU1Iiwic2IiOiJpLTAwMGJiMTY4ZWUyYmM4MjEzIiwic3AiOjEwMjI2MzksInN0IjoxMTU1MTk2LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtZGIwNWVjYjkwNzY0NDg0OWFlNDNkMTYyYWZhNzBjY2IiLCJ0cyI6MTcyMDkxMDk0ODA5MSwicG4iOiJzcGFjZWFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJiYSI6MTMxLCJmcSI6MTZ9&s=6IoAlLLXQqLMSJcXnlB4xouPeJk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.216.98.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-98-119.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Sat, 13 Jul 2024 22:49:09 GMT
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: prod-eventservers-shard105-us-east-1-01-i-02d68cf76a9526594

GET
H2 200 i.gif
e-10348.adzerk.net/ 43 B
1 KB 402ms
130ms Image
image/gif 44.216.98.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e-10348.adzerk.net/i.gif?e=eyJ2IjoiMS4xMiIsImF2Ijo4OTcxOTUsImF0IjoxOCwiYnQiOjAsImNtIjo2MTQ1NzQyLCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjE0OTQ4Nzg5NCwiZGkiOiI1OTYzNGJhZjc4YjU0MDk1YWUyNTEyNjI0MGI0YWI2NyIsImRqIjowLCJpaSI6ImNkNTRkMjUxNzU4YjQ2MDViNzcxNDViOTAxY2JjMGQzIiwiZG0iOjMsImZjIjozMzExMDg0MzAsImZsIjoxNzU0MzUyOSwiaXAiOiI1NC4yMTEuMTg0LjEyNCIsImt3Ijoic3VwcG9ydCIsIm1rIjoic3VwcG9ydCIsIm53IjoxMDM0OCwicGMiOjUwLCJvcCI6NTAsIm1wIjo1MCwiZWMiOjAsImdtIjowLCJlcCI6bnVsbCwicHIiOjE3NTk4OSwicnQiOjUsInJzIjo1MDAsInNhIjoiNTUiLCJzYiI6ImktMDAwMGE4OGZkYWMzNzJmZmUiLCJzcCI6MjkwMTcwOSwic3QiOjExNTUxOTYsInRyIjp0cnVlLCJ1ayI6InVlMS1hNTlmMjg2MGZiN2E0MjY0Yjk2YmQ0ZjFjOTk4YjYyMyIsInRzIjoxNzIwOTEwOTQ4OTc4LCJwbiI6IklJbUtZWnhreWtJQWhmSm1rYlJEIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwiYmkiOjEsInR6IjoiVVRDIiwiYmEiOjEsImZxIjoxNn0&s=r9DQCQYMmwOPlDQWYhHK2vk1-p4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.216.98.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-98-119.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Sat, 13 Jul 2024 22:49:09 GMT
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: prod-eventservers-shard105-us-east-1-01-i-09759b526908cfcd8

GET
H2 200 PSU_Detect-Nate_and_Emmy_Award-Winning_Journalist.jpg
dkwegfj7whlol.cloudfront.net/monument/psu/ 31 KB
32 KB 211ms
105ms Image
image/jpeg 2600:9000:235a:8600:11:edc5:140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkwegfj7whlol.cloudfront.net/monument/psu/PSU_Detect-Nate_and_Emmy_Award-Winning_Journalist.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:8600:11:edc5:140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5e0f44bfd4272f89e5c572b30f6f93ecaebb0894f372e295a0c4e9189243635

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 07:24:38 GMT
x-amz-version-id: O_f_ohz63U8oYSxW9vah2R5ve_kSIIrS
via: 1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jun 2024 11:54:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 55472
etag: "8d249371c9dd52413aa239264c443f50"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 31830
x-amz-cf-id: djdwyc3EJ3Eqqe0tU_Q0ahdWX9lToUTuBY_38_K73CNER3BZ_dE4eA==

GET
H2 200 i.gif
e-10348.adzerk.net/ 43 B
1 KB 403ms
131ms Image
image/gif 44.216.98.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e-10348.adzerk.net/i.gif?e=eyJ2IjoiMS4xMiIsImF2Ijo4OTcxOTUsImF0IjozNzc3LCJidCI6MCwiY20iOjYxNDU3NDIsImNoIjo0MjE4MSwiY2siOnt9LCJjciI6MzkzNTE0MDcxLCJkaSI6IjE3NzE0YzQ5YWU3ZTRhNTk5YmVmZmQzNzBkOTk3MTg3IiwiZGoiOjEsImlpIjoiOWU1YmQzMjlkYjllNGFkODk0MDViNzM4NjczZWE4NTQiLCJkbSI6MywiZmMiOjU2OTM4NjYzOSwiZmwiOjE3NTQzNTI5LCJpcCI6IjMuMjM5Ljk2LjIwNSIsIm53IjoxMDM0OCwicGMiOjUwLCJvcCI6NTAsIm1wIjo1MCwiZHAiOjguODQwODAyLCJkbiI6OC44NDA4MDIsImRnIjo4Ljg0MDgwMiwiZWMiOjguOTYzMTQ0LCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6IjU1Iiwic2IiOiJpLTAwMGJiMTY4ZWUyYmM4MjEzIiwic3AiOjEwMjI2MzksInN0IjoxMTU1MTk2LCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtZGIwNWVjYjkwNzY0NDg0OWFlNDNkMTYyYWZhNzBjY2IiLCJ0cyI6MTcyMDkxMDk0ODA5NCwicG4iOiJzcGFjZWFkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJkYyI6MSwidHoiOiJVVEMiLCJiYSI6MTMwLCJmcSI6MTZ9&s=emhVqgi6gzIpm0tlER2Vx8Ji9Zw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.216.98.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-98-119.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Sat, 13 Jul 2024 22:49:09 GMT
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: prod-eventservers-shard105-us-east-1-01-i-063c002c2aa69fc9b

GET
H2 200 /
www.facebook.com/tr/ 0
125 B 41ms
40ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2258146607802329&ev=PageView&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910949123&sw=1600&sh=1200&v=2.9.161&r=stable&ec=3&o=4126&fbp=fb.1.1720910945920.105745293428931783&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1297, tbw=12310, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Jul 2024 22:49:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1018 B 81ms
80ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2258146607802329&ev=PageView&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910949123&sw=1600&sh=1200&v=2.9.161&r=stable&ec=3&o=4126&fbp=fb.1.1720910945920.105745293428931783&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x04240cdc245fdd05","source_keys":["1","2"]},{"key_piece":"0x5b7154b3cd97a50f","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 13 Jul 2024 22:49:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391256247378414180", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1297, tbw=13664, tp=-1, tpl=-1, uplat=40, ullat=0
pragma: no-cache
x-fb-debug: pYM9ddR85AxKQ4KDfUbR2hqo7el2TH6g5o0P3n+3GeGC4cc9JcO1IRwGc2bZi5bs+4AmaP2jhCUkVqHWdXesyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391256247378414180"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
104 B 42ms
42ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=221944698376158&ev=PageView&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910949123&sw=1600&sh=1200&v=2.9.161&r=stable&ec=3&o=28&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1297, tbw=12479, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Jul 2024 22:49:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 80ms
80ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=221944698376158&ev=PageView&dl=https%3A%2F%2Flibertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&rl=&if=false&ts=1720910949123&sw=1600&sh=1200&v=2.9.161&r=stable&ec=3&o=28&ler=empty&cdl=API_unavailable&it=1720910945831&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 13 Jul 2024 22:49:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391256247051296166", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1297, tbw=12627, tp=-1, tpl=-1, uplat=39, ullat=0
pragma: no-cache
x-fb-debug: nMlWz3qEbr5p9FHHFT2CRnu4ZGBF0CcEo5oQ/K4ZSMz6lgB/ReurCLpxKJ7xxaDUCfiuER5kmCEZJHPmLB1rxA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391256247051296166"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 20240621_NICA_Image_1.jpg
dkwegfj7whlol.cloudfront.net/nicaclinic/ 26 KB
27 KB 151ms
48ms Image
image/jpeg 2600:9000:235a:8600:11:edc5:140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkwegfj7whlol.cloudfront.net/nicaclinic/20240621_NICA_Image_1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:8600:11:edc5:140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8762c6132076fffb1e56f88e1ae04e5c9361ff0442bb40b33335881d3bf804

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:44:09 GMT
x-amz-version-id: _86P0OGjlGTZz8Kf073odfFeqm.Z0BxL
via: 1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 20:19:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 301
etag: "8b7055371ac4c14dea09a7a051550e66"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 26779
x-amz-cf-id: ncyUOx3Ja-ztHgA33WsfTWlulK-Kq6eM7Ku49RXfiKcftKVP2rrwig==

GET
H2 200 20240621_NICA_Image_2.jpg
dkwegfj7whlol.cloudfront.net/nicaclinic/ 78 KB
79 KB 152ms
49ms Image
image/jpeg 2600:9000:235a:8600:11:edc5:140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkwegfj7whlol.cloudfront.net/nicaclinic/20240621_NICA_Image_2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:8600:11:edc5:140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 758f5d5c60bf4c3f98225575352f092cdfc1198c92613ea260bded1a2335705f

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 0Qqn720y1YN06_LahB0KpO_38cz0BqYn
date: Sat, 13 Jul 2024 20:39:44 GMT
via: 1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 20:19:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 7766
x-amz-server-side-encryption: AES256
etag: "94e9ce54c36b7ea6efba247b897d91da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 80252
x-amz-cf-id: Uq1WmzAUAFCZs6JpULnJGHxNZozy8LeGp2vDypIo1t3AwQLJO-I_vA==

GET
H/1.1 200
OK ltw-favicon.png
libertythroughwealth.com/wp-content/uploads/2022/01/ 2 KB
0 0ms
0ms Other
image/png 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://libertythroughwealth.com/wp-content/uploads/2022/01/ltw-favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: be80be7e124d18d66cc18c6e8247d1c83211115c1bb856d5ce2101765d22450d

Request headers

Referer: https://libertythroughwealth.com/webview/a-fathers-biggest-wish?src=email&bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=eab6bdfa-c476-4759-a86e-c4aa6a5f74e0&utm_medium=email&utm_source=blueshift&bsft_clkid=035fdadf-e01f-4ec9-a769-db6d2a16df8e&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=8843fd79-83c1-4a10-8f45-ca7c78131614&bsft_txnid=94d24aee-856c-494d-a063-e02274a61e87&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE&bsft_mime_type=html&bsft_ek=2024-06-24T20%3A30%3A34Z&bsft_lx=28&bsft_tv=9&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240624_WR_Green&vid2=d89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5&listCode=WEALTHRE
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:06 GMT
Last-Modified: Tue, 11 Jan 2022 20:15:01 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "61dde545-9e3"
Content-Length: 2531
Content-Type: image/png

GET
H/1.1 200
OK brk-oil-modal2-2024.jpg
s3.amazonaws.com/assets.oxfordclub.com/images/lytics-modals/BRK/ 154 KB
155 KB 398ms
159ms Image
image/jpeg 54.231.236.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/images/lytics-modals/BRK/brk-oil-modal2-2024.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.236.64 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 62d1dee6bbb83071463a30babdd882e09bec8cd1dfcc250d3c4bc799ef61d9f8

Request headers

Referer: https://s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 22:49:10 GMT
x-amz-version-id: Sgrl4yK0qr.ttX2O5rFv_pq6umesngpd
Last-Modified: Tue, 06 Feb 2024 17:51:00 GMT
Server: AmazonS3
x-amz-request-id: 7RKYNAW3MK1DXKXC
ETag: "5a19fe87e8d43d807b46f4fdcb7b41f1"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 158115
x-amz-id-2: MqDeTn6kjNj9UD/y56VVfMlX2ttXwBX3FXXhhdIJTfIBUPA3qRsNSIFHIuUpjXQ8Rd0Gp7X2/e0=

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
367 B 175ms
175ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?pf-widget-id=10eb16e2c7f7b4f4128310cc919434e0&pf-widget-type=message&pf-widget-layout=slideout&pf-widget-variant=1&pf-widget-event=show&_ts=1720910949249&_nmob=t&_device=desktop&url=libertythroughwealth.com%2Fwebview%2Fa-fathers-biggest-wish%3Fsrc%3Demail%26bsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D035fdadf-e01f-4ec9-a769-db6d2a16df8e%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3D8843fd79-83c1-4a10-8f45-ca7c78131614%26bsft_txnid%3D94d24aee-856c-494d-a063-e02274a61e87%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2024-06-24T20%253A30%253A34Z%26bsft_lx%3D28%26bsft_tv%3D9%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240624_WR_Green%26vid2%3Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%26listCode%3DWEALTHRE&_ga=GA1.1.1805830912.1720910946&_uid=d6523058-27ca-478b-9309-75a917eac054&_v=3.0.36&_uido=d6523058-27ca-478b-9309-75a917eac054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://libertythroughwealth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 22:49:09 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OrwmSvCFT3wnao4DRoVNUKsYUink6kb3IfUlOrPJlJ7e%2BPvs1PPvKwRb6FAgxpr6Kh7y30uZpV72CLqbU2bMGNQUhHc%2FJyOhGiOR711wadn5bt6kJfaCh10Dg%2FLI4FdG0QN47krzOtu2"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 644e7c108d1c5b4c2565259ea1ab8d55
cf-ray: 8a2cd318fd3d9737-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.events-c.mb.wealthyretirement.com/	1970-01-20 22:01:52	Name: __cf_bm Value: jT4k3XK7twIqOPiLbACPPQprCBe4A_af6JDLjxAkImA-1720910943-1.0.1.1-E0oxd0ATzIrbSXA2sno8Zzj4BMZC9LdYgdRftg0nwadLh.FHT02c1I3Awc8X1xhE.3RVRCFw_UMFtiFzBYDxPA
.libertythroughwealth.com/	1970-01-20 22:01:52	Name: seerses Value: e
.libertythroughwealth.com/	1970-01-21 07:37:50	Name: seerid Value: d6523058-27ca-478b-9309-75a917eac054
.lytics.io/	1970-01-21 07:37:50	Name: seerid Value: d6523058-27ca-478b-9309-75a917eac054
.libertythroughwealth.com/	1970-01-21 06:48:53	Name: _vwo_uuid_v2 Value: D5637571FF2702617CC51C7369914B1B4\|839face2bc128c5b226dfffbe3864df2
.libertythroughwealth.com/	1970-01-20 22:03:17	Name: _gid Value: GA1.2.4323697.1720910946
.libertythroughwealth.com/	1970-01-20 22:01:51	Name: _gat_secondary Value: 1
.libertythroughwealth.com/	1970-01-21 07:37:50	Name: _ga Value: GA1.1.1805830912.1720910946
.libertythroughwealth.com/	1970-01-21 00:11:26	Name: _fbp Value: fb.1.1720910945920.105745293428931783
.libertythroughwealth.com/	1970-01-21 07:37:50	Name: _ga_85799QV7CE Value: GS1.2.1720910946.1.0.1720910946.60.0.0
.criteo.com/	1970-01-21 07:23:26	Name: uid Value: c0f73175-66a5-447e-b6e3-339831e67e16
.criteo.com/	1970-01-21 07:23:26	Name: receive-cookie-deprecation Value: 1
.t.co/	1970-01-21 07:37:50	Name: muc_ads Value: 8bdef5c9-5e53-4fbf-a390-fe6519f97c83
.linkedin.com/	1970-01-21 06:47:26	Name: bcookie Value: "v=2&baaac11c-bb1d-478c-8768-e917915728a2"
.linkedin.com/	1970-01-21 02:21:02	Name: li_gc Value: MTswOzE3MjA5MTA5NDY7MjswMjFexR5WGP6bn3htM/x2hr0UewXy5JNIgY3QTFpO0FV02A==
.linkedin.com/	1970-01-20 22:03:17	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3252:u=1:x=1:i=1720910946:t=1720997346:v=2:sig=AQF_G_thcpi9NgCOqkUHbhUzTMEKmPXJ"
.libertythroughwealth.com/	1970-01-21 06:47:26	Name: _hjSessionUser_1095827 Value: eyJpZCI6ImQwZGJkYmY1LTRlZGUtNTc4Zi04MDkyLWViZGE3ZjdjYjY3NyIsImNyZWF0ZWQiOjE3MjA5MTA5NDYxMjYsImV4aXN0aW5nIjp0cnVlfQ==
.libertythroughwealth.com/	1970-01-20 22:01:52	Name: _hjSession_1095827 Value: eyJpZCI6ImNlOTcwODNkLWYwY2UtNDUzMy04NzRhLWU3Yjg2YzA4YjUzYiIsImMiOjE3MjA5MTA5NDYxMjcsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.libertythroughwealth.com/	1970-01-21 07:31:14	Name: cto_bundle Value: Rf07-18wMmxndGFsTFFMMDR1a2t0JTJGYUJlTGFlQjJVREpqJTJCbnYlMkZrZVBVU0JOMW14YWx2NFZ3VHNNbndmcVJqSkFWZTIxWG12a3BqRWJzJTJGQUx0OExVdTd0YTBrMkI4TnpyQkhoT2tadVBaJTJGVnNOakRNZ3FPJTJGeHBFMlUwV0JwNTI4Z3NSVnBoVEIlMkZtUkpzVHZoUjBXJTJCb1p1ZGFXakhPQlJsVGxmT1JUWFRlUmJFWWRjJTNE
.twitter.com/	1970-01-21 07:37:50	Name: personalization_id Value: "v1_XcGoTJ78s8NTiex3aLiUUA=="
libertythroughwealth.com/	1970-01-20 22:01:51	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1720910946211%7D
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.criteo.com/	1970-01-21 07:23:26	Name: cto_bundle Value: xVmSRV9LNjNhdmlvUlFqSlVhcjRJQ1U1JTJGZUllJTJGajBMcmpYMWhkeWxvY0R1JTJCcExFJTJGZVo4Q1Q5JTJCeUFvN2hZN2hqaEdYVw
.adnxs.com/	1970-01-21 00:11:26	Name: XANDR_PANID Value: eErtVrVtwgpjB9Unm_ns2RiL0kar_FxVY165m6_FI2ON6-aexv9tJiwpeNnt91RvKge75KmKMNcmhHHfPp8S9iyo6bXXo_-IYXmT-1dsaEE.
.adnxs.com/	1970-01-21 07:37:50	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:11:26	Name: uuid2 Value: 6546487627581125922
.casalemedia.com/	1970-01-21 06:47:26	Name: CMID Value: ZpMEY7mqPL4AAGw3AEV2xwAA
.casalemedia.com/	1970-01-21 00:11:26	Name: CMPS Value: 2159
.casalemedia.com/	1970-01-21 00:11:26	Name: CMPRO Value: 2159
.omnitagjs.com/	1970-01-20 22:45:02	Name: ayl_visitor Value: 97e9773e19bb7636c6425654e18ad62c
.adnxs.com/	1970-01-21 00:11:26	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E>=nk)6i!]tbPl@/D!9hy6]/CwgV/NQl]0.#v)k304n4fK)'/!Rb^4@Gj+3_hT_ifXG'7R2gp??hL:V7[7k%nugO%v4VB%np0<+IVu!
exchange.mediavine.com/	1970-01-20 22:22:00	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%221c72f750-416a-11ef-9d50-0f09c06b3d4f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 22:22:00	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%221c72f750-416a-11ef-9d50-0f09c06b3d4f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 22:22:00	Name: am_tokens Value: %7B%22mv_uuid%22%3A%221c72f750-416a-11ef-9d50-0f09c06b3d4f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 22:22:00	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%221c72f750-416a-11ef-9d50-0f09c06b3d4f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 22:22:00	Name: criteo Value: %7B%22id%22%3A%22k-xnzb4zUtg-Gjw5TSR8_gt9b4gQa0s4QDwhbkUA%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-21 06:47:26	Name: visitor-id Value: 3639125479085334000V10
.media.net/	1970-01-20 22:45:02	Name: data-c-ts Value: 1720910947
.media.net/	1970-01-20 22:45:02	Name: data-c Value: k-H6-PvDUtg-Gjw5TSR8_gt9b4gQbp6wifKcazEA~~3
.demdex.net/	1970-01-21 02:21:02	Name: demdex Value: 81806591454363165791623015577675148785
.dpm.demdex.net/	1970-01-21 02:21:02	Name: dpm Value: 81806591454363165791623015577675148785
.1rx.io/	1970-01-21 06:47:26	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fceecbb6-8743-44e7-a3c5-ddd3da05369f-003%22%7D
.adform.net/	1970-01-20 22:46:29	Name: C Value: 1
.adform.net/	1970-01-20 23:28:14	Name: uid Value: 5694719951368013694
.tremorhub.com/	1970-01-21 06:47:47	Name: tvid Value: fae4ea817b6d42649d9f9626d634ee8f
.tremorhub.com/	1970-01-20 22:45:02	Name: tv_UICR Value: k-2Rg6cjUtg-Gjw5TSR8_gt9b4gQadPE9YnMcL4Q
.targeting.unrulymedia.com/	1970-01-21 06:47:26	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fceecbb6-8743-44e7-a3c5-ddd3da05369f-003%22%7D
.postrelease.com/	1970-01-21 06:47:26	Name: opt_out Value: 1
.libertythroughwealth.com/	1970-01-21 06:47:26	Name: _bs Value: cb79c9a6-18d7-eb26-fb2d-ff78d5b980de
libertythroughwealth.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4u7qqb7fkvhl240npg21i7jvrs
e-10348.adzerk.net/	1970-01-21 06:47:26	Name: azk-ss Value: true
e-10348.adzerk.net/	1970-01-21 06:47:26	Name: azk Value: ue1-db05ecb907644849ae43d162afa70ccb
e-10348.adzerk.net/	1970-01-20 22:45:02	Name: azk-events Value: W3sidiI6IjEuMTIiLCJhdiI6ODk3MTk1LCJhdCI6Mzc3NywiYnQiOjAsImNtIjo2MTQ1NzQyLCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjE2NTM3NDMwNSwiZGkiOiIxNzcxNGM0OWFlN2U0YTU5OWJlZmZkMzcwZDk5NzE4NyIsImRqIjowLCJpaSI6ImNkZWUwYjBkOTM1NzQ5NWI4ZjJmY2FiYzMwNzU3MmMxIiwiZG0iOjMsImZjIjozNDgyMjExMzAsImZsIjoxNzU0MzUyOSwiaXAiOiIzLjIzOS45Ni4yMDUiLCJudyI6MTAzNDgsInBjIjo1MCwib3AiOjUwLCJtcCI6NTAsImRwIjo4Ljk3MzE0NCwiZG4iOjguOTczMTQ0LCJkZyI6OC45NzMxNDQsImVjIjoxMS44Mjg3MiwiZ20iOjAsImVwIjpudWxsLCJwciI6MTc1OTg5LCJydCI6NSwicnMiOjUwMCwic2EiOiI1NSIsInNiIjoiaS0wMDBiYjE2OGVlMmJjODIxMyIsInNwIjoxMDIyNjM5LCJzdCI6MTE1NTE5NiwidHIiOnRydWUsInVrIjoidWUxLWRiMDVlY2I5MDc2NDQ4NDlhZTQzZDE2MmFmYTcwY2NiIiwidHMiOjE3MjA5MTA5NDgwOTEsInBuIjoic3BhY2VhZCIsImdjIjp0cnVlLCJnQyI6dHJ1ZSwiZ3MiOiJub25lIiwiZGMiOjEsInR6IjoiVVRDIiwiY2kiOiJiZmJlOWMwYThiOTM0NTdkOWM2NDdhYmE3ODM3ZWI2NyIsImN2IjoxfV0
.libertythroughwealth.com/	1970-01-21 07:37:50	Name: _ga_31V1F7EGC9 Value: GS1.1.1720910945.1.1.1720910950.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://sslwidget.criteo.com/event?a=55939&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=Rf07-18wMmxndGFsTFFMMDR1a2t0JTJGYUJlTGFlQjJVREpqJTJCbnYlMkZrZVBVU0JOMW14YWx2NFZ3VHNNbndmcVJqSkFWZTIxWG12a3BqRWJzJTJGQUx0OExVdTd0YTBrMkI4TnpyQkhoT2tadVBaJTJGVnNOakRNZ3FPJTJGeHBFMlUwV0JwNTI4Z3NSVnBoVEIlMkZtUkpzVHZoUjBXJTJCb1p1ZGFXakhPQlJsVGxmT1JUWFRlUmJFWWRjJTNE&sc=%7B%22fbp%22%3A%22fb.1.1720910945920.105745293428931783%22%7D&tld=libertythroughwealth.com&fu=https%253A%252F%252Flibertythroughwealth.com%252Fwebview%252Fa-fathers-biggest-wish%252F%253Fsrc%253Demail%2526bsft_aaid%253D782fb40b-7585-4cb2-b342-5e6bb6114589%2526bsft_eid%253Deab6bdfa-c476-4759-a86e-c4aa6a5f74e0%2526utm_medium%253Demail%2526utm_source%253Dblueshift%2526bsft_clkid%253D035fdadf-e01f-4ec9-a769-db6d2a16df8e%2526bsft_uid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%2526bsft_mid%253D8843fd79-83c1-4a10-8f45-ca7c78131614%2526bsft_txnid%253D94d24aee-856c-494d-a063-e02274a61e87%2526bsft_utid%253D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WEALTHRE%2526bsft_mime_type%253Dhtml%2526bsft_ek%253D2024-06-24T20%25253A30%25253A34Z%2526bsft_lx%253D28%2526bsft_tv%253D9%2526pk%253Db509e14c9b46959debc21bd642eb3f00%2526utm_campaign%253D20240624_WR_Green%2526vid2%253Dd89e3a2e980d5d49a55624a94464cd1241f162b0d63dcde451105e6841b21924022f1daec4312d75c818ef80c44477a5%2526listCode%253DWEALTHRE&ceid=83d1e45e-bc97-42f4-8175-dc90e52d2ab4 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
accessibilityserver.org
ad.360yield.com
ad.yieldlab.net
amplify.outbrain.com
analytics.twitter.com
api.getblueshift.com
api.userway.org
bat.bing.com
c.lytics.io
c1.adform.net
cdn.getblueshift.com
cdn.jsdelivr.net
cdn.userway.org
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dev.visualwebsiteoptimizer.com
dis.criteo.com
dkwegfj7whlol.cloudfront.net
dnzkifeab6.execute-api.us-east-1.amazonaws.com
dpm.demdex.net
e-10348.adzerk.net
e1.emxdgt.com
eb2.3lift.com
events-c.mb.wealthyretirement.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
libertythroughwealth.com
match.sharethrough.com
matching.ivitrack.com
measurement-api.criteo.com
pixel.rubiconproject.com
portrait-tracker.s3.amazonaws.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.yimg.com
s3.amazonaws.com
script.hotjar.com
secure.gravatar.com
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.ads-twitter.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
t.co
tr.outbrain.com
trc.taboola.com
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
104.18.36.155
104.244.42.67
108.128.229.205
108.139.243.113
13.107.42.14
13.227.219.3
141.226.228.48
141.95.98.64
142.250.186.104
142.250.186.162
142.250.186.163
143.204.9.30
146.75.120.157
156.146.33.140
157.240.252.13
16.182.99.209
178.250.1.9
18.184.16.168
18.233.27.104
18.239.36.125
18.245.60.50
184.30.17.243
184.30.17.67
185.255.84.153
198.47.127.205
2.16.97.41
2001:4860:4802:34::36
2600:1f14:5db:eb22:3666:3d48:6c2b:699e
2600:1f18:612b:4280:fe7f:ae22:8bd3:8025
2600:9000:235a:8600:11:edc5:140:93a1
2606:4700:20::681a:216
2606:4700:20::681a:316
2606:4700::6811:1d55
2620:1ec:21::14
2620:1ec:c11::237
2a00:1288:80:807::1
2a00:1450:4001:80b::200e
2a00:1450:4001:81c::201b
2a00:1450:4001:827::2008
2a00:1450:400c:c1f::9a
2a02:2638:3::19
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:10::210:a9a
2a02:6ea0:c700::10
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::300
2a04:4e42:200::485
2a04:4e42:600::649
2a04:fa87:fffe::c000:4902
3.120.61.114
3.255.41.64
3.5.28.22
3.68.17.97
34.117.157.22
34.243.204.162
34.96.102.137
35.161.189.124
35.214.149.91
37.157.6.232
37.157.6.237
37.252.171.53
44.216.98.119
46.228.174.117
54.194.20.131
54.231.236.64
54.244.219.56
69.173.144.138
70.42.32.223
74.119.117.16
76.223.111.18
81.17.55.106
85.215.5.31
93.184.221.165
95.101.148.20
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d442120d2b60deb30df02e017358ba9e8057e57af2a52aadaceb08200dc5118
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e20a2d075247f3fa57cb7d15fa82659e0b31bc2d96f3023adfc89b5dfb9c1ab
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06
195b49c1fbbf280599238e690f8a3c7e31c8608385a6ae21e90b0798baced2ea
1c1f5174ac506c6b9d1274f504a97a600e524216bf1115f657c54a2f26b04a6d
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ee5e2d9c15cd32353611a9b37b6207c61b77aa21952cec893475fc8445ac073
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
22308d41eb2f1ef808dfbff8a693c4fd7983e38ea27760ce729566d06c14ef4a
229d6077e7d50edc21b4fbde98ddd834327691ca0c12f91e99a38ae42e1a9116
2ac2c510361c71237255f178827dfe30a29827eec40a40e65f83d1106dd94b0a
2ca7b36e1763fe947b955c52428a040e6de1777c985764a656a0b795595a7e52
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36c5e39521cae1a586d826b2f9fc252ab651a8a4b68defd8a69952be4953f99f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
49847a09c0dde66c1b3db7770411d1d0fbb89c01b8e9acd4606000d21f76a549
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ee9bbe2550cd9323f302ba77e47d14fcb84cec7c628521b9f19cd52ce37cef
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5e2ed6b5f2472e1c1536aaddb38c624f2dffa7d5cdd98052f4a6620c624abd00
5e390edc295eb450a4093697097a00c049654ac28a6514dd6bf29f7c84f8c3d4
607c6dfb3c8ebb75b9c2dea3bbcba23568b9d4ade5d59f17f4bca068b7a1c361
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
62d1dee6bbb83071463a30babdd882e09bec8cd1dfcc250d3c4bc799ef61d9f8
65e8d4b0492c92db72450d96a30e34ecd6d8d7c3805526d77626ff86c8be34bb
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6bf318fc149f2ea4adb11c840d3d1645d4b2ffadd88369800de88b8c5a06d9
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
758f5d5c60bf4c3f98225575352f092cdfc1198c92613ea260bded1a2335705f
769c0c15b0505b178f3a245cd21b058c38f1bb0a091ccdfb83ea159bf9da10a9
78793ed6af79a53f0a983daa7bf01fb2151d5c76938994e9a0a3f9b820714c42
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89f3a1af4b1de4dab4e45a74c029b9fbfd2e52a274a195e94e5d7b55ce6be5ea
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad943c94c347363495dc8ccb723e347a136f8cab62e398528e389a7bfd611ca
8c0b4bf78f5d5e518bc635922a118e570a8ba20262b026e40f12ca4d572c2b96
8e1f8a8f53687e0cf9b6201f86d8d7ad6123cb04f5ac19a4f636f9d0912822ad
982f7da2aafd4a951d511eb60f4e2c35014500710c959c1dd0ec6fe48b33a24f
9b84647256daa900e5c30a9d2ce23df4ce10661b09173492210bf5448296fca8
9f2ceec0f5ca09ce9d9bfac0da79786e3254cb3c8219d63c5fe48ae9165e56de
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74
a89e8aba36c3d2fdd2d7b82b415bdc39b3ac082f6ee9a2ef25e7ee617ded84b4
a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ac0323103caeb3e19d3ecd23aa5faee9641aa1ea57c29d623e0bc89fe8df697f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b0d97848a9d49c741490c3f85715ee8370d4adb2725dd82ab0445c405ad968c6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b9590e9e6ea0a6de1b9144d5d827eb1ccf991443e84d394e2f9e531ae35a4703
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be80be7e124d18d66cc18c6e8247d1c83211115c1bb856d5ce2101765d22450d
bf8762c6132076fffb1e56f88e1ae04e5c9361ff0442bb40b33335881d3bf804
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
cf0295bd69941bada66bfac6422a054a375119e6d6e8b296d473f9e878a72555
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1fff3160f71b6e05b833c32b3373aade8f3097895eba9327a8d2db8b984dba5
d539ac631b4c533e6d77a8ba96acb173159ca2645c85c40ea308e91b7be92c6d
dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e0f44bfd4272f89e5c572b30f6f93ecaebb0894f372e295a0c4e9189243635
e6eae0251ff9d9602e618bd779c3c7234b243fb71da5afa4e502443e9c007bd4
e6f5d1d79ddea4deaf100f96b051b42862e94c17899df41530ec9ddb444a3cc0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

libertythroughwealth.com Open in urlscan Pro 18.233.27.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

95 %HTTPS

33 %IPv6

59 Domains

76 Subdomains

74 IPs

9 Countries

4540 kBTransfer

7200 kBSize

54 Cookies

4 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

libertythroughwealth.com Open in urlscan Pro
18.233.27.104 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

95 %
HTTPS

33 %
IPv6

59
Domains

76
Subdomains

74
IPs

9
Countries

4540 kB
Transfer

7200 kB
Size

54
Cookies

137 HTTP transactions
0 data transactions