urlscan.io logo urlscan.io
SecurityTrails logo

saferetirementreports.com Open in urlscan Pro
66.42.108.208  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.e.saferetirementreports.com/u/click?_t=9cee5a7d319d4483be456f980018a9a6&_m=71ea0ef8bf774ac5b403e6fdae11a546&_e=l63Z2shx0x0CG...
Effective URL: https://saferetirementreports.com/suspicious-engagement/
Submission: On May 10 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 65 HTTP transactions. The main IP is 66.42.108.208, located in Los Angeles, United States and belongs to AS-CHOOPA, US. The main domain is saferetirementreports.com. The Cisco Umbrella rank of the primary domain is 509829.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 13th 2022. Valid for: 3 months.
This is the only time saferetirementreports.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:2057:7400:4:8035:cb00:93a1 (United States)

ASN16509 (AMAZON-02, US)
links.e.saferetirementreports.com
39    66.42.108.208 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 66.42.108.208.vultrusercontent.com
saferetirementreports.com
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
6    2606:4700:20::681a:f5c (United States)

ASN13335 (CLOUDFLARENET, US)
a.plerdy.com
c.plerdy.com
2    2606:4700:20::ac43:49e0 (United States)

ASN13335 (CLOUDFLARENET, US)
c.plerdy.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
40 saferetirementreports.com
links.e.saferetirementreports.com — Cisco Umbrella Rank: 797630
saferetirementreports.com — Cisco Umbrella Rank: 509829
2 MB
8 plerdy.com
a.plerdy.com — Cisco Umbrella Rank: 66485
c.plerdy.com — Cisco Umbrella Rank: 74789
103 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1100
trc.taboola.com — Cisco Umbrella Rank: 882
trc-events.taboola.com — Cisco Umbrella Rank: 1945
19 KB
4 gstatic.com
fonts.gstatic.com
122 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
5 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
80 KB
65 7
Domain Requested by
39 saferetirementreports.com saferetirementreports.com
c.plerdy.com
5 a.plerdy.com saferetirementreports.com
c.plerdy.com
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com saferetirementreports.com
3 c.plerdy.com a.plerdy.com
c.plerdy.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 trc-events.taboola.com cdn.taboola.com
2 www.googletagmanager.com saferetirementreports.com
1 trc.taboola.com cdn.taboola.com
1 cdn.taboola.com saferetirementreports.com
1 links.e.saferetirementreports.com 1 redirects
65 11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
saferetirementreports.com
cPanel, Inc. Certification Authority		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-02 -
2023-03-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://saferetirementreports.com/suspicious-engagement/
Frame ID: EDD430D73017DA4D1217AA3EE7C86A6D
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SUSPICIOUS-ENGAGEMENT - Safe Retirement Reports

Page URL History Show full URLs

  1. https://links.e.saferetirementreports.com/u/click?_t=9cee5a7d319d4483be456f980018a9a6&_m=71ea0ef8bf774ac5b403e6fdae11a... HTTP 303
    https://saferetirementreports.com/suspicious-engagement/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

65
Requests

98 %
HTTPS

70 %
IPv6

7
Domains

11
Subdomains

10
IPs

3
Countries

2365 kB
Transfer

2898 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.e.saferetirementreports.com/u/click?_t=9cee5a7d319d4483be456f980018a9a6&_m=71ea0ef8bf774ac5b403e6fdae11a546&_e=l63Z2shx0x0CGgr9_9HCfRD2s2FCkqgdfk0zWbzszuF2JKLfSJgQnKeFekHWeS8IwvRcadzNfyS1cFcCA8SxCI0es5gatM0k0_sWhT1fQAcgklLIvuxIZNiT3_vpy1CTXrLHSbF4tQP1M4rfz_HbfMepobqRbwYY1X3iUPvTYW6u2wtqrsWCFEIjQTrTdPN6vqUgqAxAs3fs_AZi_d0mz8cnbMRTjkMonQqCYJ537b8V8XiwTrSt1zkYocrGoFVySf4rn90LX6lxowtLAUCM8ad0yO11ZP8DnYIQtlPaFNnQx7LuJmblEYNtPSEDWUdN HTTP 303
    https://saferetirementreports.com/suspicious-engagement/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
saferetirementreports.com/suspicious-engagement/
Redirect Chain
  • https://links.e.saferetirementreports.com/u/click?_t=9cee5a7d319d4483be456f980018a9a6&_m=71ea0ef8bf774ac5b403e6fdae11a546&_e=l63Z2shx0x0CGgr9_9HCfRD2s2FCkqgdfk0zWbzszuF2JKLfSJgQnKeFekHWeS8IwvRcadzN...
  • https://saferetirementreports.com/suspicious-engagement/
148 KB
149 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
f3ed751e14b2c3e18ac6e22fc31fac1b9dc75102345581cf36a6aac3fb44c364

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=2592000
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 10 May 2022 14:16:39 GMT
Expires
Thu, 09 Jun 2022 14:16:39 GMT
Keep-Alive
timeout=5, max=100
Link
<https://saferetirementreports.com/wp-json/>; rel="https://api.w.org/", <https://saferetirementreports.com/wp-json/wp/v2/pages/33763>; rel="alternate"; type="application/json", <https://saferetirementreports.com/?p=33763>; rel=shortlink
Server
Apache
Transfer-Encoding
chunked

Redirect headers

content-length
0
content-security-policy
frame-ancestors 'self' https://links.iterable.com https://links.doordash.com https://rise.articulate.com https://academy.iterable.com; base-uri 'none'; object-src 'none'; report-uri https://sentry.io/api/22065/security/?sentry_key=d6d9333ad25747ba8107e7681de79ec4
date
Tue, 10 May 2022 14:16:38 GMT
location
https://saferetirementreports.com/suspicious-engagement/
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
request-time
1
server
iterable-links 6795
vary
Origin
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
UJWuasW0rgDmQHVtCY9WRMwZOD-hVmcLb1-S7f7hebkbtfxzVC24NQ==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
style.min.css
saferetirementreports.com/wp-includes/css/dist/block-library/ 		79 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.4
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:40 GMT
Last-Modified
Fri, 30 Jul 2021 08:22:36 GMT
Server
Apache
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
80574
Expires
Thu, 09 Jun 2022 14:16:40 GMT
gtm.js
www.googletagmanager.com/ 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MB42CJG
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
387eebe8179ea1ceccc52e0f3dda4ad4b57b194b7f2af92a25e0cfba48842f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 14:16:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42686
x-xss-protection
0
last-modified
Tue, 10 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 10 May 2022 14:16:40 GMT
wp-emoji-release.min.js
saferetirementreports.com/wp-includes/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.4
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Fri, 30 Jul 2021 08:22:36 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
18181
Expires
Thu, 09 Jun 2022 14:16:41 GMT
css
fonts.googleapis.com/ 		2 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400&ver=5.8.4
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:38:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 10 May 2022 14:16:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 May 2022 14:16:40 GMT
style.css
saferetirementreports.com/wp-content/themes/soledad/ 		783 KB
784 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/themes/soledad/style.css?ver=5.8.4
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
1bab80598bccc8bd695ed7507cafc7869684d048690b658f1f8e8a0406122bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:40 GMT
Last-Modified
Thu, 26 Mar 2020 07:35:58 GMT
Server
Apache
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
802291
Expires
Thu, 09 Jun 2022 14:16:40 GMT
css
fonts.googleapis.com/ 		47 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CRoboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPT+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&ver=1.0
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4bad6c85fe02bc4dffe636dc34768ddb6d3f65e32017659ac88f5d75490486f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 10 May 2022 14:16:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 10 May 2022 14:16:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 May 2022 14:16:40 GMT
style.css
saferetirementreports.com/wp-content/themes/soledad-child/ 		359 B
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/themes/soledad-child/style.css?ver=7.3.2
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
47417194b984e994b27ccc53747f5b0c92181aaa81082f0dfe7b11fd6a426344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:40 GMT
Last-Modified
Thu, 26 Mar 2020 07:36:23 GMT
Server
Apache
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
359
Expires
Thu, 09 Jun 2022 14:16:40 GMT
jquery.min.js
saferetirementreports.com/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:40 GMT
Last-Modified
Fri, 30 Jul 2021 08:22:36 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
89521
Expires
Thu, 09 Jun 2022 14:16:40 GMT
jquery-migrate.min.js
saferetirementreports.com/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:40 GMT
Last-Modified
Mon, 21 Dec 2020 10:29:29 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11224
Expires
Thu, 09 Jun 2022 14:16:40 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB42CJG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7052
date
Tue, 10 May 2022 12:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 10 May 2022 14:19:09 GMT
css2
fonts.googleapis.com/ 		17 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5dd38d2715261f5e4dcc53204b0d22a39383a0100751a81f722e6b5546a8bdc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 10 May 2022 14:16:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 10 May 2022 14:16:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 May 2022 14:16:40 GMT
penci-holder.png
saferetirementreports.com/wp-content/themes/soledad/images/ 		125 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/themes/soledad/images/penci-holder.png
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Thu, 26 Mar 2020 07:35:58 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
125
Expires
Wed, 10 May 2023 14:16:42 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-161957701-1
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19e16b50205b17df7b05f3ed33bc015954aabcd2ed4ba371a3fecc981f24679e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 14:16:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38880
x-xss-protection
0
last-modified
Tue, 10 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 10 May 2022 14:16:41 GMT
hustle-icons.min.css
saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-icons.min.css?ver=4.4.11
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
f38b9f4968be54bf0111a59d501f251c586859a7f06800a7a2e147b5484d57cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Wed, 26 Jan 2022 07:02:41 GMT
Server
Apache
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2698
Expires
Thu, 09 Jun 2022 14:16:41 GMT
hustle-global.min.css
saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/ 		44 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-global.min.css?ver=4.4.11
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
73b5eb3a73d23775d8e0b9ed2df7c1123b9be92d66cdd44eefa50ad7174ba8da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Wed, 26 Jan 2022 07:02:41 GMT
Server
Apache
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
44792
Expires
Thu, 09 Jun 2022 14:16:41 GMT
hustle-optin.min.css
saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/ 		80 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-optin.min.css?ver=4.4.11
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
a96ed67385022fcb698dc623e576621c309db37df8dc3900c1bedae2daa1fe20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Wed, 26 Jan 2022 07:02:41 GMT
Server
Apache
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
82094
Expires
Thu, 09 Jun 2022 14:16:41 GMT
hustle-popup.min.css
saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/ 		45 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-popup.min.css?ver=4.4.11
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
859a402c982d4d648ba843aab82d2912c440e9c4fdd585aa28b28b153aaf6be0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Wed, 26 Jan 2022 07:02:41 GMT
Server
Apache
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
46069
Expires
Thu, 09 Jun 2022 14:16:41 GMT
css
fonts.googleapis.com/ 		5 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%2Cbold&display=swap&ver=1.0
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e45512e6a8849091f2b483d2e2698b1dc9d29f4b479562886f92119048843cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 10 May 2022 14:09:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 10 May 2022 14:16:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 May 2022 14:16:41 GMT
jquery.easypiechart.min.js
saferetirementreports.com/wp-content/plugins/penci-review/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/plugins/penci-review/js/jquery.easypiechart.min.js?ver=1.0
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Thu, 26 Mar 2020 07:36:51 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3990
Expires
Thu, 09 Jun 2022 14:16:41 GMT
review.js
saferetirementreports.com/wp-content/plugins/penci-review/js/ 		790 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/plugins/penci-review/js/review.js?ver=1.0
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
528ed787a4bd37642413945a1622bcfb77860d14711673fd1bf06346d870052b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Thu, 26 Mar 2020 07:36:51 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
790
Expires
Thu, 09 Jun 2022 14:16:41 GMT
core.min.js
saferetirementreports.com/wp-includes/js/jquery/ui/ 		20 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Thu, 15 Apr 2021 04:08:56 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
20787
Expires
Thu, 09 Jun 2022 14:16:41 GMT
datepicker.min.js
saferetirementreports.com/wp-includes/js/jquery/ui/ 		35 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Fri, 30 Jul 2021 08:22:36 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
36148
Expires
Thu, 09 Jun 2022 14:16:41 GMT
hustle-ui.min.js
saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/js/ 		101 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/js/hustle-ui.min.js?ver=4.4.11
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
49c73269123bbce2ee26b0a9bea86b2c10fa64237d68df41b2da687a8ae93ab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Wed, 26 Jan 2022 07:02:41 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
103670
Expires
Thu, 09 Jun 2022 14:16:41 GMT
underscore.min.js
saferetirementreports.com/wp-includes/js/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Fri, 30 Jul 2021 08:22:36 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
19076
Expires
Thu, 09 Jun 2022 14:16:41 GMT
front.min.js
saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/js/ 		45 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/js/front.min.js?ver=4.4.11
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
f60cb3cdabc52ae92abd8a676333dd30c7f6a11213da17fb8e4928bac7799f9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Wed, 26 Jan 2022 07:02:41 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
46192
Expires
Thu, 09 Jun 2022 14:16:41 GMT
libs-script.min.js
saferetirementreports.com/wp-content/themes/soledad/js/ 		189 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/themes/soledad/js/libs-script.min.js?ver=7.3.2
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
0017bfc8ab7022aea856f6138ad458d495a919e2213c4c4985265f74aeea1ebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Thu, 26 Mar 2020 07:35:58 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
193567
Expires
Thu, 09 Jun 2022 14:16:41 GMT
main.js
saferetirementreports.com/wp-content/themes/soledad/js/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/themes/soledad/js/main.js?ver=7.3.2
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
8a7b0a9645353a21f823e0f913a1f9227ee80fb46c5d6293f2980cd9b0fa759c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Thu, 26 Mar 2020 07:35:58 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
43753
Expires
Thu, 09 Jun 2022 14:16:41 GMT
post-like.js
saferetirementreports.com/wp-content/themes/soledad/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/themes/soledad/js/post-like.js?ver=7.3.2
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Thu, 26 Mar 2020 07:35:58 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1113
Expires
Thu, 09 Jun 2022 14:16:41 GMT
smush-lazy-load.min.js
saferetirementreports.com/wp-content/plugins/wp-smushit/app/assets/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.8.8
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Fri, 30 Jul 2021 08:24:57 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
7918
Expires
Thu, 09 Jun 2022 14:16:41 GMT
wp-embed.min.js
saferetirementreports.com/wp-includes/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-includes/js/wp-embed.min.js?ver=5.8.4
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Thu, 04 Feb 2021 04:11:23 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1426
Expires
Thu, 09 Jun 2022 14:16:41 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/gif
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CRoboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPT+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saferetirementreports.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:26:54 GMT
x-content-type-options
nosniff
age
499787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 19:26:54 GMT
fontawesome-webfont.woff2
saferetirementreports.com/wp-content/themes/soledad/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/wp-content/themes/soledad/style.css?ver=5.8.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://saferetirementreports.com/wp-content/themes/soledad/style.css?ver=5.8.4
Origin
https://saferetirementreports.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Thu, 26 Mar 2020 07:35:58 GMT
Server
Apache
Content-Type
font/woff2
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
77160
Expires
Thu, 09 Jun 2022 14:16:41 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CRoboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPT+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saferetirementreports.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:26:32 GMT
x-content-type-options
nosniff
age
499809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 19:26:32 GMT
searchsubmit.png
saferetirementreports.com/wp-content/themes/soledad/images/ 		279 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/themes/soledad/images/searchsubmit.png
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/wp-content/themes/soledad/style.css?ver=5.8.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
e1c1780a74c1fff77322398211f259a7499b282e572fca3fb9fcddc5f5b55d01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/wp-content/themes/soledad/style.css?ver=5.8.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Thu, 26 Mar 2020 07:35:58 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
279
Expires
Wed, 10 May 2023 14:16:41 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CRoboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPT+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saferetirementreports.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 17:56:19 GMT
x-content-type-options
nosniff
age
505222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 04 May 2023 17:56:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CRoboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPT+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saferetirementreports.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 01:46:21 GMT
x-content-type-options
nosniff
age
390620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 01:46:21 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1354400/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1354400/tfa.js
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd2462bab45dad4974640b271b3471536caafe04e333b79ba50e597fd8f40a68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
RXZQY.P7C1nx..zvthH_HfwR5lm3lceo
content-encoding
gzip
etag
"e50861b6680122ae65ed831cc3824dc7"
age
116
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17363
x-amz-id-2
T8jFthb5Cz4Gwmg1X/ugRUpILzSHAcd44TMb3iQL+Oysuhwn6m1ayUe461Oo96npaPraFN1arSIOHwNwOYurWA==
x-served-by
cache-hhn4024-HHN
last-modified
Sun, 08 May 2022 11:06:30 GMT
server
AmazonS3
x-timer
S1652192201.422193,VS0,VE0
date
Tue, 10 May 2022 14:16:41 GMT
vary
Accept-Encoding
x-amz-request-id
R9X6QB223SRN6W0K
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
79
x-cache-hits
2
json
trc.taboola.com/1354400/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1354400/trc/3/json?tim=1652192201446&data=%7B%22id%22%3A420%2C%22ii%22%3A%22%2Fsuspicious-engagement%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1652192201430%2C%22cv%22%3A%2220220508-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsaferetirementreports.com%2Fsuspicious-engagement%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Deverestads-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1652192201445%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsaferetirementreports.com%2Fsuspicious-engagement%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A62%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1354400/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f13665e305bcb8c2aac9a3799602acbb7a66703cabaafe40ec673ea34ffb9eac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Tue, 10 May 2022 14:16:41 GMT
content-encoding
gzip
server
nginx
x-timer
S1652192201.455251,VS0,VE19
x-served-by
cache-hhn4024-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
hustle-icons-font.ttf
saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/fonts/hustle-icons-font.ttf
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-icons.min.css?ver=4.4.11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
c8ccfa5c23b7fb8848ee26de498408961555235ec2c49e15e65a9bba6692d89f

Request headers

Referer
https://saferetirementreports.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-icons.min.css?ver=4.4.11
Origin
https://saferetirementreports.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:41 GMT
Last-Modified
Wed, 26 Jan 2022 07:02:41 GMT
Server
Apache
Content-Type
font/ttf
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
12260
Expires
Thu, 09 Jun 2022 14:16:41 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=820031603&t=pageview&_s=1&dl=https%3A%2F%2Fsaferetirementreports.com%2Fsuspicious-engagement%2F&ul=en-us&de=UTF-8&dt=SUSPICIOUS-ENGAGEMENT%20-%20Safe%20Retirement%20Reports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=572333932&gjid=584215392&cid=601117147.1652192201&tid=UA-170962029-8&_gid=716017860.1652192201&_r=1&gtm=2wg590MB42CJG&z=2123443598
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://saferetirementreports.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 May 2022 14:16:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saferetirementreports.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=820031603&t=pageview&_s=1&dl=https%3A%2F%2Fsaferetirementreports.com%2Fsuspicious-engagement%2F&ul=en-us&de=UTF-8&dt=SUSPICIOUS-ENGAGEMENT%20-%20Safe%20Retirement%20Reports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1779075030&gjid=57923260&cid=601117147.1652192201&tid=UA-161957701-1&_gid=716017860.1652192201&_r=1&gtm=2ou590&z=1054133624
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://saferetirementreports.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 May 2022 14:16:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saferetirementreports.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
image-1.png
saferetirementreports.com/wp-content/uploads/2021/07/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2021/07/image-1.png
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
18b06640b327a81150af3735b6d25f88ab0c1e2e2aafc7856e6f31e758db266b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Mon, 12 Jul 2021 11:02:43 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
7430
Expires
Wed, 10 May 2023 14:16:42 GMT
main.js
a.plerdy.com/public/js/click/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.plerdy.com/public/js/click/main.js?v=0.4667929941252609
Requested by
Host: saferetirementreports.com
URL: https://saferetirementreports.com/suspicious-engagement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fdf7e84531a30c907200066eec745324f2abcb0d72129487a90cd8511505797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 14:16:42 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 May 2022 19:28:47 GMT
server
cloudflare
etag
W/"627576ef-1776"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8Ux7N0VITxaHvhjgB6tt67zotA0HOUBKM6mk2AUAQDAwe2yJBfQ1cVZ3PWccirzpsMcNI7mJjyLVLBxxRUdFpG83ALq0nz7xNvp5uHW%2F5B4bRwcDHBbex5%2BrN0vpjVax3TJZG%2B3n4DtUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
70934b4e8dec9013-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
main2.js
c.plerdy.com/public/js/click/ 		382 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.plerdy.com/public/js/click/main2.js?v=12
Requested by
Host: a.plerdy.com
URL: https://a.plerdy.com/public/js/click/main.js?v=0.4667929941252609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4bbe2a831c66049bff4b0dacb25307d568299a96576530a15b09b6ede054f2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 14:16:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1537
cf-polished
origSize=391298
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 May 2022 19:28:51 GMT
server
cloudflare
etag
W/"627576f3-5f882"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zacaxM44sj8Q81I4A%2F1Yq1SZIfVd2GVwHLY8YmwUoulUoDCz808%2Fh0JzaCzGEq5mMm%2FZBvbOBlZSWSlWP89vNzeNYg9DSSelQ7RgFk4S7c4tIHKVGh380VwfJCD5EZ8yJpWY25PX7B3gJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-ray
70934b4ece9c9013-FRA
cf-bgj
minify
logo.png
saferetirementreports.com/wp-content/uploads/2020/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2020/10/logo.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
3c1fc3e20d9efe94ac1d21116d4d1100f6d8823bdc9782aa3d1f18c6e38420e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://saferetirementreports.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=96
Expires
Wed, 11 Jan 1984 05:00:00 GMT
featured50-263x175.jpg
saferetirementreports.com/wp-content/uploads/2020/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2020/03/featured50-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
487809b435edf11463a8218314f9a315297fc3ba75e9542529775129cf11316d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Thu, 26 Mar 2020 10:11:29 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
12183
Expires
Wed, 10 May 2023 14:16:42 GMT
featured18-263x175.jpg
saferetirementreports.com/wp-content/uploads/2020/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2020/03/featured18-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
e7ddd80ace1868313b8100fc65ccec5aaa91ea0ac40b8484389009cb092b0ca9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Thu, 26 Mar 2020 10:10:50 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
11809
Expires
Wed, 10 May 2023 14:16:42 GMT
featured8-263x175.jpg
saferetirementreports.com/wp-content/uploads/2020/03/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2020/03/featured8-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
b9fc80a689dcd4c7bd9da46d45d9f21f7929575088083e8b5b87e69ae27a0a50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Thu, 26 Mar 2020 10:10:39 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
14646
Expires
Wed, 10 May 2023 14:16:42 GMT
featured2-263x175.jpg
saferetirementreports.com/wp-content/uploads/2020/03/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2020/03/featured2-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
82d3e12ed33e76390e08df814355f1811f81fef2db9bce4a894664fb4a8d0abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Thu, 26 Mar 2020 10:10:32 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
22531
Expires
Wed, 10 May 2023 14:16:42 GMT
featured15-263x175.jpg
saferetirementreports.com/wp-content/uploads/2020/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2020/03/featured15-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
f5b8cdfbdbc82a5ee87fb637341d5c5fe86d0d8ebbc2130c88793cefd52c4a66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Thu, 26 Mar 2020 10:10:47 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
8204
Expires
Wed, 10 May 2023 14:16:42 GMT
save_statistic
c.plerdy.com/click/admin/ 		177 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.plerdy.com/click/admin/save_statistic
Requested by
Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:49e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e190307f493ad93fc40a94e6f535eae55b25fe67dbd1eb164220cc434cda579b

Request headers

Referer
https://saferetirementreports.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 10 May 2022 14:16:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZFuCZprCApJ1rTt5UWrkuQlwYKs6ARgnboNJyFq7Vd3KMX8NkE5i0Z8RQDUDR9kFr%2FfMreToXUw7%2BbG5pk%2F9utgOraY4OVcMcbqwClp2dCh%2B%2BLbNC5FyS40CUVPEglIn3kO3ra39P8%2BEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, private
cf-ray
70934b503a259954-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 10 May 2022 14:16:42 GMT
plerdy_seo_rules.js
a.plerdy.com/public/screens/21301/ 		40 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.plerdy.com/public/screens/21301/plerdy_seo_rules.js?v=0.9557197708317005
Requested by
Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afb23443f3e036ec0cbbf3027243e1832fdb54611b7cf86bf5b7cd3f1356617

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 14:16:42 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 16 Nov 2021 12:32:07 GMT
server
cloudflare
etag
W/"6193a4c7-28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=up9dVU9Pvyb%2BQRmOE%2FLldPtCA137H%2FwUY2tJK89PpwwlhKlNsKz6UhObSCRr6Z43LjAGl7elo%2BWqNg9ZvR5dhz8f9S0%2BdK%2FcuRz%2Fhva1dS7zys8DdzvjmNwl5x5%2F%2FFDqyfJUeV4w%2BeBlMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
70934b50cdd8914d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
plerdy_video_rules.js
a.plerdy.com/public/screens/21301/ 		25 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.plerdy.com/public/screens/21301/plerdy_video_rules.js?v=0.8605927967706433
Requested by
Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1753ae72ef1c45a8099356664234523f8ddf0be45efc04e018f5745f06d56d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 14:16:42 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Nov 2021 14:12:32 GMT
server
cloudflare
etag
W/"61965f50-19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1p3%2BQXQUJIySQdzHv7UOSjxoRw9QcxsZH04IZtcUB7cA4GSeU0okEPNCyRY4F8JOiXxwMvJDehDa%2FxBGrNlhKg7YqyecamJtEAVagjhh3vnM1Ou8VwOpr1FA%2FiA7zQfXxhoQpw%2F7VB0PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
70934b50cddb914d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
plerdy_ga_events.js
a.plerdy.com/public/screens/21301/ 		23 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.plerdy.com/public/screens/21301/plerdy_ga_events.js?v=0.35781221999106516
Requested by
Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a958c06085a4eda7c1b1ba959c75ac359e812f706f15a8aa48a42e8ad66cd0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 14:16:42 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Dec 2021 14:59:11 GMT
server
cloudflare
etag
W/"61cb263f-17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfyJ%2FuSq1zg2HwT4Lhp9B9D726LzO%2FKnH2d6Hvj7zJKXnDN7j4lGOK%2FiVqrnIEIxSYPSqV9Dg7z3IHhBiH6GP3LchqSE8HO60ZSuNeii56OziUgGT7ULNg7yg%2Bvcts6CbmjHHhmASM30ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
70934b50bdc6914d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
data_plerdy_form.js
a.plerdy.com/public/screens/21301/data/ 		30 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.plerdy.com/public/screens/21301/data/data_plerdy_form.js?v=0.5875994049619209
Requested by
Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
695416b31735c81c78a208c552c48e63188a73afcbe2bdc94fb67136d03bff8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 14:16:42 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Dec 2021 14:59:11 GMT
server
cloudflare
etag
W/"61cb263f-1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYBp63PnmsqTIIMV%2BFH%2BQkVrxOmZSMuJ5fZuNsoCtyUqIhpdq5tGsNbKulmOJef3eHEqnHPmdj%2FVvFScjA0vW6kF1uPhERXhtNaUAqgGIjJi%2BXIR0AdhH%2BnxfJPTJ723Ga0UTiwa2YWd7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
70934b50cdd4914d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
featured8-263x175.jpg
saferetirementreports.com/wp-content/uploads/2020/03/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2020/03/featured8-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
b9fc80a689dcd4c7bd9da46d45d9f21f7929575088083e8b5b87e69ae27a0a50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Thu, 26 Mar 2020 10:10:39 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
14646
Expires
Wed, 10 May 2023 14:16:42 GMT
featured15-263x175.jpg
saferetirementreports.com/wp-content/uploads/2020/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2020/03/featured15-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
f5b8cdfbdbc82a5ee87fb637341d5c5fe86d0d8ebbc2130c88793cefd52c4a66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Thu, 26 Mar 2020 10:10:47 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
8204
Expires
Wed, 10 May 2023 14:16:42 GMT
featured2-263x175.jpg
saferetirementreports.com/wp-content/uploads/2020/03/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2020/03/featured2-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
82d3e12ed33e76390e08df814355f1811f81fef2db9bce4a894664fb4a8d0abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Thu, 26 Mar 2020 10:10:32 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
22531
Expires
Wed, 10 May 2023 14:16:42 GMT
featured18-263x175.jpg
saferetirementreports.com/wp-content/uploads/2020/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2020/03/featured18-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
e7ddd80ace1868313b8100fc65ccec5aaa91ea0ac40b8484389009cb092b0ca9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Thu, 26 Mar 2020 10:10:50 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
11809
Expires
Wed, 10 May 2023 14:16:42 GMT
featured50-263x175.jpg
saferetirementreports.com/wp-content/uploads/2020/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saferetirementreports.com/wp-content/uploads/2020/03/featured50-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.42.108.208 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
66.42.108.208.vultrusercontent.com
Software
Apache /
Resource Hash
487809b435edf11463a8218314f9a315297fc3ba75e9542529775129cf11316d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/suspicious-engagement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 14:16:42 GMT
Last-Modified
Thu, 26 Mar 2020 10:11:29 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
12183
Expires
Wed, 10 May 2023 14:16:42 GMT
ip
c.plerdy.com/click/ 		45 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.plerdy.com/click/ip?params=%7B%0A%20%20%22site_url%22%3A%20%22saferetirementreports.com%22%2C%0A%20%20%22ip_visitor%22%3A%20%22%22%2C%0A%20%20%22position%22%3A%20%5B%5D%2C%0A%20%20%22page_url%22%3A%20%22https%3A%2F%2Fsaferetirementreports.com%2Fsuspicious-engagement%2F%22%2C%0A%20%20%22user_hash%22%3A%20%22d9c12901bd48c09a731b298729d4a2a8%22%2C%0A%20%20%22suid%22%3A%2021301%2C%0A%20%20%22plerdy_url%22%3A%20%22https%3A%2F%2Fa.plerdy.com%2Fclick%2F%22%2C%0A%20%20%22device%22%3A%20%22desktop%22%2C%0A%20%20%22cookie_form%22%3A%20%22%22%2C%0A%20%20%22doingrequest%22%3A%200%2C%0A%20%20%22tag_name%22%3A%20%5B%5D%2C%0A%20%20%22el_on_click%22%3A%20%5B%5D%2C%0A%20%20%22class_name%22%3A%20%5B%5D%2C%0A%20%20%22node_number%22%3A%20%5B%5D%2C%0A%20%20%22click_number%22%3A%20%5B%5D%2C%0A%20%20%22reserve_selector%22%3A%20%5B%5D%2C%0A%20%20%22class_list%22%3A%20%5B%5D%2C%0A%20%20%22id_list%22%3A%20%5B%5D%2C%0A%20%20%22page_title%22%3A%20%22SUSPICIOUS-ENGAGEMENT%20-%20Safe%20Retirement%20Reports%22%2C%0A%20%20%22plerdy_url0%22%3A%20%22https%3A%2F%2Fa.plerdy.com%2F%22%2C%0A%20%20%22plerdy_url_live%22%3A%20%22https%3A%2F%2Fa.plerdy.com%2F%22%2C%0A%20%20%22plerdy_url_save%22%3A%20%22https%3A%2F%2Fc.plerdy.com%2Fclick%2F%22%2C%0A%20%20%22plerdy_url_save_test%22%3A%20%22https%3A%2F%2Fc.plerdy.com%2Fclick_test%2F%22%2C%0A%20%20%22traffic_source%22%3A%20%22direct%22%2C%0A%20%20%22id_page%22%3A%2020%2C%0A%20%20%22country_code%22%3A%20%22DE%22%0A%7D&cooki=%5B%5D&ip_a=1
Requested by
Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:49e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb73313321b21863bff2ceefe7707a65cf64a25e19645f5434d4ec2119a0b590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 14:16:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLmz7vCxjgJZvwkoN96TITctNgcRIpvYVqYxeS8%2Fg%2FMr7Qx15T8kdTvq3ruvDu8vTTl0dxd4qnn2nAkfpXQ4cwhSb3N6id3JPi4zer6UXNk4CKtsRiiW1CbOLriPjEdNoAqURpPlm%2F6SFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0
cf-apo-via
origin,host
cf-ray
70934b510c3d9954-FRA
expires
Tue, 10 May 2022 14:16:42 GMT
unip
trc-events.taboola.com/1354400/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1354400/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=62&ssd=1&est=1652192201442&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1652192203001&vi=1652192201430&ri=6ba628d8907668d3b4c939dfc05f38ee&ref=null&cv=20220508-4-RELEASE&item-url=https%3A%2F%2Fsaferetirementreports.com%2Fsuspicious-engagement%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1354400/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://saferetirementreports.com
pragma
no-cache
date
Tue, 10 May 2022 14:16:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1354400/log/3/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1354400/log/3/unip?en=pre_d_eng_tb&tos=4559&scd=62&ssd=1&est=1652192201442&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1652192206002&vi=1652192201430&ri=6ba628d8907668d3b4c939dfc05f38ee&ref=null&cv=20220508-4-RELEASE&item-url=https%3A%2F%2Fsaferetirementreports.com%2Fsuspicious-engagement%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1354400/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saferetirementreports.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://saferetirementreports.com
pragma
no-cache
date
Tue, 10 May 2022 14:16:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
saferetirementreports.com/suspicious-engagement/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
saferetirementreports.com
URL
https://saferetirementreports.com/suspicious-engagement/

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| $ function| jQuery object| penciBlocksArray object| portfolioDataJs object| PENCILOCALCACHE function| penciBlock function| gtag object| _tfa function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| gaplugins object| gaGlobal object| gaData object| HUI function| _ object| Modules object| incOpt object| Backbone object| Hustle object| Optin function| onYouTubePlayerAPIReady function| PenciISJson function| onYouTubeIframeAPIReady string| video_postmessage_event_func string| video_postmessage_event function| jarallax function| VideoWorker function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| ytp object| ajax_var_more object| ajax_var object| twemoji object| wp object| lazySizes string| _protocol object| plerdyMainScript string| _site_hash_code number| _suid object| plerdyScript object| _0x1aa7 function| _0x1a3b function| _0x342f1b string| MAINPLERDYURL object| mainScriptPlerdy string| mainScriptPlerdy_host string| mainScriptPlerdy_host_tracker object| plerdy_config object| _0x43f6 function| _0x402a function| _0x49cc68 number| plerdyTypeTrack number| Plerdy_lastScrollTop number| Plerdy_lastScrollTop_2 number| pledyTimeOfClick number| PlerdyFormIsShowed number| PlerdyFormIsShowed_2 number| PlerdyFormIsShowedButtonLabel number| PlerdyFormIsShowedButtonLabel_2 string| initPlerdyUrlOriginal object| initPlerdyUrlOriginalO number| hoverActiveOnOff number| plerdy_click_number_on_page undefined| my_selector_generator number| on_off_mode_show undefined| old_device string| pageUrl object| parts string| plerdy_refferer string| part2 object| trfficSource object| object object| timeClose string| plerdyIframeData object| plerdyIframeDataHover function| plerdyReceiveMessage object| plEventsAll number| plerdy_active_elements number| plerdy_inactive_elements object| position_array object| plerdy_real_elements number| plerdy_sc object| previous_data number| maxCntVl number| averageCntVl number| allCntVl number| ratioCntVl object| selectors object| selectors_hovers number| corector object| allS object| plerdySelectorsArray boolean| plerdy_path_ref undefined| url_ref_arr undefined| segments undefined| dataForshowPanel string| plerdyCurrencySales number| intervalPlerdycycleStopVar undefined| firstTime number| maxCntSelectorsPlerdy number| maxCntSelectorsPlerdy_critical boolean| plerdy_mouseSelect boolean| plerdyTypeShow string| plerdySalasCurrency number| maxCntVlHovers undefined| positions undefined| isScrolling number| timerFarBreakCykle function| plerdySourseBusterFunc string| plerdyVisitorId object| FingerprintJSPlerdy object| plerdySession string| sesNameP string| sesNamePuserSes undefined| plerdy_selectors_for_mouse_move object| cash_selectros_for_mouse_move object| plerdy_referrals number| plerdy_do_now function| plerdy_getHTML object| plerdy_scroll_cache object| plerdy_scroll_cache_send object| plerdy_scroll_dataOLD number| plerdy_scroll_data number| plerdy_on_off_send_scroll object| send_data function| getPageUrl function| init_click_count_plerdy function| checkUrlforBannersAkcia function| checkIprules function| unserialize function| checkUrlForHide function| checkUrl function| rtrim function| checkDevice function| fullPath function| sendDataForInitPlerdy function| setFormIframeStyles function| loadAddPlerdyScript function| hide_popupPlerdy function| plerdyAddMultipleListeners function| addPlerdyEvent1 function| on_plerdy function| addStyle function| mobilecheck function| mobileAndTabletcheck function| createCORSRequest function| offset function| selectDevise function| do_kostyl function| checkChildrenForAddDisplay function| plerdy_elem_over function| plerdy_elem_out function| inArray function| doWhenMouseOver function| addRemoveHeight function| plerdyClicksStyle function| sendToIframe function| showHidePanel function| initFingerprintJSPlerdy function| plerdySessionFunctions function| plerdySeoAudit function| sendPlerdyDataToSeo function| sendSatistic_Before function| getCookiePlerdy function| plerdySerialize function| sendSatistic function| urlencode function| currentDate function| plerdy_filterNone function| plerdy_getAllComments function| plerdyAverageValue function| proccesVideoData function| initGaEvents function| plerdysend function| plerdyCommerse function| proccesConverssionData function| doPlerdyConvStep function| validConverssionURL function| getTrafficsPlerdyArr function| getDevicePlerdyArr function| plerdySeoRulesCheck function| plerdyDetectIfAlloved function| sendConv_v2 function| plerdyClearnWords function| plerdyClearnString function| getForLua function| PlerdyRobots function| sendDataScroll function| doSeo function| addInPage function| detect function| makrPlerdyReal function| showMarkedSeoNum function| plerdyUnMakrWords object| plerdy_tags_arr function| CssSelectorGenerator object| ee object| owl string| all_url string| seo_url number| seoTimeOut number| seo_do_now object| seoParams string| country_code_plerdy object| plerdy_ga_events object| plerdy_video_rules object| plerdy_seo_rules object| plerdy_seo_rules2 boolean| doSeoOrNot object| plerdy_form_data_params object| d

9 Cookies

Domain/Path Name / Value
.saferetirementreports.com/ Name: iterableEndUserId
Value: dandler.frederick%40gmail.com
.saferetirementreports.com/ Name: iterableEmailCampaignId
Value: 4184733
.saferetirementreports.com/ Name: iterableTemplateId
Value: 5695732
.saferetirementreports.com/ Name: iterableMessageId
Value: 71ea0ef8bf774ac5b403e6fdae11a546
links.e.saferetirementreports.com/ Name: XSRF-TOKEN
Value: ef1094bf101227db42d7cec8c9a233f92d24864e-1652192198775-b4a05f20f33984631f57a8a1
.saferetirementreports.com/ Name: _ga
Value: GA1.2.601117147.1652192201
.saferetirementreports.com/ Name: _gid
Value: GA1.2.716017860.1652192201
.saferetirementreports.com/ Name: _gat_UA-170962029-8
Value: 1
.saferetirementreports.com/ Name: _gat_gtag_UA_161957701_1
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://saferetirementreports.com/wp-content/uploads/2020/10/logo.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.plerdy.com
c.plerdy.com
cdn.taboola.com
fonts.googleapis.com
fonts.gstatic.com
links.e.saferetirementreports.com
saferetirementreports.com
trc-events.taboola.com
trc.taboola.com
www.google-analytics.com
www.googletagmanager.com
saferetirementreports.com
141.226.228.48
151.101.193.44
2600:9000:2057:7400:4:8035:cb00:93a1
2606:4700:20::681a:f5c
2606:4700:20::ac43:49e0
2a00:1450:4001:808::2008
2a00:1450:4001:810::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2003
66.42.108.208
0017bfc8ab7022aea856f6138ad458d495a919e2213c4c4985265f74aeea1ebb
012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0a958c06085a4eda7c1b1ba959c75ac359e812f706f15a8aa48a42e8ad66cd0b
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1753ae72ef1c45a8099356664234523f8ddf0be45efc04e018f5745f06d56d12
18b06640b327a81150af3735b6d25f88ab0c1e2e2aafc7856e6f31e758db266b
19e16b50205b17df7b05f3ed33bc015954aabcd2ed4ba371a3fecc981f24679e
1bab80598bccc8bd695ed7507cafc7869684d048690b658f1f8e8a0406122bd1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
387eebe8179ea1ceccc52e0f3dda4ad4b57b194b7f2af92a25e0cfba48842f7d
3afb23443f3e036ec0cbbf3027243e1832fdb54611b7cf86bf5b7cd3f1356617
3c1fc3e20d9efe94ac1d21116d4d1100f6d8823bdc9782aa3d1f18c6e38420e3
47417194b984e994b27ccc53747f5b0c92181aaa81082f0dfe7b11fd6a426344
487809b435edf11463a8218314f9a315297fc3ba75e9542529775129cf11316d
49c73269123bbce2ee26b0a9bea86b2c10fa64237d68df41b2da687a8ae93ab7
4fdf7e84531a30c907200066eec745324f2abcb0d72129487a90cd8511505797
528ed787a4bd37642413945a1622bcfb77860d14711673fd1bf06346d870052b
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5dd38d2715261f5e4dcc53204b0d22a39383a0100751a81f722e6b5546a8bdc3
695416b31735c81c78a208c552c48e63188a73afcbe2bdc94fb67136d03bff8f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73b5eb3a73d23775d8e0b9ed2df7c1123b9be92d66cdd44eefa50ad7174ba8da
82d3e12ed33e76390e08df814355f1811f81fef2db9bce4a894664fb4a8d0abe
859a402c982d4d648ba843aab82d2912c440e9c4fdd585aa28b28b153aaf6be0
8a7b0a9645353a21f823e0f913a1f9227ee80fb46c5d6293f2980cd9b0fa759c
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a96ed67385022fcb698dc623e576621c309db37df8dc3900c1bedae2daa1fe20
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b9fc80a689dcd4c7bd9da46d45d9f21f7929575088083e8b5b87e69ae27a0a50
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb73313321b21863bff2ceefe7707a65cf64a25e19645f5434d4ec2119a0b590
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c4bad6c85fe02bc4dffe636dc34768ddb6d3f65e32017659ac88f5d75490486f
c8ccfa5c23b7fb8848ee26de498408961555235ec2c49e15e65a9bba6692d89f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e190307f493ad93fc40a94e6f535eae55b25fe67dbd1eb164220cc434cda579b
e1c1780a74c1fff77322398211f259a7499b282e572fca3fb9fcddc5f5b55d01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45512e6a8849091f2b483d2e2698b1dc9d29f4b479562886f92119048843cbd
e7ddd80ace1868313b8100fc65ccec5aaa91ea0ac40b8484389009cb092b0ca9
f13665e305bcb8c2aac9a3799602acbb7a66703cabaafe40ec673ea34ffb9eac
f38b9f4968be54bf0111a59d501f251c586859a7f06800a7a2e147b5484d57cd
f3ed751e14b2c3e18ac6e22fc31fac1b9dc75102345581cf36a6aac3fb44c364
f4bbe2a831c66049bff4b0dacb25307d568299a96576530a15b09b6ede054f2f
f5b8cdfbdbc82a5ee87fb637341d5c5fe86d0d8ebbc2130c88793cefd52c4a66
f60cb3cdabc52ae92abd8a676333dd30c7f6a11213da17fb8e4928bac7799f9c
f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444
fd2462bab45dad4974640b271b3471536caafe04e333b79ba50e597fd8f40a68