wealthyretirement.com Open in urlscan Pro
18.233.27.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://events-b.mb.wealthyretirement.com/z/84bm1pxze?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&ut...
Effective URL:
https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-...
Submission: On May 25 via api (May 25th 2022, 4:04:46 pm UTC) from CH — Scanned from DE

Summary HTTP 191 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 69 IPs in 8 countries across 54 domains to perform 191 HTTP transactions. The main IP is 18.233.27.104, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is wealthyretirement.com.
TLS certificate: Issued by R3 on April 12th 2022. Valid for: 3 months.

This is the only time wealthyretirement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6810:d03f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	18.233.27.104 18.233.27.104	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
2	52.216.224.80 52.216.224.80	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3.5.17.148 3.5.17.148	14618 (AMAZON-AES) (AMAZON-AES)
10	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.4.99 108.157.4.99	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.248.61 18.66.248.61	16509 (AMAZON-02) (AMAZON-02)
3	2a02:6ea0:c70... 2a02:6ea0:c700::16	60068 (CDN77 ^_^) (CDN77 ^_^)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	18.66.139.46 18.66.139.46	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a8::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e053	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	108.138.17.96 108.138.17.96	16509 (AMAZON-02) (AMAZON-02)
1	2.20.157.165 2.20.157.165	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	54.69.16.109 54.69.16.109	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.139.28 18.66.139.28	16509 (AMAZON-02) (AMAZON-02)
3	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c01::9a	15169 (GOOGLE) (GOOGLE)
3 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
22	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.51.233.122 52.51.233.122	16509 (AMAZON-02) (AMAZON-02)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	2a00:1450:400... 2a00:1450:4001:82f::2010	15169 (GOOGLE) (GOOGLE)
13	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
1 1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.251.15.4 3.251.15.4	16509 (AMAZON-02) (AMAZON-02)
1	104.92.105.214 104.92.105.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	3.122.211.253 3.122.211.253	16509 (AMAZON-02) (AMAZON-02)
1	52.49.118.209 52.49.118.209	16509 (AMAZON-02) (AMAZON-02)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
1	52.28.128.138 52.28.128.138	16509 (AMAZON-02) (AMAZON-02)
1 2	54.155.185.156 54.155.185.156	16509 (AMAZON-02) (AMAZON-02)
2 2	44.198.82.75 44.198.82.75	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5	14618 (AMAZON-AES) (AMAZON-AES)
1	3.211.211.136 3.211.211.136	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:612... 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
18	92.123.224.98 92.123.224.98	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.7.154.6 52.7.154.6	14618 (AMAZON-AES) (AMAZON-AES)
2	54.86.117.43 54.86.117.43	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.214.59 52.222.214.59	16509 (AMAZON-02) (AMAZON-02)
2	100.20.53.196 100.20.53.196	16509 (AMAZON-02) (AMAZON-02)
1	18.215.59.240 18.215.59.240	14618 (AMAZON-AES) (AMAZON-AES)
191	69

1 2606:4700::6810:d03f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

events-b.mb.wealthyretirement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.233.27.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-27-104.compute-1.amazonaws.com

wealthyretirement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.224.80 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

portrait-tracker.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.5.17.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-99.dus51.r.cloudfront.net

cdn.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-61.dus51.r.cloudfront.net

accessibilityserver.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::16 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.139.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-46.fra60.r.cloudfront.net

dnzkifeab6.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a8::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e053 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-96.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.157.165 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-165.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.16.109 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-16-109.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-28.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.31 (Harrodsburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c01::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.233.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-233-122.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.251.15.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-15-4.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.105.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-105-214.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.244 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.100 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.211.253 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-211-253.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.118.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-118-209.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.128.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-128-138.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.185.156 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-185-156.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.198.82.75 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-82-75.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.211.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-211-136.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 92.123.224.98 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-224-98.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.7.154.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-154-6.compute-1.amazonaws.com

e-10348.adzerk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.117.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-117-43.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-59.fra56.r.cloudfront.net

s.zkcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.20.53.196 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-53-196.us-west-2.compute.amazonaws.com

api.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.59.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-59-240.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	1 KB
18	akamaihd.net embedwistia-a.akamaihd.net — Cisco Umbrella Rank: 8280	4 MB
14	wealthyretirement.com 1 redirects events-b.mb.wealthyretirement.com wealthyretirement.com	49 KB
12	wistia.net fast.wistia.net — Cisco Umbrella Rank: 7584	330 KB
11	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 393 mug.criteo.com — Cisco Umbrella Rank: 2669 sslwidget.criteo.com — Cisco Umbrella Rank: 1705 widget.us.criteo.com — Cisco Umbrella Rank: 18771 dis.criteo.com — Cisco Umbrella Rank: 725	20 KB
11	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	283 KB
11	amazonaws.com portrait-tracker.s3.amazonaws.com — Cisco Umbrella Rank: 460230 s3.amazonaws.com dnzkifeab6.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 464688	471 KB
10	lytics.io c.lytics.io — Cisco Umbrella Rank: 5580	58 KB
7	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 424 ib.adnxs.com — Cisco Umbrella Rank: 240	7 KB
7	bing.com bat.bing.com — Cisco Umbrella Rank: 375	12 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	5 KB
4	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4955 distillery.wistia.com — Cisco Umbrella Rank: 6240 pipedream.wistia.com — Cisco Umbrella Rank: 6738	2 KB
4	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 849 ads.yahoo.com — Cisco Umbrella Rank: 1156 ups.analytics.yahoo.com — Cisco Umbrella Rank: 297	1 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5483	826 B
4	google.com www.google.com — Cisco Umbrella Rank: 7	826 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 511 www.linkedin.com — Cisco Umbrella Rank: 616 px4.ads.linkedin.com — Cisco Umbrella Rank: 4745	5 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2276 tr.outbrain.com — Cisco Umbrella Rank: 2072 sync.outbrain.com — Cisco Umbrella Rank: 782	4 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 645 script.hotjar.com — Cisco Umbrella Rank: 896 vars.hotjar.com — Cisco Umbrella Rank: 989 in.hotjar.com — Cisco Umbrella Rank: 1730	67 KB
4	userway.org cdn.userway.org — Cisco Umbrella Rank: 5488 api.userway.org — Cisco Umbrella Rank: 5459	33 KB
3	adzerk.net e-10348.adzerk.net	3 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 525 i6.liadm.com — Cisco Umbrella Rank: 1678	1 KB
3	getblueshift.com cdn.getblueshift.com — Cisco Umbrella Rank: 13797 api.getblueshift.com — Cisco Umbrella Rank: 8966	3 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 675 cdn.stickyadstv.com — Cisco Umbrella Rank: 2389	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 646	851 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1551	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 330	140 B
2	taboola.com trc.taboola.com — Cisco Umbrella Rank: 679 sync-t1.taboola.com — Cisco Umbrella Rank: 1259	329 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 413	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	142 KB
1	zkcdn.net s.zkcdn.net — Cisco Umbrella Rank: 36698	77 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 811	418 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2097	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1181	428 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 634	262 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 611	163 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1779	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1872	337 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 526	784 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 414	140 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 606	577 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 354	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1413	429 B
1	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 3513	234 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 1869	232 B
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 498	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	14 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 939	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	15 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 683	71 KB
1	accessibilityserver.org accessibilityserver.org — Cisco Umbrella Rank: 26416	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	19 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 660	30 KB
191	54

	Domain	Requested by
22	www.facebook.com	wealthyretirement.com
18	embedwistia-a.akamaihd.net	fast.wistia.net
13	wealthyretirement.com	wealthyretirement.com
12	fast.wistia.net	c.lytics.io fast.wistia.net
11	connect.facebook.net	wealthyretirement.com connect.facebook.net
10	c.lytics.io	portrait-tracker.s3.amazonaws.com c.lytics.io wealthyretirement.com
7	bat.bing.com	wealthyretirement.com bat.bing.com
5	s3.amazonaws.com	wealthyretirement.com www.googletagmanager.com
4	secure.adnxs.com	3 redirects
4	dis.criteo.com
4	www.google.de	wealthyretirement.com
4	www.google.com	wealthyretirement.com
4	gum.criteo.com	3 redirects static.criteo.net
4	www.google-analytics.com	www.googletagmanager.com portrait-tracker.s3.amazonaws.com
4	dnzkifeab6.execute-api.us-east-1.amazonaws.com	portrait-tracker.s3.amazonaws.com
3	e-10348.adzerk.net	portrait-tracker.s3.amazonaws.com
3	ib.adnxs.com	3 redirects
3	cdn.userway.org	accessibilityserver.org
2	api.getblueshift.com	portrait-tracker.s3.amazonaws.com
2	distillery.wistia.com	fast.wistia.net
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	idsync.rlcdn.com
2	sp.analytics.yahoo.com	wealthyretirement.com
2	stats.g.doubleclick.net	portrait-tracker.s3.amazonaws.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	tr.outbrain.com	amplify.outbrain.com wealthyretirement.com
2	px.ads.linkedin.com	2 redirects
2	s.yimg.com	wealthyretirement.com portrait-tracker.s3.amazonaws.com
2	www.googletagmanager.com	portrait-tracker.s3.amazonaws.com wealthyretirement.com
2	portrait-tracker.s3.amazonaws.com	wealthyretirement.com portrait-tracker.s3.amazonaws.com
1	pipedream.wistia.com	fast.wistia.net
1	s.zkcdn.net
1	fast.wistia.com	fast.wistia.net
1	d.turn.com	1 redirects
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	contextual.media.net
1	eb2.3lift.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	ups.analytics.yahoo.com
1	ads.yahoo.com
1	c.aaxads.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	storage.googleapis.com	c.lytics.io
1	widget.us.criteo.com	wealthyretirement.com
1	sslwidget.criteo.com	1 redirects
1	in.hotjar.com	portrait-tracker.s3.amazonaws.com
1	mug.criteo.com	wealthyretirement.com
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	wealthyretirement.com
1	www.linkedin.com	1 redirects
1	trc.taboola.com	wealthyretirement.com
1	script.hotjar.com	static.hotjar.com
1	api.userway.org	portrait-tracker.s3.amazonaws.com
1	amplify.outbrain.com	wealthyretirement.com
1	static.hotjar.com	wealthyretirement.com
1	static.criteo.net	www.googletagmanager.com
1	snap.licdn.com	wealthyretirement.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.optimizely.com	www.googletagmanager.com
1	accessibilityserver.org	wealthyretirement.com
1	cdn.getblueshift.com	portrait-tracker.s3.amazonaws.com
1	cdn.jsdelivr.net	wealthyretirement.com
1	code.jquery.com	wealthyretirement.com
1	events-b.mb.wealthyretirement.com	1 redirects
191	80

This site contains links to these domains. Also see Links.

Domain
e-10348.adzerk.net
oxfordclub.com
privacyportal-cdn.onetrust.com

Subject Issuer	Validity	Valid
wealthyretirement.com R3	`2022-04-12` - `2022-07-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.getblueshift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
accessibilityserver.org Amazon	`2021-12-09` - `2023-01-05`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2022-03-17` - `2022-06-15`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2022-03-10` - `2023-04-08`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-04` - `2022-06-02`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-06-22`	2 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
api.userway.org Amazon	`2021-11-02` - `2022-11-30`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.adzerk.net Amazon	`2021-12-06` - `2023-01-02`	a year	crt.sh
*.wistia.com Amazon	`2022-03-02` - `2023-03-31`	a year	crt.sh
*.zkcdn.net Amazon	`2022-04-22` - `2023-05-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Frame ID: 61789F632F16601865986629481B9C14
Requests: 108 HTTP requests in this frame

Frame: https://portrait-tracker.s3.amazonaws.com/index.html
Frame ID: 2CD84D57AE6B6908E76C33FEA5167246
Requests: 1 HTTP requests in this frame

Frame: https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait
Frame ID: 741A59C87DEBE22AD948D7C1FBD02D64
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: 7D4A87F0EF9DE62709B608A0C90BDD6C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=wealthyretirement.com&origin=onetag
Frame ID: 4E5B05E6BAB6DE17C8D0539E8CD20939
Requests: 2 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
Frame ID: 18DE8DFAAE10A28921798C65A424FF62
Requests: 36 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1E701780E422368E94CC4B3A80F6C3F2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3E675B5CB2463E0A5ABD0EC42FE3FA6D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 42083F6BA4D38C3E26477408C9D1FC41
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 560B532DDE4DFED876F0C37E90B60977
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6C6A8548C6C306A57820C9D8EC2DA39A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FC98540ECAB9ED4C85E13872255FCE3E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3DAB3D07522EF1B1C5F847CCFE936D14
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 28E320A2EFA86F0AD38CE8E7B81AC05F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D38B28DBBCC0F056606954A02438BF83
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 00316C2A194FFDE14FC894DF838420A4
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-07cJ9spzPtOViSZa6_rnanvDnVHHdZj-0Dp3CA&google_gid=CAESEHnG23JkIBxCHAJKE8EkauU&google_cver=1&google_ula=913071,0
Frame ID: A2A549C09346134CD64F4A07EE3F2655
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A Brutal Lesson in Valuation

Page URL History Show full URLs

https://events-b.mb.wealthyretirement.com/z/84bm1pxze?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=1b5c0329-9905-4c08-... HTTP 307
https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba61... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

191
Requests

92 %
HTTPS

36 %
IPv6

54
Domains

80
Subdomains

69
IPs

8
Countries

6237 kB
Transfer

9397 kB
Size

70
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://e-10348.adzerk.net/r?e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjozNjgzLCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA3NTcwLCJkaSI6Ijc1MzVhNTBjMmRmYTQ3OTFiMWZiYjFlMjA2MDllOTRlIiwiZGoiOjAsImlpIjoiOTk0YjMwMWFhNDZjNDNmMzg2NDg4ZDU2OTMyZTMyODEiLCJkbSI6MywiZmMiOjE3MDAzOTIyNSwiZmwiOjE2MTg5NjU2MiwiaXAiOiIzNy41OC41Ny4zIiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjEyLjA1NCwiZ20iOjAsImVwIjpudWxsLCJwciI6MTc1OTg5LCJydCI6NSwicnMiOjUwMCwic2EiOiJ1bmRlZmluZWQiLCJzYiI6ImktMDcxMDNmODBlZGM3NzU0MTAiLCJzcCI6NzAyNzgyLCJzdCI6MTEyODA3MiwidHIiOnRydWUsInVrIjoidWUxLWIxYWExY2EzNmE0NzQ2MGNiZWI3NjVhMGI5MjYyYzdlIiwiem4iOjI1MzQyMywidHMiOjE2NTM0OTQ2ODI1NTgsInBuIjoiTHVoc0poSVZjY0Z0ZUd1aGxuYnoiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsInJyIjoxLCJiaSI6MSwidHoiOiJVVEMiLCJ1ciI6Imh0dHBzOi8vcHJvLm94Zm9yZGNsdWIuY29tL20vMTk4MTU4NiJ9&s=6-9qCTr0uMS4ychjZydY6gHannQ&adz_e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjozNjgzLCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA3NTcwLCJkaSI6Ijc1MzVhNTBjMmRmYTQ3OTFiMWZiYjFlMjA2MDllOTRlIiwiZGoiOjAsImlpIjoiOTk0YjMwMWFhNDZjNDNmMzg2NDg4ZDU2OTMyZTMyODEiLCJkbSI6MywiZmMiOjE3MDAzOTIyNSwiZmwiOjE2MTg5NjU2MiwiaXAiOiIzNy41OC41Ny4zIiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjEyLjA1NCwiZ20iOjAsImVwIjpudWxsLCJwciI6MTc1OTg5LCJydCI6NSwicnMiOjUwMCwic2EiOiJ1bmRlZmluZWQiLCJzYiI6ImktMDcxMDNmODBlZGM3NzU0MTAiLCJzcCI6NzAyNzgyLCJzdCI6MTEyODA3MiwidHIiOnRydWUsInVrIjoidWUxLWIxYWExY2EzNmE0NzQ2MGNiZWI3NjVhMGI5MjYyYzdlIiwiem4iOjI1MzQyMywidHMiOjE2NTM0OTQ2ODI1NTksInBuIjoiTHVoc0poSVZjY0Z0ZUd1aGxuYnoiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsInJyIjoxLCJiaSI6MSwidHoiOiJVVEMiLCJldCI6Mn0&adz_s=2j1qCtglFoyhO7hijebpD0lMF2A&s4=email&s5=wealthre&s6=20220524_wr_nonoxf

Search URL Search Domain Scan URL

URL: https://e-10348.adzerk.net/r?e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjoxMDI5LCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA3MjQ2LCJkaSI6ImJhNDA1M2QwZTFjNjQ1MzlhYzJiNThhNGM1Nzc2ZWZkIiwiZGoiOjAsImlpIjoiZjk0Zjc1ZjZmZjc1NDMxN2E2MTg2MDQzZDBmNTM2NTUiLCJkbSI6MywiZmMiOjE3MDAzNDg1MSwiZmwiOjE2MTg5NjU2MiwiaXAiOiIzNy41OC41Ny4zIiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjIyLjUzNCwiZ20iOjAsImVwIjpudWxsLCJwciI6MTc1OTg5LCJydCI6NSwicnMiOjUwMCwic2EiOiJ1bmRlZmluZWQiLCJzYiI6ImktMDcxMDNmODBlZGM3NzU0MTAiLCJzcCI6NzAyNzgyLCJzdCI6MTEyODA3MiwidHIiOnRydWUsInVrIjoidWUxLWIxYWExY2EzNmE0NzQ2MGNiZWI3NjVhMGI5MjYyYzdlIiwiem4iOjI1MzQxNiwidHMiOjE2NTM0OTQ2ODI1NTksInBuIjoiTHdrT0JlcVhLQnJCVlZEb1JXV0siLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsInJyIjoxLCJiaSI6MSwidHoiOiJVVEMiLCJ1ciI6Imh0dHBzOi8vcHJvLm94Zm9yZGNsdWIuY29tL20vMTk4MTU4MSJ9&s=e_jUDCwxHFUGJbwHqOqNyX89EsQ&adz_e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjoxMDI5LCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA3MjQ2LCJkaSI6ImJhNDA1M2QwZTFjNjQ1MzlhYzJiNThhNGM1Nzc2ZWZkIiwiZGoiOjAsImlpIjoiZjk0Zjc1ZjZmZjc1NDMxN2E2MTg2MDQzZDBmNTM2NTUiLCJkbSI6MywiZmMiOjE3MDAzNDg1MSwiZmwiOjE2MTg5NjU2MiwiaXAiOiIzNy41OC41Ny4zIiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjIyLjUzNCwiZ20iOjAsImVwIjpudWxsLCJwciI6MTc1OTg5LCJydCI6NSwicnMiOjUwMCwic2EiOiJ1bmRlZmluZWQiLCJzYiI6ImktMDcxMDNmODBlZGM3NzU0MTAiLCJzcCI6NzAyNzgyLCJzdCI6MTEyODA3MiwidHIiOnRydWUsInVrIjoidWUxLWIxYWExY2EzNmE0NzQ2MGNiZWI3NjVhMGI5MjYyYzdlIiwiem4iOjI1MzQxNiwidHMiOjE2NTM0OTQ2ODI1NjAsInBuIjoiTHdrT0JlcVhLQnJCVlZEb1JXV0siLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsInJyIjoxLCJiaSI6MSwidHoiOiJVVEMiLCJldCI6Mn0&adz_s=5VjSAGfPBzf7gk7kGZwzLpXCk8E&s4=email&s5=wealthre&s6=20220524_wr_nonoxf
Title: Click here to get the names and ticker symbols now.

Search URL Search Domain Scan URL

URL: https://oxfordclub.com/affiliates/?referralFranchise=WR
Title: Partner With Us

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/90ddaa87-9d70-4282-9d4f-d6cbd96bd224/c4dd28cf-6762-4f86-acf4-3e1c6ec51a3a.html
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://events-b.mb.wealthyretirement.com/z/84bm1pxze?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_mime_type=html&bsft_tv=6&bsft_lx=2 HTTP 307
https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494679463&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26utm_campaign%3D20220524_wr_nonoxf%26utm_content%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26src%3Demail%26bsft_lx%3D2%26bsft_tv%3D6 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D518825%26time%3D1653494679463%26url%3Dhttps%253A%252F%252Fwealthyretirement.com%252Fwebview%252Fbuyers-of-rivian-are-caught-in-a-bloodbath%252F%253Fbsft_utid%253D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%2526bsft_clkid%253Db24d1566-9e0a-470e-8214-03815e604b8a%2526bsft_aaid%253Dba611593-2123-403a-9286-2afa6fa671c2%2526bsft_eid%253D97633ca0-dbd1-4e89-8008-abc922a44b56%2526bsft_uid%253D5ebec341-8e79-4078-ad86-82f483c1ad30%2526bsft_mid%253D1b5c0329-9905-4c08-94ad-35d3ba07586c%2526bsft_ek%253D2022-05-24T20%25253A30%25253A42Z%2526utm_campaign%253D20220524_wr_nonoxf%2526utm_content%253D20220524_wr_nonoxf%2526utm_source%253Dwealthre%2526bsft_mime_type%253Dhtml%2526utm_medium%253Demail%2526src%253Demail%2526bsft_lx%253D2%2526bsft_tv%253D6%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494679463&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26utm_campaign%3D20220524_wr_nonoxf%26utm_content%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26src%3Demail%26bsft_lx%3D2%26bsft_tv%3D6&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494679463&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26utm_campaign%3D20220524_wr_nonoxf%26utm_content%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26src%3Demail%26bsft_lx%3D2%26bsft_tv%3D6&liSync=true&e_ipv6=AQItACdNxssO_AAAAYD79o2fs2wKT4YB3B_3SPNPVZjDATt08PXdpHepae6uVvmNIEEJeiR4I0y8Aw

Request Chain 68

https://gum.criteo.com/sid/json?origin=onetag&domain=wealthyretirement.com&sn=ChromeSyncframe&so=0&topUrl=wealthyretirement.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=oXiP73xKZERpYVMzci9xVGNqcTl2ZnBudUt4SlZIWmNlc0hRVUFkM1Q4NjlBaDE0M1NsT0ZUQjZOczB0UUtIeFV3MXBtdHlwZzExL2x6a1N0eFZzU1YrYi9ZTjhsTXZDOFZLWVVRcnUrY3BwRnhQOTBqeTBMaVRiY3JNYyt4RUpJRDQ4UnUrci9TNHdqL3Y1MC91T3h4RllMMEZRcFRhZ0xqV0VVN2x3bUhNc3llWXAzQld4TXBuRVV5clA2WjJiN1F6YzNodVVsc0JXSzFORTlITHVPMG13Z0J1TDhGMk9sR2x2T3RYdnMxeG9GREZhMW1ZVEFQbXUrTTg3bHNDaUY3UUFBK3V6bldoNnRMMkJsWUE3R1ZmYkVXRHJ4R0tDUnpaUERRd05TREh1VVNNMD18&cppv=2

Request Chain 79

https://sslwidget.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=DSHKpV95UHYxZHc4eHFkQjlOd0JlVGp4bk1Jc00wdFJ6UTFHdTRxcmFjQzdPcVV0VU9hTVJDNzRtMlZiWFp6NnglMkJMRWhydjhtOVVQNU4lMkJKMUNGb1I3MGxOY3JweW4waklQblFmNTFQUUxXbWZFUm0lMkJrTng3c2s0Z3pHeSUyRkZzb1RLRkZnQXY5bmo0Z1E5TCUyRkJZU0VrOG96RmFXUzlNczVycjN4b3JaVUlWdzNpRGhvJTNE&tld=wealthyretirement.com&ful=629&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8&dtycbr=71482 HTTP 302
https://widget.us.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=DSHKpV95UHYxZHc4eHFkQjlOd0JlVGp4bk1Jc00wdFJ6UTFHdTRxcmFjQzdPcVV0VU9hTVJDNzRtMlZiWFp6NnglMkJMRWhydjhtOVVQNU4lMkJKMUNGb1I3MGxOY3JweW4waklQblFmNTFQUUxXbWZFUm0lMkJrTng3c2s0Z3pHeSUyRkZzb1RLRkZnQXY5bmo0Z1E5TCUyRkJZU0VrOG96RmFXUzlNczVycjN4b3JaVUlWdzNpRGhvJTNE&tld=wealthyretirement.com&ful=629&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8&dtycbr=71482

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-07cJ9spzPtOViSZa6_rnanvDnVHHdZj-0Dp3CA&google_cm&google_hm=ay0wN2NKOXNwelB0T1ZpU1phNl9ybmFudkRuVkhIZFpqLTBEcDNDQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-07cJ9spzPtOViSZa6_rnanvDnVHHdZj-0Dp3CA&google_gid=CAESEHnG23JkIBxCHAJKE8EkauU&google_cver=1&google_ula=913071,0

Request Chain 115

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=NM8bAWSjf8FtAsuHV3UMNEr9b2i1PPmL

Request Chain 125

https://secure.adnxs.com/setuid?entity=52&code=k-cmGr-MpzPtOViSZa6_rnanvDnVFEp44weMIDbA&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cmGr-MpzPtOViSZa6_rnanvDnVFEp44weMIDbA%26seg%3D95287

Request Chain 126

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1443726273940488932

Request Chain 130

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XdbyP8pzPtOViSZa6_rnanvDnVHtahJlzV7Zuw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XdbyP8pzPtOViSZa6_rnanvDnVHtahJlzV7Zuw&C=1

Request Chain 131

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-HejnZspzPtOViSZa6_rnanvDnVHdSwVzJzTOqA&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HejnZspzPtOViSZa6_rnanvDnVHdSwVzJzTOqA&expires=30&user_group=5

Request Chain 137

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-irsm0cpzPtOViSZa6_rnanvDnVHUoOsRSIOREg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-irsm0cpzPtOViSZa6_rnanvDnVHUoOsRSIOREg

Request Chain 138

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gGUh1spzPtOViSZa6_rnanvDnVHwe_9YrxGBHQ HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gGUh1spzPtOViSZa6_rnanvDnVHwe_9YrxGBHQ&_li_chk=true&previous_uuid=afcce1c1794d4fafae8f5afd866a955c HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gGUh1spzPtOViSZa6_rnanvDnVHwe_9YrxGBHQ

Request Chain 141

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-z2MEd8pzPtOViSZa6_rnanvDnVGbf8e2gEjKzg&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 144

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/KoHMdn7bkgyP5EroT2rbJQ8ZloqWe8zk/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8652120667550982825

Request Chain 145

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1443726273940488932

191 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/
Redirect Chain

https://events-b.mb.wealthyretirement.com/z/84bm1pxze?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_ek=20...
https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign...

20 KB
6 KB

1090ms
335ms

Document
text/html

18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f95cd5428bb287edae3aeca43f83b3776da4f78f56f64c2791493ee1899aa300

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 May 2022 16:04:38 GMT
Server: nginx
Transfer-Encoding: chunked
X-Cache-Status: BYPASS

Redirect headers

access-control-allow-headers: Content-Type, X-Api-Key
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 710f82040e849073-FRA
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 16:04:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
pragma: no-cache
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 23d65cf0-e565-4ce7-a628-55e56e0cb203
x-runtime: 0.023729
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 31ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://wealthyretirement.com/
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:39 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1653494679.dop232.fr8.t,1653494679.cds238.fr8.hn,1653494679.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H/1.1 200
OK all.js Show response
portrait-tracker.s3.amazonaws.com/ 37 KB
38 KB 449ms
138ms Script
application/javascript 52.216.224.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/all.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.224.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 415422ec9a8645bc4a15ba4a860e5a7cb133038c69b28d7a23f3febfc40f9242

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:40 GMT
Last-Modified: Tue, 17 May 2022 20:14:26 GMT
Server: AmazonS3
x-amz-request-id: KQR4R5DFB9JZCGC7
ETag: "faa72930cbf681cb6fe7023413f1978b"
Content-Type: application/javascript
x-amz-version-id: YFZSMuVueqXRStn.kw7bvcS_1lf7ZK_q
Accept-Ranges: bytes
Content-Length: 38262
x-amz-id-2: bRgs05w4Y/C8Ks1cPQN8ZAvJJ/CfdSXrelvI0DkVRaCM9Gw6Y2cMLxmxnT4v6Vc5H1viXsE4S20=

GET
H/1.1 200
OK all.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 9 KB
3 KB 143ms
97ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4b4344e91454590284aaeef5fcbe09d3fa3e321bebcd4b23730249e1d7c34704

Request headers

Referer: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:39 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-241b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 foundation.min.css
cdn.jsdelivr.net/npm/foundation-sites@6.7.4/dist/css/ 132 KB
19 KB 53ms
26ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/foundation-sites@6.7.4/dist/css/foundation.min.css

Requested by

Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

229d6077e7d50edc21b4fbde98ddd834327691ca0c12f91e99a38ae42e1a9116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5640133
x-jsd-version: 6.7.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19165-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"20ef1-bhEYyg3UHPtQeklGmSXYZB57t6s"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yTCZvcC1ruTTFj6P2qnW9JD87NdS8EvbcJ2gCzW0mdwUL5P4928n5QbZzUY8UrMzmju3MWZQC6olM0ZvNY9LLjwFsV%2BZzF%2F%2FcuAyAc9L8qkwV6DIfEK8yrpK6nmZrkVTcp%2BrKO82gvSub2wG8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 710f82133ec76904-FRA

GET
H/1.1 200
OK single-webview.css
wealthyretirement.com/wp-content/plugins/og-plugins-webview/styles/ 1 KB
603 B 95ms
94ms Stylesheet
text/css 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/og-plugins-webview/styles/single-webview.css
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 26a74aa295ceeba34b3ced6606085d0d0ddb1f2120ab099e6aa5aba3620750de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:39 GMT
Content-Encoding: br
Last-Modified: Thu, 14 Apr 2022 16:16:25 GMT
Server: nginx
ETag: W/"625848d9-407"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK wealthy-retirement-logo.svg
s3.amazonaws.com/cdn.wealthyretirement.com/wp-content/uploads/2018/07/ 14 KB
14 KB 428ms
119ms Image
image/svg+xml 3.5.17.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.wealthyretirement.com/wp-content/uploads/2018/07/wealthy-retirement-logo.svg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.17.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bb9d2e9db7611ec45ec27b7bfbf174b6b26c18215b64502b8756711ac3b1c767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:40 GMT
Last-Modified: Mon, 09 Jul 2018 21:08:10 GMT
Server: AmazonS3
x-amz-request-id: KQR4HY1XQN7J08PB
ETag: "d9c31e6f3af9510bb2ec6b29a1486b8c"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 14156
x-amz-id-2: vQFsSsI9SueoTdA4YSq8kG37w2DBs4MizyBfN4DdOWdSHCJAfzdoHSFlPXkBhXNhFqQ02N+6IAH9E7v+R/4qxQ==

GET
H/1.1 200
OK jody-1.png
wealthyretirement.com/wp-content/uploads/2020/03/ 32 KB
33 KB 336ms
192ms Image
image/png 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wealthyretirement.com/wp-content/uploads/2020/03/jody-1.png
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b9b215bbdb26978ced9af85ac38f07275fee2a8488b2849e0731373f922a3aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:39 GMT
Last-Modified: Wed, 11 Mar 2020 18:36:41 GMT
Server: nginx
ETag: "5e692fb9-81c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33216

GET
H/1.1 200
OK 20220524_WR-Rivian-financials.jpg
s3.amazonaws.com/assets.oxfordclub.com/emails/images/ 160 KB
160 KB 404ms
116ms Image
image/jpeg 3.5.17.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/emails/images/20220524_WR-Rivian-financials.jpg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.17.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4deada37c1f7b4f0c30d01839b5b200027d7f25c4931d16ddc0495bfc04a95dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:41 GMT
Last-Modified: Tue, 24 May 2022 17:52:58 GMT
Server: AmazonS3
x-amz-request-id: 7M7BPD0D716PTB0V
ETag: "3d32f28b7167f42d2805b0775cbca315"
Content-Type: image/jpeg
x-amz-version-id: NJcaILiL_n.IvaUPSY8ZPRJDIxUG1WZb
Accept-Ranges: bytes
Content-Length: 163575
x-amz-id-2: T3b0mlD8yo9AczLC03NJqfIY1ilhGgxVcu3tDBkfl5HBh51Di38Hra7BuQgcMr0GcxBu/woDZAlTM8zX5oesXw==

GET
H/1.1 200
OK 20220524_WR-Rivian-share-price.jpg
s3.amazonaws.com/assets.oxfordclub.com/emails/images/ 100 KB
100 KB 417ms
120ms Image
image/jpeg 3.5.17.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/emails/images/20220524_WR-Rivian-share-price.jpg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.17.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 94fe0bf34718ae3d0c48f2314a22e190e8189a15b536828b4b5c93c8b32ca36a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:41 GMT
Last-Modified: Tue, 24 May 2022 17:52:57 GMT
Server: AmazonS3
x-amz-request-id: 7M73Q76XJ3T6A0K5
ETag: "0c409838fd895c3342d61c59d3b72932"
Content-Type: image/jpeg
x-amz-version-id: 4YSxwJgMJ8tmmg6_rLFcliMbXvY9l8cM
Accept-Ranges: bytes
Content-Length: 102169
x-amz-id-2: U01K/0ACNSWv9fcoyL6sE4rdG2hY1LzSRA46CA++mQLumJEVKv1xzZxk6upErQDX85p0I8vwlPF2yh/WGjKKQQ==

GET
H/1.1 200
OK 20220524_WR-Rivian-Enterprise-value.jpg
s3.amazonaws.com/assets.oxfordclub.com/emails/images/ 99 KB
100 KB 409ms
116ms Image
image/jpeg 3.5.17.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/emails/images/20220524_WR-Rivian-Enterprise-value.jpg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.17.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f9725593c0dcf38e3f7b70342a00f50ad485c69d6101f69c9fd0fc712abb1b49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:41 GMT
Last-Modified: Tue, 24 May 2022 17:52:58 GMT
Server: AmazonS3
x-amz-request-id: 7M7F1CGGWZT7ZW4D
ETag: "0569d7efb419711040abe9f657bfeb2e"
Content-Type: image/jpeg
x-amz-version-id: LR2FuTdECsgG4rINDyRQ5.CXKxlY_i3k
Accept-Ranges: bytes
Content-Length: 101569
x-amz-id-2: Qi9DXf4AMwLgtUCjCA3yB6XU2+GeAaoMSSWq0NqQ1PJ+0AacKD0Lag9x8exDsUS+B3Zec+sbTtpN/yPiy3H+Rg==

GET
H/1.1 200
OK basic_html.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 519 B
438 B 149ms
98ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/basic_html.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c5432314c2215a1052479602186328ab543c20b15f35dafd0946137f9d7a54cd

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:39 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-207"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK basic_text.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 275 B
412 B 149ms
98ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/basic_text.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 15236ecf56f44fb5f69468c0a4b02f2fd9aa8e905bae13aff6278d2b2980645d

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:39 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-113"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK basic_html_single_image.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 667 B
504 B 249ms
99ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/basic_html_single_image.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f225f6d3130aa78e6a67757e19f126e729010b2b2148642d8691cdb21caaa645

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:39 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-29b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK basic_html_center_image.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 653 B
495 B 249ms
100ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/basic_html_center_image.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4a82ae3c77edece9c05d244708bbb5640c6a7bc69efaca4278c1c560e55f710f

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:39 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-28d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK leadgen_html.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 3 KB
1 KB 292ms
95ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/leadgen_html.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bdef145a212b1c018c220387d182435d6f69b4a653dbc806fbe3414667d1c70f

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:39 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-d34"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK video_html.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 2 KB
813 B 293ms
94ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/video_html.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 439d1ae467f77cad2ab326aed33c02d521022f57e334cabe4d7a0c657f814b5f

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:39 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-724"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK iu_recent_article.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 948 B
633 B 300ms
100ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/iu_recent_article.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 85c3d51d7eb47ac25de5f4043fba14177f6d131e1ca88ce545744bdfbf77a328

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:39 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-3b4"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK modal.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 2 KB
847 B 302ms
98ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/modal.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1ddc9e19ccefc0d2de33245f132ea603775fb0785df813df05fe47c0edad63ba

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:39 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-82c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK timed_modal.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 3 KB
998 B 347ms
98ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/timed_modal.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8a7ffcb1785815a28350d7287b28369ea2fb8e74d6df43aaea7bf6c03adf508d

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:40 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-adf"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/ 65 KB
22 KB 46ms
16ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25294875032f9525d068cd8a2f5764cf60ac8a5927fee1c4e0cb8f560363c3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4570
content-encoding: br
last-modified: Wed, 25 May 2022 14:48:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cfym8zQiA0RruZEOnby9q76U%2BnLHydR09AT6656PxomDD4lOq2yaQjqP8Iget8Fnz57TM1l0H8RcZ6jCo2%2BnoQTl0sc6jqUs5ms64ulPKK9ZRut%2BxKuySd6ySRLcwEwfBpAVkkbLm5xJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 710f8216b882918e-FRA

GET
H/1.1 200
OK blueshift.js Show response
cdn.getblueshift.com/ 4 KB
2 KB 65ms
9ms Script
application/javascript 108.157.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getblueshift.com/blueshift.js
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-99.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f72ed2dfeef063e009cb45581ae6df3d43bd0cf04c299cbde9ed456ae594f8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:55:48 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 08 Feb 2022 00:38:50 GMT
Server: AmazonS3
Age: 533
ETag: "e180e60ec878d69551a1c449b37c6552"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: DUS51-P2
Accept-Ranges: bytes
Content-Length: 1990
X-Amz-Cf-Id: 87ixX496FIxi8T2eZcSH5JqJMukxAO2j3-eJXp7eLkWn16LhxTHUOg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 253 KB
75 KB 81ms
32ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f1cf9a6fb94f6305259011eca4e7c4a41140e274baee6e6384b23ac1096fa0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76083
x-xss-protection: 0
last-modified: Wed, 25 May 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 May 2022 16:04:40 GMT

GET
H/1.1 200
OK index.html Show response
portrait-tracker.s3.amazonaws.com/ Frame 2CD8 2 KB
3 KB 112ms
111ms Document
text/html 52.216.224.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/index.html
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.224.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9b6554e3dbe9e11702720eb95ef8808b4e1e307bbec908ab5e6d0e1da2294470

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 2371
Content-Type: text/html
Date: Wed, 25 May 2022 16:04:41 GMT
ETag: "c029f674b13b082e9a03b16217c3f576"
Last-Modified: Wed, 03 Nov 2021 21:10:09 GMT
Server: AmazonS3
x-amz-id-2: zsLMeFEPqhVJVF6AkFg65mPh2QDJKSNr/oVAlGVfumY0CeJyH8yupVms4lgA28dHpuz2hOmspeE=
x-amz-request-id: 7M773RCHFYM0R9ZP
x-amz-version-id: X1zblgbOV1d.Qkc55AyQidmgNGbabuW5

GET
H2 200 widget.js Show response
accessibilityserver.org/ 1 KB
1 KB 60ms
11ms Script
application/javascript 18.66.248.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accessibilityserver.org/widget.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-61.dus51.r.cloudfront.net
Software: CDN77-Turbo /
Resource Hash: 3d31cc9941618450823acf5ef28d2afffda7632bb1dd58be0518d66616a18c49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 May 2022 15:43:40 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront), 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
etag: W/"c6e1e866dfbba7f0d2241713ed48d46d"
age: 2000
x-77-cache: HIT
x-cache: Hit from cloudfront
x-age: 2837
content-encoding: gzip
x-77-nzt: AcO1ry9vy2j/FQsAAA
last-modified: Mon, 23 May 2022 00:08:28 GMT
server: CDN77-Turbo
x-77-nzt-ray: neyZwYz9/CA
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
x-amz-cf-pop: FRA60-P3, DUS51-P1
x-amz-cf-id: Iv6SeWj07zYhx87GvbAVGafdHQsWNFngrh1jBm8wwzeWiJOqzgQF-A==

GET
H2 200 e5307797-4546-4d68-8743-323d9da57b39 Show response
c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/ 12 KB
3 KB 163ms
162ms Script
application/json 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/e5307797-4546-4d68-8743-323d9da57b39?segments=true&fields=pub_circulation_status,su_list_email_status,bi_ltv&mergestate=true&state=%7B%22_uid%22%3A%22e5307797-4546-4d68-8743-323d9da57b39%22%2C%22utm_campaign%22%3A%2220220524_wr_nonoxf%22%2C%22utm_source%22%3A%22wealthre%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_content%22%3A%2220220524_wr_nonoxf%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22wealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6%22%2C%22_v%22%3A%223.0.27%22%7D&ts=1653494679186&callback=u_169391013628017000

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7480b8eb507474c3f788373fe41976213cda73774f37d1024a4b06727af9c0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 710f8217bac6918e-FRA
date: Wed, 25 May 2022 16:04:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoW%2B4WBBUorpU9AVWi8DSfto%2B5KBge0HeVoygiYto0NQZbXQCQt%2FN8b2lF%2FgmyzYBaSZF27xdhdvLvOIKMHpDuFKqnc6%2FwiihEcoMpDNgApQOILSaXf%2FusOEhuUv2QTJ%2FpDi%2F4kmKfIK"}],"group":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
553 B 127ms
127ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1653494679178&_nmob=t&_device=desktop&url=wealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&_v=3.0.27&_uid=e5307797-4546-4d68-8743-323d9da57b39&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8NHyYg3%2B6eIZZxZb39RveZ%2FTtHfDZ9MEKl04h%2FktKVBDNuP0inoLIIvDi2qpOaUIkVt%2BROiDLoMylbykHjCghnU2iPwuhD3657DSUV6WxDYSRVJLkUQuUW0e1wDmD9qdV3B1iMs0fXM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 710f8217bacb918e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 widget_app_base_1653264363668.js Show response
cdn.userway.org/widgetapp/2022-05-23/ 110 KB
30 KB 113ms
16ms Script
application/javascript 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-05-23/widget_app_base_1653264363668.js
Requested by: Host: accessibilityserver.org
URL: https://accessibilityserver.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 207b577bfae8a787e31f4a32ac4332232351f9db3a3bf44de19c97cc8bbc29f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 May 2022 16:04:40 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-77-nzt-ray: kP9So4OsdIQ
age: 5
x-77-cache: HIT
x-cache: HIT
x-age: 189712
content-encoding: br
x-77-nzt: AcO1rw5sKYr/EOUCAA
x-accel-expires: @1679224968
last-modified: Mon, 23 May 2022 00:08:27 GMT
server: CDN77-Turbo
etag: W/"6c5008c063c1544296ed4109e51420d7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: hV2PxMILIUU4i3R87YF1i6ov1zP_X5NXEuSGJy9Q_FHVc8-Cn_8HNQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
67 KB 35ms
32ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

792def515e1894078522cdfc7814dc74be2345a635e572c0139284215b2cb362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68304
x-xss-protection: 0
last-modified: Wed, 25 May 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 May 2022 16:04:40 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 70ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5425E80803BC4CAF9150B1F1FC7AC163 Ref B: FRAEDGE1217 Ref C: 2022-05-25T16:04:40Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 25 May 2022 16:04:39 GMT
accept-ranges: bytes
content-length: 11333

GET
H/1.1 200
OK lytics-styles.css
s3.amazonaws.com/assets.oxfordclub.com/css/global/ 28 KB
29 KB 106ms
106ms Stylesheet
text/css 3.5.17.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.17.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9de232e3a21b070afd01c7828a9ec1416ece3476c7905446869fdb56fa26d496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:41 GMT
Last-Modified: Mon, 23 May 2022 19:50:53 GMT
Server: AmazonS3
x-amz-request-id: 7M70MRA6T70JYEND
ETag: "fef71b42c6e493ff7c6406b23119bdc2"
Content-Type: text/css
x-amz-version-id: nRCBEQTWzD_.0v7_YhjbfrtQG3SFfllB
Accept-Ranges: bytes
Content-Length: 28788
x-amz-id-2: fmLL5ZKBkGFK+xteigHWN+LMA6+JR5TEC5CoLnnQ6jrD8jLyI9/Eg0pA1c9iC5rp17q/quiqbhiAxRNBsRInrA==

POST
H2 200 GetBlueshiftUserData Show response
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 8 KB
8 KB 676ms
676ms XHR
application/json 18.66.139.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetBlueshiftUserData
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-46.fra60.r.cloudfront.net
Software: /
Resource Hash: 45d77b18e848a256a02a12d29d24041d54831f06b54dbf81412004129d24fbde

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amzn-requestid: 152da18c-b87e-4b44-8e06-7db05fc339bf
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-628e5398-739757e702824d987c026207;Sampled=0
x-cache: Miss from cloudfront
x-amz-apigw-id: SsH_7EAcoAMF14g=
content-length: 7858
x-amz-cf-id: akeYCirYJQdq-1hg-cpyjWcrEQVe_IsRXHAx53rholGmAzW41qZR9Q==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 GetBlueshiftUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 0
0 316ms
284ms Preflight
application/json 18.66.139.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetBlueshiftUserData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-46.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wealthyretirement.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 3
content-type: application/json
date: Wed, 25 May 2022 16:04:40 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-apigw-id: SsH_4FajoAMFpJw=
x-amz-cf-id: bPFLMqFZscPfOa2kzeVlRO4TuufF-ZmL7tIzwLn6HzfvVVMn5W_6QA==
x-amz-cf-pop: FRA60-P4
x-amzn-requestid: 67355740-f8df-44f1-b309-936b2ea0cc86
x-cache: Miss from cloudfront

POST
H2 200 portrait Show response
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/ Frame 741A 0
288 B 133ms
132ms Document
text/html 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 710f82185c46918e-FRA
content-encoding: br
content-type: text/html
date: Wed, 25 May 2022 16:04:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zb6NETRlrNwRs37unHgUZkXOn2AauJuADsmmgkce4sNTY%2FDXzprV1yrhTV4u3UD%2FJXck%2FvR2ZNve1nVdUy%2BqMmlGeaqnBnQGm7TeDk87B3qbQFycIQUWec1zYkfggjsTuDa1FsVR8gQ9"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000;
via: 1.1 google

GET
H2 200 288828202.js Show response
cdn.optimizely.com/js/ 214 KB
71 KB 66ms
16ms Script
text/javascript 2a02:26f0:6c00:2a8::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/288828202.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a8::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a41d57891295c41db15219348cd6ea25b905786b4485bef3ba4a692c0af7655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: AGSiDl9zqJRPmIt26XVCbr_lobkx_V3G
content-encoding: gzip
etag: "ead132393d856a23bae9a5e509595194"
x-amz-request-id: S7K9QEPZNPQ232F6
x-amz-meta-revision: 600
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="8";dur=0,cdnip;desc="2a02:26f0:6c00:2a8::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 71386
x-amz-id-2: d+TyC5SHzGRgE3Yp64hPcfEh+/mNzJ1xJtWaLvnfCVA3gXM8fTo79JR7EWkCHt+BA2gvLG4fNLg=
last-modified: Thu, 05 Jul 2018 14:14:39 GMT
server: AmazonS3
date: Wed, 25 May 2022 16:04:40 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 88ms
31ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14849
x-xss-protection: 0
server: cafe
etag: 10272469744856839321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 16:04:40 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 70ms
14ms Script
application/x-javascript 2a02:26f0:f7::5c7b:e053
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 662
Date: Wed, 25 May 2022 16:04:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
X-EdgeConnect-MidMile-RTT: 0
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=51713
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 34ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: f6SsIi08E+DOlsCvdPXZ5jqk7MElPrdUlXFQnXMf45MuMQqfocD3JZIb0Uql1IZSrGs8kpkPDeTaaTDP09fsVA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 229ms
24ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 9D20BZR81DWFQQ9F
x-amz-id-2: KnSPBNyBdwRe8gBWdLTFL3k1id5Q+A5gAhn4pK77bO2eioZOgHvASEopvNpGmmFdyX+OlzL2RrM=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 41 KB
14 KB 79ms
35ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 06:27:13 GMT
server: nginx
etag: W/"626a33c1-a5a0"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 May 2022 16:04:40 GMT

GET
H2 200 hotjar-478755.js Show response
static.hotjar.com/c/ 4 KB
2 KB 50ms
9ms Script
application/javascript 108.138.17.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-478755.js?sv=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-96.fra56.r.cloudfront.net

Software

Resource Hash

7150e7676d30c0a1323ee90f76fe773054556ca3e335306dc3929edb3149ef65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 2
etag: W/fdf6419f254671bd6dc7c17d93a9eb2f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: nXkYJS8VISCjykQmMB4E8afrq3wTWc_nsoxePW32trjVmXp64aJAPw==
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 84ms
25ms Script
application/x-javascript 2.20.157.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.165 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-165.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Wed, 25 May 2022 16:24:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 52ms
13ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6332
date: Wed, 25 May 2022 14:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 16:19:08 GMT

GET
H2 204 15020902.js Show response
bat.bing.com/p/action/ 0
118 B 168ms
167ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15020902.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 30DC56AEF9664A9FB048DFB12491D7B2 Ref B: FRAEDGE1217 Ref C: 2022-05-25T16:04:40Z
date: Wed, 25 May 2022 16:04:40 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 51ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15020902&Ver=2&mid=f38b57a3-f706-48aa-a4db-975a7d7e2dee&sid=6184a0c0dc4411ec8c5bc9f331b2bcdf&vid=61851570dc4411ecaf2ab1c25a31b5f7&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=A%20Brutal%20Lesson%20in%20Valuation&p=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&r=&lt=2666&evt=pageLoad&msclkid=N&sv=1&rn=409134

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FA6EEC30AEEA4B1BB264C3BED6727F17 Ref B: FRAEDGE1217 Ref C: 2022-05-25T16:04:40Z
date: Wed, 25 May 2022 16:04:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4056182.js Show response
bat.bing.com/p/action/ 0
117 B 90ms
84ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4056182.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F20C3629E11440A92E0601A683D018B Ref B: FRAEDGE1217 Ref C: 2022-05-25T16:04:40Z
date: Wed, 25 May 2022 16:04:40 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
121 B 77ms
77ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4056182&Ver=2&mid=71d68f34-669f-47e2-95c8-9d07aac1d1a2&sid=6184a0c0dc4411ec8c5bc9f331b2bcdf&vid=61851570dc4411ecaf2ab1c25a31b5f7&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=A%20Brutal%20Lesson%20in%20Valuation&p=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&r=&lt=2666&evt=pageLoad&msclkid=N&sv=1&rn=115952

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A3417B35493C4B2FADA5B54EFB7FCDDD Ref B: FRAEDGE1217 Ref C: 2022-05-25T16:04:40Z
date: Wed, 25 May 2022 16:04:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 15322609.js Show response
bat.bing.com/p/action/ 0
136 B 160ms
159ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15322609.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 56769EECF0924CE19FCF613836F564FA Ref B: FRAEDGE1217 Ref C: 2022-05-25T16:04:40Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 25 May 2022 16:04:40 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 73ms
72ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15322609&Ver=2&mid=8fd047d0-27c8-4095-b287-751fc1e23b84&sid=6184a0c0dc4411ec8c5bc9f331b2bcdf&vid=61851570dc4411ecaf2ab1c25a31b5f7&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=A%20Brutal%20Lesson%20in%20Valuation&p=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&r=&lt=2666&evt=pageLoad&msclkid=N&sv=1&rn=110174

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C759B01528844B4CAF64C4FE1923EEEC Ref B: FRAEDGE1217 Ref C: 2022-05-25T16:04:40Z
date: Wed, 25 May 2022 16:04:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ycrjEXSWMj Show response
api.userway.org/api/tunings/ 641 B
960 B 545ms
174ms XHR
application/json 54.69.16.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/ycrjEXSWMj
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.16.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-16-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3b741712c686178db485287c4f7f7ee1f077a6b01a7552fe699c7255ded7c28b

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
etag: W/"281-BmYH4sDNw6iJQNREuP4wRwUGyHo"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 641
x-service-version: uw-pr

GET
H2 200 modules.7a321ecb93fde9f07226.js Show response
script.hotjar.com/ 243 KB
63 KB 45ms
8ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7a321ecb93fde9f07226.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-478755.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101913
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63914
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 11:46:00 GMT
etag: "913be037dec49b596e1cf5ff932a2a6e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -Utcywfd3B82lOjVOT-shs5sg5G0s5D7MoDjEca97xcqr2fuHSG7KQ==

GET
H3 200 172267203502730 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 51ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/172267203502730?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf437c94b6f8b4f367e0b8d54e3256f093051d0f27a7eccb092dadf0b173a88c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ni+b/0LHU6XqsBUYGPPzye4lMIZmOQkdQkd656d37EXhavwCLstmsKZPv/Pvp09pf7YdaIGhqPwxqVWrPcemew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653494680556
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
230 B 45ms
17ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3De5307797-4546-4d68-8743-323d9da57b39%26account_id%3D9c32784e3cc4888a693a7988ad64c63d
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1653494681.541899,VS0,VE9
x-served-by: cache-fra19157-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494679463&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D518825%26time%3D1653494679463%26url%3Dhttps%253A%252F%252Fwealthyretirement.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494679463&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494679463&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec34...

0
264 B

150ms
111ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494679463&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26utm_campaign%3D20220524_wr_nonoxf%26utm_content%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26src%3Demail%26bsft_lx%3D2%26bsft_tv%3D6&liSync=true&e_ipv6=AQItACdNxssO_AAAAYD79o2fs2wKT4YB3B_3SPNPVZjDATt08PXdpHepae6uVvmNIEEJeiR4I0y8Aw
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D681D46F52E0460D94BC7C55F4EF3D93 Ref B: FRAEDGE1410 Ref C: 2022-05-25T16:04:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXf2DsbhiC9n+rdtdvrRg==
x-li-fabric: prod-lva1

Redirect headers

date: Wed, 25 May 2022 16:04:40 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 70E112CC00964F2D862D8A43E0D85E3C Ref B: VIEEDGE3119 Ref C: 2022-05-25T16:04:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494679463&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26utm_campaign%3D20220524_wr_nonoxf%26utm_content%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26src%3Demail%26bsft_lx%3D2%26bsft_tv%3D6&liSync=true&e_ipv6=AQItACdNxssO_AAAAYD79o2fs2wKT4YB3B_3SPNPVZjDATt08PXdpHepae6uVvmNIEEJeiR4I0y8Aw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXf2DsY0BrjgigLb9HeOA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 51ms
22ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=261213513&t=pageview&_s=1&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&ul=en-us&de=UTF-8&dt=A%20Brutal%20Lesson%20in%20Valuation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=694480702&gjid=494759543&cid=461742079.1653494679&tid=UA-344672-10&_gid=809764339.1653494679&_r=1&gtm=2wg5n0WF7VQJT&cd3=&cd5=Buyers%20of%20Rivian%20Are%20Caught%20in%20a%20Bloodbath&cd6=Jody%20Chudley&cd7=Tuesday%2C%20May%2024%2C%202022&cd8=category%3AIncome%20Opportunities%7Cpost_tag%3Aelectric%20vehicles%7Cpost_tag%3AEVs%7Cpost_tag%3Ainitial%20public%20offering%7Cpost_tag%3AIPO%7C&cd9=_r1xlcok0kzk&cd10=3775c025-8b07-4297-a768-e960452b3f6a&cd11=1653494678997&cd12=electric-vehicles%7Cevs%7Cinitial-public-offering%7Cipo%7C&z=867106026

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wealthyretirement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-4924254a9ce4dc9b959b6e4a9b662d60.html Show response
vars.hotjar.com/ Frame 7D4A 2 KB
1 KB 36ms
7ms Document
text/html 18.66.139.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-478755.js?sv=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-28.fra60.r.cloudfront.net
Software: /
Resource Hash: 67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3647734
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 10:49:06 GMT
etag: "1635635016e428baa170305e9282c34a"
last-modified: Wed, 13 Apr 2022 10:48:29 GMT
vary: Accept-Encoding
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-id: b9acZdiYvCICjm2XsZW0XK4TRr6PoLFmKmGyxbkLpA8q2oQ4k3gwjQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 404ms
93ms Script
application/javascript 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=0040752ca591876c6ab7eb366d24329d4d
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:41 GMT
content-encoding: gzip
X-TraceId: 7709c23fef8623b88bda064af1bd2a6d
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 402ms
89ms Image
image/gif 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=0040752ca591876c6ab7eb366d24329d4d&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&optOut=false&bust=044943578520636396
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=b24d1566-9e0a-470e-8214-03815e604b8a&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=2&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:41 GMT
Cache-Control: no-cache
X-TraceId: 7d856e66c462daf7bc135097fd496025
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/780296261/ 3 KB
2 KB 67ms
27ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/780296261/?random=1653494679572&cv=9&fst=1653494679572&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b8c89badb0ca3879aeb34d3f732cb03353f108b82a97f02b62cb053d40a6f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/665056240/ 3 KB
2 KB 72ms
33ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/665056240/?random=1653494679575&cv=9&fst=1653494679575&num=1&label=H5lgCLKD4sgBEPDnj70C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

680cdcd211db6bb3ac3a108c6194503e34964b48725d0775c2c6448506c6d3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1383
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-344672-10&cid=461742079.1653494679&jid=694480702&gjid=494759543&_gid=809764339.1653494679&_u=YEBAAAAAAAAAAC~&z=1185274085

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 16:04:40 GMT
content-type: text/plain
access-control-allow-origin: https://wealthyretirement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4E5B 15 KB
6 KB 54ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=wealthyretirement.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6123
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:40 GMT
server-processing-duration-in-ticks: 2107
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 162317297901043 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 38ms
37ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/162317297901043?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e850af6dc7699719c75bc5d6ea2a272359ff8782727c342ab215a0f0de19e479

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 4A1qLO9Iq5MLEEQsoMYug5A2UB3JExNADNImKLxFbKfDeqGVBGznd/Ax/W/OLksleLZKGBC3o9F/iqSq3aFA7A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653494680719
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 25ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=172267203502730&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494679602&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 25 May 2022 16:04:40 GMT

GET
H2 200 405446.json Show response
s.yimg.com/wi/config/ 2 B
449 B 63ms
20ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/405446.json

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:00:40 GMT
x-content-type-options: nosniff
age: 240
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 6NHB97MVEXPH505A
x-amz-id-2: 8ZT9eMzIXY9gRLlyHpuRzo5RFLdF8evf/vCllEDXZdMgw+LMCnL9L/99n1G1Mt8u/PoT1kQ0A8o=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 77ms
37ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-344672-10&cid=461742079.1653494679&jid=694480702&_u=YEBAAAAAAAAAAC~&z=2022950726

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 78ms
37ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-344672-10&cid=461742079.1653494679&jid=694480702&_u=YEBAAAAAAAAAAC~&z=2022950726

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1420932934903352 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1420932934903352?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba84736079d69a538e14183da5837f9ea30566945ff57c5f5e151fd149feecfa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: X0Bp2t/iP+zDohMEKJ5Oksec7luiUVRedpzNOre8mv5s1LwVV4gK6TSJxhgRdVvZF4Gi2Jc6ZsZx8EdIXrWBhQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653494680785
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 23ms
12ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=162317297901043&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494679667&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:40 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4E5B
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=wealthyretirement.com&sn=ChromeSyncframe&so=0&topUrl=wealthyretirement.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=oXiP73xKZERpYVMzci9xVGNqcTl2ZnBudUt4SlZIWmNlc0hRVUFkM1Q4NjlBaDE0M1NsT0ZUQjZOczB0UUtIeFV3MXBtdHlwZzExL2x6a1N0eFZzU1YrYi9ZTjhsTXZDOFZLWVVRcnUrY3BwRnhQOTBqeTBMaVRiY3JNYy...

454 B
654 B

141ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=oXiP73xKZERpYVMzci9xVGNqcTl2ZnBudUt4SlZIWmNlc0hRVUFkM1Q4NjlBaDE0M1NsT0ZUQjZOczB0UUtIeFV3MXBtdHlwZzExL2x6a1N0eFZzU1YrYi9ZTjhsTXZDOFZLWVVRcnUrY3BwRnhQOTBqeTBMaVRiY3JNYyt4RUpJRDQ4UnUrci9TNHdqL3Y1MC91T3h4RllMMEZRcFRhZ0xqV0VVN2x3bUhNc3llWXAzQld4TXBuRVV5clA2WjJiN1F6YzNodVVsc0JXSzFORTlITHVPMG13Z0J1TDhGMk9sR2x2T3RYdnMxeG9GREZhMW1ZVEFQbXUrTTg3bHNDaUY3UUFBK3V6bldoNnRMMkJsWUE3R1ZmYkVXRHJ4R0tDUnpaUERRd05TREh1VVNNMD18&cppv=2

Requested by

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

dce5e27b81535a12aeb33ee1680377f71954e1873cf85a4ae518838f2c9bb2e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4643
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=oXiP73xKZERpYVMzci9xVGNqcTl2ZnBudUt4SlZIWmNlc0hRVUFkM1Q4NjlBaDE0M1NsT0ZUQjZOczB0UUtIeFV3MXBtdHlwZzExL2x6a1N0eFZzU1YrYi9ZTjhsTXZDOFZLWVVRcnUrY3BwRnhQOTBqeTBMaVRiY3JNYyt4RUpJRDQ4UnUrci9TNHdqL3Y1MC91T3h4RllMMEZRcFRhZ0xqV0VVN2x3bUhNc3llWXAzQld4TXBuRVV5clA2WjJiN1F6YzNodVVsc0JXSzFORTlITHVPMG13Z0J1TDhGMk9sR2x2T3RYdnMxeG9GREZhMW1ZVEFQbXUrTTg3bHNDaUY3UUFBK3V6bldoNnRMMkJsWUE3R1ZmYkVXRHJ4R0tDUnpaUERRd05TREh1VVNNMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1446
content-length: 567
expires: 0

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/478755/ 147 B
322 B 110ms
38ms XHR
application/json 52.51.233.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/478755/visit-data?sv=5
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.233.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-233-122.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.google.com/pagead/1p-user-list/780296261/ 42 B
548 B 34ms
25ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/780296261/?random=1653494679572&cv=9&fst=1653494400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&async=1&fmt=3&is_vtc=1&random=1190413287&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/780296261/ 42 B
108 B 37ms
28ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/780296261/?random=1653494679572&cv=9&fst=1653494400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&async=1&fmt=3&is_vtc=1&random=1190413287&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/665056240/ 42 B
108 B 35ms
27ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/665056240/?random=1653494679575&cv=9&fst=1653494400000&num=1&label=H5lgCLKD4sgBEPDnj70C&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&async=1&fmt=3&is_vtc=1&random=2757063515&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/665056240/ 42 B
548 B 30ms
26ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/665056240/?random=1653494679575&cv=9&fst=1653494400000&num=1&label=H5lgCLKD4sgBEPDnj70C&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&async=1&fmt=3&is_vtc=1&random=2757063515&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 154661765322510 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 55ms
54ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/154661765322510?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99057633502cc1a3b43932c7ac6827806fff1f091b3e8a07e15f09cfdfd394bb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: PE3WzdEy3X8u9fMSI0CKZM/6MmznZPqT0m5VuiNIl39EHu0931ELWFM8Q9z73TKD7XIqLfH7jyG5ceKAhtq9gw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653494680845
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1420932934903352&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494679712&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:40 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 108ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2025%20May%202022%2016%3A04%3A39%20GMT&n=0&b=A%20Brutal%20Lesson%20in%20Valuation&.yp=405446&f=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 25 May 2022 16:04:40 GMT

GET
H3 200 261964361146571 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/261964361146571?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c5d8571bd69f7af0d24f50179fa83683c6a655145cf263792ccfeb81458b2da

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: VQPwlfYbHvRuTUdFsSwEKh3/n+HSEQ/yHBKo5GQP13TOKWIeRu+q5cZBfpiAIzjgeLXZ6todacizm1O/xdXsZw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653494680918
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=154661765322510&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494679800&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:40 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=DSHKpV95UHYxZHc4eHFkQjlOd0JlVGp4bk1Jc00wdFJ6UTFHdTRxcmFjQzdPcVV0VU9hTVJDNzRtMlZiWFp...
https://widget.us.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=DSHKpV95UHYxZHc4eHFkQjlOd0JlVGp4bk1Jc00wdFJ6UTFHdTRxcmFjQzdPcVV0VU9hTVJDNzRtMlZiWFp...

9 KB
9 KB

317ms
106ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=DSHKpV95UHYxZHc4eHFkQjlOd0JlVGp4bk1Jc00wdFJ6UTFHdTRxcmFjQzdPcVV0VU9hTVJDNzRtMlZiWFp6NnglMkJMRWhydjhtOVVQNU4lMkJKMUNGb1I3MGxOY3JweW4waklQblFmNTFQUUxXbWZFUm0lMkJrTng3c2s0Z3pHeSUyRkZzb1RLRkZnQXY5bmo0Z1E5TCUyRkJZU0VrOG96RmFXUzlNczVycjN4b3JaVUlWdzNpRGhvJTNE&tld=wealthyretirement.com&ful=629&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8&dtycbr=71482

Requested by

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5b89676358a3d7e8b89c76fbf5a3d2ff3e307d2e87cb054e6320ebc3bc045d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13691851
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=DSHKpV95UHYxZHc4eHFkQjlOd0JlVGp4bk1Jc00wdFJ6UTFHdTRxcmFjQzdPcVV0VU9hTVJDNzRtMlZiWFp6NnglMkJMRWhydjhtOVVQNU4lMkJKMUNGb1I3MGxOY3JweW4waklQblFmNTFQUUxXbWZFUm0lMkJrTng3c2s0Z3pHeSUyRkZzb1RLRkZnQXY5bmo0Z1E5TCUyRkJZU0VrOG96RmFXUzlNczVycjN4b3JaVUlWdzNpRGhvJTNE&tld=wealthyretirement.com&ful=629&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8&dtycbr=71482
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 7489675
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 380237935810224 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 36ms
36ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/380237935810224?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ca4065e16a157acfc5160a6698ce60cb2911f90210d5df131cbd528e39448e6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: l35XN2SDJkyLiHVUrFDgNf5g9jBbE5gIsbKHwgtZeESmVdoVPmzxGV/QcI/u7eXI9gj5BOF0uNRiYKr10y5J4w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653494680962
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261964361146571&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494679847&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:40 GMT

GET
H3 200 668246423725853 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 54ms
53ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/668246423725853?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76f9c920313d573b70eefe995e902a4f5fe38098666555067056960664a672dc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: bdGSufqyYdARkZ3Z1Fs+0GdP0YTIf7rfmmlrJk4miP43IMKdgUZ3oa1GAZS+9iXdrMB0rLAx92ar6I2MoA6Zqg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653494681022
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=380237935810224&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494679889&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:40 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 21ms
21ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f4f5fdffaf00193968ce7061b79f50ecb891aa19d6303cfca92ee57ef0d5fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 710f821c4d5c918e-FRA
date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 15:14:46 GMT
server: cloudflare
age: 2995
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2Ft%2BVrcjeHsJpWhArz6rlYKM%2FSTiQRdcVJUen%2BvySEhdPoRo78Hvp2bzDRco3F8xznnzdeMlaCEwyc7xz8Mcb6N1%2FOGRvY7UzKlJiXo4UH9sfWB5cWB3IhT%2Ffl%2B1GaqA0OL230gsMzcs"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f155b4555f250e1524df719787be037245690fba6218bb64b0e111f7ccab840b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 710f821c7dd4918e-FRA
date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 15:16:18 GMT
server: cloudflare
age: 2903
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEwyE7eLp7lWBRlNVinJUARxurNowTbFsjXblVD6IgkPv5IngrPxwN%2F6%2BwCaGpzTp3Q9pxlrucO9Shyl556VEMBAL1haMTbybnSOgi37cDl4yAfbBkFvBbUR%2BSrVsxWuxImNetgq6DuF"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 lytics_overrides.min.css
storage.googleapis.com/lioservices/2470-oxford-club/ 602 B
1 KB 58ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:03:18 GMT
age: 83
x-guploader-uploadid: ADPycduXfyTGUswaJSTFFudTpcblu1bgI17gPmGCzo6Lscpf6Yzl0nZcMCG4c74Yy9jin0DK02isDfXuYkSZKqF_mq0PIjuk6z1G
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 602
last-modified: Thu, 04 Oct 2018 21:47:26 GMT
server: UploadServer
etag: "9df2d5ae6031369aa6e0f3685608cd8c"
x-goog-hash: crc32c=VZEimQ==, md5=nfLVrmAxNpqm4PNoVgjNjA==
x-goog-generation: 1538689646128559
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 602
accept-ranges: bytes
content-type: text/css
expires: Wed, 25 May 2022 17:03:18 GMT

GET
H3 200 231043257988858 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 44ms
43ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/231043257988858?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3febc917267518688440906bbbbbb3a9b32e21497d21494daaefbeb5222e4a23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: /pvha+XoiHnkBU8z+dUNKEcXij6Eilq8FuP8I6o9oboc1y/NNWj4rcUVzByjTmhrcHPTXJcy2B/0rLUewhDALA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653494681089
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=668246423725853&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494679969&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:41 GMT

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/ 29 KB
5 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a5ae454547b6b662283dce0b3f137e93c7471f2e5336a3494e4dc15ac400e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3838
content-encoding: br
last-modified: Wed, 25 May 2022 15:00:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KcqN43lTnh3FXS7MRAAmGSdzxOvmkqUfhJvw980PFhyZ3e6%2FrcAZ%2FfAflrm6ZVX8sv%2BDVpzTEaF3TCJtCFp7uxYjJtmOTybSH9fJAq8z6B%2F4UBzVSH2KO8ULmZkCfBuI8xGDW3nvQZR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 710f821ceed8918e-FRA

GET
H3 200 336157786980095 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 39ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/336157786980095?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f023322a1b4270e46c6c60927e78a4da3e7d76469c35d0d5357a413a4635ee6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: uVz/EcRZkwQqrSHS1PBfqYZ9tO7npOI9qwFfLXeAVRFEQA4k3k5XZM8l/k+T6XceYDqzfKCX3GY5obMhyKu6dg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653494681141
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=231043257988858&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494680024&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:41 GMT

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
431 B 130ms
129ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?pf-widget-id=7201585b3b470a5a8df9d40960e39f04&pf-widget-type=form&pf-widget-layout=modal&pf-widget-variant=1&pf-widget-event=show&_ts=1653494680051&_nmob=t&_device=desktop&url=wealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&_uid=e5307797-4546-4d68-8743-323d9da57b39&optimizelyid=oeu1653494679503r0.42933259967197746&_v=3.0.27&_uido=e5307797-4546-4d68-8743-323d9da57b39

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIg7npJYNzwAVHtdl0nY2ahwkPfS3C1xA2JrDaH8HWOdUXHI3Wh3JE7xXgIcEDWRIbS%2F8fRkkOgKnhW%2BcuEVx5RYXnSMfD4JS6W7C24SVE4DREpD%2F2gc0VAYR1X43FfmF%2BQzKaV%2Fe9Fw"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 710f821d5875918e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H3 200 2337243036594698 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2337243036594698?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14ff520fea7566ada0ac63f9fb35a124c665f40bade753efd74910b459cec16e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: xow/1EswQVwtLdHKZagwv+SNCf5MbQ+fGJyHAEmgYn2HucZH7bKmQOAr2sQDxSToADdA5AFDe3V6kb7rWsYtyg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653494681214
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=336157786980095&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494680099&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:41 GMT

GET
H2 200 vusn89uzxr Show response
fast.wistia.net/embed/iframe/ Frame 18DE 8 KB
3 KB 44ms
9ms Document
text/html 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d9c3b4e6294be01504727852c68ea03d3864aa1cbbcfa5c2292ebcdd4f0850a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 83540
cache-control: public, no-cache
content-encoding: br
content-length: 2917
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 16:04:41 GMT
etag: W/"d9c3b4e6294be01504727852c68ea03d"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-browser-version: 101
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-content-type-options: nosniff
x-download-options: noopen
x-ecma-v: modern
x-permitted-cross-domain-policies: none
x-request-id: 5c5a8205074d779acd9214afe03886ee
x-runtime: 0.077101
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra19177-FRA
x-timer: S1653494681.229533,VS0,VE2

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2337243036594698&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494680146&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:41 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1E70 0
15 B 24ms
21ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3E67 0
15 B 24ms
21ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4208 0
15 B 24ms
21ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 560B 0
15 B 24ms
21ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6C6A 0
15 B 24ms
22ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame FC98 0
15 B 24ms
22ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3DAB 0
15 B 29ms
27ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 28E3 0
15 B 29ms
27ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D38B 0
15 B 29ms
27ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0031 0
15 B 28ms
28ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 GetLyticsUserData Show response
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 19 KB
20 KB 478ms
475ms XHR
application/json 18.66.139.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-46.fra60.r.cloudfront.net
Software: /
Resource Hash: 462b8889124912fffcc6336098a7f756d3df4d4015f978a6fdc8670d67bd1c8a

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amzn-requestid: 813d2e6d-5a86-4185-8ecb-9ede2d5a5fc4
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-628e5399-4ac955352a16a47d511446cb;Sampled=0
x-cache: Miss from cloudfront
x-amz-apigw-id: SsIAEGEuoAMFT9w=
content-length: 19652
x-amz-cf-id: NnAgB8HEjkWivDasCT3Jtm-5HgKbeMXSFZCDmmqyH6pA8KC2dwlOHw==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 0
0 285ms
285ms Preflight
application/json 18.66.139.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-46.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wealthyretirement.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 3
content-type: application/json
date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-apigw-id: SsIACEZroAMF6OA=
x-amz-cf-id: VGPFyKMJ6Smjedfmcb0uqUSnOGNBvQO7g0-o13rkML7bo3XGhpo4XQ==
x-amz-cf-pop: FRA60-P4
x-amzn-requestid: 7e060f58-9632-4498-bb02-7c4061b8d490
x-cache: Miss from cloudfront

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 18DE 45 KB
12 KB 14ms
14ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0a13b8882d2d4d3cffc50f0c95dff5efddb0ccf063d81178334653e77978ab8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
content-encoding: br
vary: Accept-Encoding
age: 561
x-cache: HIT, HIT
content-length: 12070
x-served-by: cache-iad-kcgs7200092-IAD, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494681.378112,VS0,VE0
etag: "628d4087-2f26"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 14

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame 18DE 602 KB
111 KB 15ms
15ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

29f4170b29c87ec1c550d9fb550d79a4969ad85243d7829f8c608eda5813221d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
content-encoding: br
vary: Accept-Encoding
age: 562
x-cache: HIT, HIT
content-length: 113695
x-served-by: cache-iad-kcgs7200161-IAD, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494681.378230,VS0,VE0
etag: "628d4087-1bc1f"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 27

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
316 B 137ms
136ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?email=alan.katz%40ubs.com&_ts=1653494680281&_nmob=t&_device=desktop&url=wealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&_uid=e5307797-4546-4d68-8743-323d9da57b39&optimizelyid=oeu1653494679503r0.42933259967197746&_v=3.0.27&_uido=e5307797-4546-4d68-8743-323d9da57b39

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rb4CcO7DIyx8C%2FPDWeSQI1AFRlXS3lF5arnpVE3LoIz%2F1Etv3FHqa%2FX7R2VGvolnmHbzUwRNNNzZ9dUEjPc%2BZs6ldA0NJBAb3JIXFClX8rSHdsQdW6BlSNMAOawm2H%2FPMV379tgyeWQA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 710f821e9b74918e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
919 B 14ms
13ms Image
image/svg+xml 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-77-nzt-ray: VSqpZI8l7UA
age: 7
x-cache: HIT
x-age: 189711
content-encoding: br
x-77-nzt: AcO1rw6PCh3vD+UCAA
x-accel-expires: @1679224970
last-modified: Tue, 17 May 2022 16:25:51 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-cache: HIT
content-type: image/svg+xml
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: nvlAjtCHoyGS1BPnWas4e-IaqMhN4WuYyMPQh2HHikbwVOEPo53blA==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
961 B 14ms
14ms Image
image/svg+xml 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-77-nzt-ray: f8tfdUOieB0
age: 6
x-77-cache: HIT
x-cache: HIT
x-age: 189712
content-encoding: br
x-77-nzt: AcO1rw4zt+L/EOUCAA
x-accel-expires: @1679224969
last-modified: Tue, 17 May 2022 16:25:51 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 27vRjHpxKZ56p8nnAxk_ToLRwYzTu4BJRb0nwinsL4h7SXfiuuIwkg==

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame A2A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-07cJ9spzPtOViSZa6_rnanvDnVHHdZj-0Dp3CA&google_cm&google_hm=ay0wN2NKOXNwelB0T1ZpU1phNl9ybmFudkRuVkhIZFpqL...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-07cJ9spzPtOViSZa6_rnanvDnVHHdZj-0Dp3CA&google_gid=CAESEHnG23JkIBxCHAJKE8EkauU&google_cver=1&google_ula=913071,0

43 B
371 B

164ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-07cJ9spzPtOViSZa6_rnanvDnVHHdZj-0Dp3CA&google_gid=CAESEHnG23JkIBxCHAJKE8EkauU&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:40 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1358716
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-07cJ9spzPtOViSZa6_rnanvDnVHHdZj-0Dp3CA&google_gid=CAESEHnG23JkIBxCHAJKE8EkauU&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame A2A5
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=NM8bAWSjf8FtAsuHV3UMNEr9b2i1PPmL

0
42 B

36ms
20ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=NM8bAWSjf8FtAsuHV3UMNEr9b2i1PPmL
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=NM8bAWSjf8FtAsuHV3UMNEr9b2i1PPmL
date: Wed, 25 May 2022 16:04:41 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2652
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame A2A5 0
232 B 141ms
32ms Image
text/html 3.251.15.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-07cJ9spzPtOViSZa6_rnanvDnVHHdZj-0Dp3CA&custom=&tag_format=img&tag_action=sync&custom=&cb=e8932634-bdad-4a23-942e-2ca59e2745f3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.15.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-15-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 451 362338.gif
idsync.rlcdn.com/ Frame A2A5 0
98 B 64ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-07cJ9spzPtOViSZa6_rnanvDnVHHdZj-0Dp3CA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 aacxc.php
c.aaxads.com/ Frame A2A5 234 B
234 B 36ms
8ms Image
text/html 104.92.105.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/aacxc.php?fv=3&wbsh=crx&ryvlg=k-07cJ9spzPtOViSZa6_rnanvDnVHHdZj-0Dp3CA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-105-214.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=604800
cache-control: max-age=1898244
server: Apache
date: Wed, 25 May 2022 16:04:41 GMT
content-length: 234
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 204 v1
ads.yahoo.com/cms/ Frame A2A5 0
47 B 29ms
20ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame A2A5 43 B
291 B 38ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:41 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 25 May 2022 16:04:41 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame A2A5 0
397 B 58ms
14ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-K2aWr8pzPtOViSZa6_rnanvDnVGV6cmcQpZetg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame A2A5 0
476 B 428ms
89ms Image
text/plain 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Y2IPAspzPtOViSZa6_rnanvDnVG83H6r4-49_A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:42 GMT
Cache-Control: no-cache
X-TraceId: b3055da5f0f81b719e904e7bab29f8c6
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame A2A5 0
429 B 251ms
183ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-d6uqZspzPtOViSZa6_rnanvDnVGRikumu6G1bA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:41 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 25 May 2022 16:04:41 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame A2A5 0
239 B 63ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-d6uqZspzPtOViSZa6_rnanvDnVGRikumu6G1bA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame A2A5
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-cmGr-MpzPtOViSZa6_rnanvDnVFEp44weMIDbA&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cmGr-MpzPtOViSZa6_rnanvDnVFEp44weMIDbA%26seg%3D95287

43 B
1 KB

16ms
15ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cmGr-MpzPtOViSZa6_rnanvDnVFEp44weMIDbA%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:41 GMT
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3f2c8f7a-b7c7-4267-950d-79d3ee0c20ff
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:41 GMT
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: eb1c0d5f-d12c-403a-ab98-75de4bf4303a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cmGr-MpzPtOViSZa6_rnanvDnVFEp44weMIDbA%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame A2A5
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1443726273940488932

43 B
370 B

19ms
13ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1443726273940488932

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:41 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2136762
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:41 GMT
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6003e5a9-d061-46a6-9d29-a5f285ae8880
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1443726273940488932
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame A2A5 42 B
577 B 838ms
96ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-rEbocMpzPtOViSZa6_rnanvDnVG0bNEghMqd2g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:53:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 xuid
eb2.3lift.com/ Frame A2A5 37 B
140 B 198ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-nWaHyspzPtOViSZa6_rnanvDnVEJV02U0j0Y1w&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame A2A5 45 B
784 B 253ms
64ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-smWmZcpzPtOViSZa6_rnanvDnVGrXiAJaOtIuw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Wed, 25 May 2022 16:04:41 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 25 May 2022 16:04:41 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame A2A5
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XdbyP8pzPtOViSZa6_rnanvDnVHtahJlzV7Zuw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XdbyP8pzPtOViSZa6_rnanvDnVHtahJlzV7Zuw&C=1

43 B
1 KB

17ms
17ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XdbyP8pzPtOViSZa6_rnanvDnVHtahJlzV7Zuw&C=1
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 16:04:41 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XdbyP8pzPtOViSZa6_rnanvDnVHtahJlzV7Zuw&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Wed, 25 May 2022 16:04:41 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame A2A5
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-HejnZspzPtOViSZa6_rnanvDnVHdSwVzJzTOqA&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HejnZspzPtOViSZa6_rnanvDnVHdSwVzJzTOqA&expires=30&user_group=5

43 B
495 B

12ms
11ms

Image
image/gif

3.122.211.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HejnZspzPtOViSZa6_rnanvDnVHdSwVzJzTOqA&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 3.122.211.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-211-253.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HejnZspzPtOViSZa6_rnanvDnVHdSwVzJzTOqA&expires=30&user_group=5
Date: Wed, 25 May 2022 16:04:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame A2A5 35 B
337 B 153ms
37ms Image
image/gif 52.49.118.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-eHuWZspzPtOViSZa6_rnanvDnVGT1hyOr5XWuw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.118.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-118-209.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame A2A5 23 B
172 B 122ms
34ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-gpxIM8pzPtOViSZa6_rnanvDnVFb_TFaaH1eNA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:42 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 25 May 2022 16:04:42 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A2A5 0
99 B 213ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-I6xdWMpzPtOViSZa6_rnanvDnVFmS6DUQjeJCg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13295

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame A2A5 43 B
163 B 109ms
17ms Image
image/gif 185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-9hUrVcpzPtOViSZa6_rnanvDnVFSRVMqiMFWEQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame A2A5 68 B
262 B 55ms
7ms Image
image/png 52.28.128.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-IS5lX8pzPtOViSZa6_rnanvDnVFBiUZyPa31wA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.128.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-128-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame A2A5
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-irsm0cpzPtOViSZa6_rnanvDnVHUoOsRSIOREg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-irsm0cpzPtOViSZa6_rnanvDnVHUoOsRSIOREg

43 B
445 B

33ms
32ms

Image
image/gif

54.155.185.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-irsm0cpzPtOViSZa6_rnanvDnVHUoOsRSIOREg
Protocol: H2
Server: 54.155.185.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-185-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 16:04:42 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-irsm0cpzPtOViSZa6_rnanvDnVHUoOsRSIOREg
date: Wed, 25 May 2022 16:04:42 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame A2A5
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gGUh1spzPtOViSZa6_rnanvDnVHwe_9YrxGBHQ
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gGUh1spzPtOViSZa6_rnanvDnVHwe_9YrxGBHQ&_li_chk=true&previous_uuid=afcce1c1794d4fafae8f5afd866a955c
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gGUh1spzPtOViSZa6_rnanvDnVHwe_9YrxGBHQ

43 B
419 B

286ms
92ms

Image
image/gif

2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gGUh1spzPtOViSZa6_rnanvDnVHwe_9YrxGBHQ

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:42 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gGUh1spzPtOViSZa6_rnanvDnVHwe_9YrxGBHQ
Date: Wed, 25 May 2022 16:04:42 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame A2A5 43 B
428 B 335ms
107ms Image
image/gif 3.211.211.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-IM-OJ8pzPtOViSZa6_rnanvDnVGd_sMUsP97Zg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.211.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-211-136.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:42 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame A2A5 43 B
183 B 345ms
105ms Image
image/gif 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-V33mjcpzPtOViSZa6_rnanvDnVGmZ2SiIr8XOg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame A2A5
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-z2MEd8pzPtOViSZa6_rnanvDnVGbf8e2gEjKzg&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

70ms
7ms

Image
image/gif

2001:4de0:ac19::1:b:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:42 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1653494682.dop016.fr8.t,1653494682.cds133.fr8.shn,1653494682.cds133.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:42 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1653494682036027-508
Expires: Wed, 25 May 2022 16:04:42 GMT

GET
H2 200 wistia-mux.js Show response
fast.wistia.net/assets/external/ Frame 18DE 128 KB
32 KB 8ms
8ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

634fa75dd2959d7a115a567fb9db372e47934d19fb867fd05502cab7793cb06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
content-encoding: br
vary: Accept-Encoding
age: 563
x-cache: HIT, HIT
content-length: 32732
x-served-by: cache-iad-kiad7000054-IAD, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494682.681022,VS0,VE0
etag: "628d4087-7fdc"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 20

GET
H2 200 captions.js Show response
fast.wistia.net/assets/external/ Frame 18DE 144 KB
31 KB 8ms
7ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/captions.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7fb68a0b1a6c3d4c413a6183ffeb1bcede894171ddfb9a5fa0b2c768253badaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
content-encoding: br
vary: Accept-Encoding
age: 563
x-cache: HIT, HIT
content-length: 31425
x-served-by: cache-iad-kiad7000023-IAD, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494682.712898,VS0,VE0
etag: "628d4087-7ac1"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 5

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame A2A5
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/KoHMdn7bkgyP5EroT2rbJQ8ZloqWe8zk/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8652120667550982825

43 B
370 B

18ms
12ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8652120667550982825

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:41 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1992936
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8652120667550982825
pragma: no-cache
date: Wed, 25 May 2022 16:04:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame A2A5
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1443726273940488932

43 B
370 B

15ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1443726273940488932

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:41 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2302599
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:42 GMT
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bd38bf6c-6fdd-483a-95a3-a9554c3ea42b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1443726273940488932
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 18DE 58 KB
16 KB 7ms
7ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0e7c8895f8f743ec014f264c9090b8797cf7798bd4de1df1d9f06eced941f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
content-encoding: br
vary: Accept-Encoding
age: 563
x-cache: HIT, HIT
content-length: 15815
x-served-by: cache-iad-kiad7000159-IAD, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494682.770810,VS0,VE0
etag: "628d4087-3dc7"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 19

GET
H2 200 vusn89uzxr.json Show response
fast.wistia.net/embed/captions/ Frame 18DE 1 KB
1 KB 97ms
96ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/captions/vusn89uzxr.json?callback=wistiajson1

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/captions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

52ada88a3283f8f7e92824680aa1193016922892c8d46b728e9edc225b3e3996

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 2
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 731
x-request-id: 0f87d7de44ac9a56de03d1c54a9941f0
x-served-by: cache-iad-kcgs7200087-IAD, cache-fra19177-FRA
x-runtime: 0.012766
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1653494682.776132,VS0,VE90
etag: W/"52ada88a3283f8f7e92824680aa11930"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 101
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame 18DE 415 KB
97 KB 8ms
7ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1bad1d265b00ba31bf8d294835b87b346f81c15db195b07cdf4f2cdeab9c93c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:41 GMT
content-encoding: br
vary: Accept-Encoding
age: 563
x-cache: HIT, HIT
content-length: 99059
x-served-by: cache-iad-kiad7000170-IAD, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494682.944972,VS0,VE0
etag: "628d4087-182f3"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 17

GET
H2 200 vusn89uzxr.m3u8 Show response
fast.wistia.com/embed/medias/ Frame 18DE 1 KB
2 KB 28ms
7ms XHR
application/x-mpegurl 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/vusn89uzxr.m3u8

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aee924d2e41f5f1e234067817e237dece3306e48aa08cd6230bd1806d0863980

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 2
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 1123
x-request-id: 4664839bc5b2d9c2e54cdab12c40b585
x-served-by: cache-iad-kcgs7200059-IAD, cache-fra19174-FRA
x-runtime: 0.032921
referrer-policy: strict-origin-when-cross-origin
x-timer: S1653494682.061492,VS0,VE1
etag: W/"aee924d2e41f5f1e234067817e237dec"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 101
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame 18DE 1 KB
1 KB 8ms
7ms Image
image/gif 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 563
x-cache: HIT, HIT
x-cache-hits: 1, 11
content-length: 1214
x-served-by: cache-iad-kcgs7200092-IAD, cache-fra19177-FRA
x-browser-version: 101
last-modified: Wed, 25 May 2022 15:53:09 GMT
x-timer: S1653494682.049678,VS0,VE0
etag: "628e50e5-4be"
strict-transport-security: max-age=0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vusn89uzxr.vtt
fast.wistia.net/embed/captions/ Frame 18DE 1 KB
2 KB 98ms
97ms TextTrack
text/vtt 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/captions/vusn89uzxr.vtt?language=eng

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9b70d6dc0d9eebb8a7a0bb4bcaf40f7f5ce562403293c4505110c3b817a31d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 2
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 1223
x-request-id: f16d98bd7064284cf6a1caa43a5af69d
x-served-by: cache-iad-kjyo7100029-IAD, cache-fra19177-FRA
x-runtime: 0.010440
referrer-policy: strict-origin-when-cross-origin
x-timer: S1653494682.063874,VS0,VE90
etag: W/"9b70d6dc0d9eebb8a7a0bb4bcaf40f7f"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/vtt; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 101
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H/1.1 200
OK v2 Show response
embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/ Frame 18DE 1 KB
2 KB 71ms
8ms XHR
application/vnd.apple.mpegurl 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1dd4213778e92d448fe07cf0d91d1e8caced383c1d7b8de3d01e28b82d2dc020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:42 GMT
Access-Control-Request-Method: *
surrogate-key: c01aac15f58fa447d2f90d0db957e2b0fe103cd1-hls-segment purge-experiment-d1
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=30319187
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1231
Expires: Thu, 11 May 2023 14:04:29 GMT

GET
H/1.1 200
OK v2 Show response
embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/ Frame 18DE 1 KB
2 KB 65ms
8ms XHR
application/vnd.apple.mpegurl 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1dd4213778e92d448fe07cf0d91d1e8caced383c1d7b8de3d01e28b82d2dc020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:42 GMT
Access-Control-Request-Method: *
surrogate-key: c01aac15f58fa447d2f90d0db957e2b0fe103cd1-hls-segment purge-experiment-d1
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=30319187
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1231
Expires: Thu, 11 May 2023 14:04:29 GMT

POST
H2 200 v2 Show response
e-10348.adzerk.net/api/ 8 KB
2 KB 483ms
252ms XHR
application/json 52.7.154.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://e-10348.adzerk.net/api/v2
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.154.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-154-6.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: 0aade02348ce850a6838397f3de10272fba7f1f94d8d53a85c8002d8b2765a42

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:42 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"1e9a-QuPT9vSASelUkziHbe1w4MFWv44"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wealthyretirement.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
x-served-by: bifrost-production-shard001-us-east-1e-i-07103f80edc775410

GET
H3-Q050 200 seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2/ Frame 18DE 379 KB
380 KB 75ms
21ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 99062d7c1575e18ee54fc893bd3f8fca32fd2fc6e3199d9b83fa9be7a00e3a9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
access-control-request-method: *
surrogate-key: c01aac15f58fa447d2f90d0db957e2b0fe103cd1-hls-segment purge-experiment-d1
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31332078
expires: Tue, 23 May 2023 07:26:00 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 388408
quic-version: Q050

GET
H3-Q050 200 seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2/ Frame 18DE 379 KB
379 KB 74ms
21ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 99062d7c1575e18ee54fc893bd3f8fca32fd2fc6e3199d9b83fa9be7a00e3a9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
access-control-request-method: *
surrogate-key: c01aac15f58fa447d2f90d0db957e2b0fe103cd1-hls-segment purge-experiment-d1
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31332078
expires: Tue, 23 May 2023 07:26:00 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 388408
quic-version: Q050

GET
H3-Q050 200 v2 Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/ Frame 18DE 1 KB
1 KB 8ms
8ms XHR
application/vnd.apple.mpegurl 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4a8192adab342bc70a40ed0b25bc563deb361afd2fdbdb2dedc1ce26bb0c4aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30941720
expires: Thu, 18 May 2023 19:00:02 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1231
quic-version: Q050

GET
BLOB 200
OK 8a8b17eb-ae2b-44a9-b757-ecc1a666dbb3
https://fast.wistia.net/ Frame 18DE 86 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fast.wistia.net/8a8b17eb-ae2b-44a9-b757-ecc1a666dbb3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e76eaa2ca64511cf4b805040f38f1c9181b19a5463a6f00ccd931483b388ae07

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length: 88294
Content-Type: text/javascript

GET
H3-Q050 200 seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 614 KB
614 KB 9ms
9ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f27782c652bc608717ddc8d7989a6654abe0bd23d4826298feb66eddb53d015e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30514661
expires: Sat, 13 May 2023 20:22:23 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 629048
quic-version: Q050

POST
H2 204 x Show response
distillery.wistia.com/ Frame 18DE 0
96 B 333ms
103ms XHR
text/plain 54.86.117.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-117-43.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 16:04:42 GMT
cache-control: max-age=0, private, must-revalidate

GET
H3-Q050 200 seg-2-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 247 KB
247 KB 10ms
10ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f1e7f4aec0ef790fc7568dd497d278a2cb6488d8961792f7d6421b83b83ccf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30486380
expires: Sat, 13 May 2023 12:31:02 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 253048
quic-version: Q050

GET
H3-Q050 200 seg-2-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 247 KB
247 KB 9ms
8ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f1e7f4aec0ef790fc7568dd497d278a2cb6488d8961792f7d6421b83b83ccf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30486380
expires: Sat, 13 May 2023 12:31:02 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 253048
quic-version: Q050

GET
H3-Q050 200 seg-3-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 224 KB
224 KB 16ms
15ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65a20c69e67c35a92602f8caefd13afeee999ee6267c87a78e212ef431d51b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30613437
expires: Sun, 14 May 2023 23:48:39 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 228984
quic-version: Q050

GET
DATA 200
OK truncated
/ Frame 18DE 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 interFontFace.js Show response
fast.wistia.net/assets/external/ Frame 18DE 39 KB
16 KB 9ms
8ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/interFontFace.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

780cbfb3b7c4ce8e8a4b456166d0d713c73007acee33acd0cc8e6481110c229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
content-encoding: br
vary: Accept-Encoding
age: 564
x-cache: HIT, HIT
content-length: 16491
x-served-by: cache-iad-kjyo7100126-IAD, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494682.369025,VS0,VE0
etag: "628d4087-406b"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 5

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=154661765322510&ev=Microdata&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494681303&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22A%20Brutal%20Lesson%20in%20Valuation%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=2&o=30&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:42 GMT

GET
H3-Q050 200 seg-4-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 294 KB
294 KB 8ms
8ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-4-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c85d1db883c4b08296fcd7e9f258fcd647d725aca193a2dc51a4f1753ecda00c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30514483
expires: Sat, 13 May 2023 20:19:25 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 301176
quic-version: Q050

GET
H3-Q050 200 seg-5-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 294 KB
294 KB 19ms
19ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-5-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0f2ffc2a01a717d97125724a3347b0b35eb3ef050b9c3c1b7906ad80d8a4ba61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30469467
expires: Sat, 13 May 2023 07:49:09 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 301176
quic-version: Q050

GET
H3-Q050 200 seg-6-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 350 KB
350 KB 512ms
512ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-6-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 45e16c099f70d0a28b59ef206ca26fc1770ca1dc75b9139ffb03fbccf1eb4a9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31536000
expires: Thu, 25 May 2023 16:04:42 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 358328
quic-version: Q050

GET
H2 200 i.gif Show response
e-10348.adzerk.net/ 43 B
513 B 107ms
106ms XHR
image/gif 52.7.154.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://e-10348.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjozNjgzLCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA3NTcwLCJkaSI6Ijc1MzVhNTBjMmRmYTQ3OTFiMWZiYjFlMjA2MDllOTRlIiwiZGoiOjAsImlpIjoiOTk0YjMwMWFhNDZjNDNmMzg2NDg4ZDU2OTMyZTMyODEiLCJkbSI6MywiZmMiOjE3MDAzOTIyNSwiZmwiOjE2MTg5NjU2MiwiaXAiOiIzNy41OC41Ny4zIiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjEyLjA1NCwiZ20iOjAsImVwIjpudWxsLCJwciI6MTc1OTg5LCJydCI6NSwicnMiOjUwMCwic2EiOiJ1bmRlZmluZWQiLCJzYiI6ImktMDcxMDNmODBlZGM3NzU0MTAiLCJzcCI6NzAyNzgyLCJzdCI6MTEyODA3MiwidHIiOnRydWUsInVrIjoidWUxLWIxYWExY2EzNmE0NzQ2MGNiZWI3NjVhMGI5MjYyYzdlIiwiem4iOjI1MzQyMywidHMiOjE2NTM0OTQ2ODI1NTksInBuIjoiTHVoc0poSVZjY0Z0ZUd1aGxuYnoiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsInJyIjoxLCJiaSI6MSwidHoiOiJVVEMiLCJmcSI6MH0&s=JxJIw3x42t7kiqMfMlg5IhLlyPY
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.154.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-154-6.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept: */*
Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:42 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://wealthyretirement.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1b-i-0932e59d858a387d1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 22ms
21ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=261213513&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&ul=en-us&de=UTF-8&dt=A%20Brutal%20Lesson%20in%20Valuation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adzerk&ea=Success&el=image&_u=aEDAAAABAAAAAC~&jid=1333470709&gjid=1298001681&cid=461742079.1653494679&tid=UA-344672-10&_gid=809764339.1653494679&_r=1&gtm=2wg5n0WF7VQJT&z=43310699

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wealthyretirement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.gif Show response
e-10348.adzerk.net/ 43 B
512 B 105ms
104ms XHR
image/gif 52.7.154.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://e-10348.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjoxMDI5LCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA3MjQ2LCJkaSI6ImJhNDA1M2QwZTFjNjQ1MzlhYzJiNThhNGM1Nzc2ZWZkIiwiZGoiOjAsImlpIjoiZjk0Zjc1ZjZmZjc1NDMxN2E2MTg2MDQzZDBmNTM2NTUiLCJkbSI6MywiZmMiOjE3MDAzNDg1MSwiZmwiOjE2MTg5NjU2MiwiaXAiOiIzNy41OC41Ny4zIiwibnciOjEwMzQ4LCJwYyI6NTAsIm9wIjo1MCwiZWMiOjIyLjUzNCwiZ20iOjAsImVwIjpudWxsLCJwciI6MTc1OTg5LCJydCI6NSwicnMiOjUwMCwic2EiOiJ1bmRlZmluZWQiLCJzYiI6ImktMDcxMDNmODBlZGM3NzU0MTAiLCJzcCI6NzAyNzgyLCJzdCI6MTEyODA3MiwidHIiOnRydWUsInVrIjoidWUxLWIxYWExY2EzNmE0NzQ2MGNiZWI3NjVhMGI5MjYyYzdlIiwiem4iOjI1MzQxNiwidHMiOjE2NTM0OTQ2ODI1NjAsInBuIjoiTHdrT0JlcVhLQnJCVlZEb1JXV0siLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsInJyIjoxLCJiaSI6MSwidHoiOiJVVEMiLCJmcSI6MH0&s=jjB3iu00zA9mFvYxgu-OU4XbwUY
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.154.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-154-6.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept: */*
Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:42 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://wealthyretirement.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1a-i-0e098303d20c89373

GET
H2 200 30ebe225a9394ca39d7dc4edc46787ae.jpg
s.zkcdn.net/Advertisers/ 77 KB
77 KB 64ms
10ms Image
image/jpeg 52.222.214.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zkcdn.net/Advertisers/30ebe225a9394ca39d7dc4edc46787ae.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-59.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58c0710fe366a2d11678daa0cedaa29df18117b4ded5f6d4bfab40557aebee84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 21:57:59 GMT
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
last-modified: Thu, 17 Mar 2022 19:11:04 GMT
server: AmazonS3
age: 3694004
etag: "c701732da0165ea440f29c8f73bb2833"
x-cache: Hit from cloudfront
x-amz-version-id: CI4HEoFcPKYFiBe24wNRaqSSgNz.2DeP
cache-control: max-age=31557600
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 78471
x-amz-cf-id: g2YgaH5BUb9nspaEGkU2Ir6CDRNI_N8AGFnyYwqLBhhCuvY0z4FKuw==
expires: Wed, 17 Mar 2032 19:11:02 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=261213513&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&ul=en-us&de=UTF-8&dt=A%20Brutal%20Lesson%20in%20Valuation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adzerk&ea=Success&el=basic_html&_u=aEDAAAABAAAAAC~&jid=&gjid=&cid=461742079.1653494679&tid=UA-344672-10&_gid=809764339.1653494679&gtm=2wg5n0WF7VQJT&z=1259772816

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 13:00:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11043
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
233 B 181ms
181ms XHR
image/gif 100.20.53.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1653494682&e=pageload&r=&z=807101&x=d02bedf323815b3e88b644f5e9687371&k=c522c9a8-f19c-1775-14d1-0d193c3bde4c&u=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.53.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-53-196.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-Api-Key: d02bedf323815b3e88b644f5e9687371

Response headers

access-control-allow-origin: https://wealthyretirement.com
date: Wed, 25 May 2022 16:04:43 GMT
content-type: image/gif
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: etag

OPTIONS
H2 200 unity.gif
api.getblueshift.com/ Frame 0
0 625ms
174ms Preflight 100.20.53.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1653494682&e=pageload&r=&z=807101&x=d02bedf323815b3e88b644f5e9687371&k=c522c9a8-f19c-1775-14d1-0d193c3bde4c&u=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.53.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-53-196.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://wealthyretirement.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: content-type, x-requested-with, x-api-key, if-modified-since, if-none-match
access-control-allow-methods: GET, HEAD, PATCH, OPTIONS, POST, PUT, DELETE
access-control-allow-origin: https://wealthyretirement.com
access-control-max-age: 86400
content-length: 0
date: Wed, 25 May 2022 16:04:43 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=668246423725853&ev=Microdata&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&rl=&if=false&ts=1653494681615&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22A%20Brutal%20Lesson%20in%20Valuation%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=2&o=30&fbp=fb.1.1653494679600.970702573&it=1653494679426&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:42 GMT

GET
H2 200 portrait
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/ 35 B
336 B 126ms
125ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait?adzerk_uid=ue1-b1aa1ca36a47460cbeb765a0b9262c7e&_ts=1653494681558&_nmob=t&_device=desktop&url=wealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3Db24d1566-9e0a-470e-8214-03815e604b8a%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D2%26bsft_tv%3D6&_uid=e5307797-4546-4d68-8743-323d9da57b39&optimizelyid=oeu1653494679503r0.42933259967197746&_v=3.0.27&_uido=e5307797-4546-4d68-8743-323d9da57b39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9u0ako1HemhN4vaq%2B4pnlIC80TR5pRYz0v7Wr9LEjteQzM%2B9ELRgT353IhsUUDAHNsetOdeQlRzbhMdkiVQOG3jL2wbWfYSwMEUmvCL9L%2F3Kw5f9sckbH7dzYYX3cKEmxgz%2FVBTAnAj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 710f8226e966918e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-344672-10&cid=461742079.1653494679&jid=1333470709&gjid=1298001681&_gid=809764339.1653494679&_u=aEDAAAABAAAAAC~&z=1625307589

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 16:04:42 GMT
content-type: text/plain
access-control-allow-origin: https://wealthyretirement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 x Show response
distillery.wistia.com/ Frame 18DE 0
95 B 104ms
104ms XHR
text/plain 54.86.117.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-117-43.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 16:04:42 GMT
cache-control: max-age=0, private, must-revalidate

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 70ms
37ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-344672-10&cid=461742079.1653494679&jid=1333470709&_u=aEDAAAABAAAAAC~&z=638033687

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 101ms
48ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-344672-10&cid=461742079.1653494679&jid=1333470709&_u=aEDAAAABAAAAAC~&z=638033687

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 18DE 2 B
136 B 385ms
97ms XHR
text/plain 18.215.59.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.59.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-59-240.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 16:04:43 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 allIntegrations.js Show response
fast.wistia.net/assets/external/ Frame 18DE 25 KB
7 KB 7ms
7ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bbebd127ca8ad09b1db472eb7d740de3927601e3acc0dc78723168c48636369a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:42 GMT
content-encoding: br
vary: Accept-Encoding
age: 563
x-cache: HIT, HIT
content-length: 7139
x-served-by: cache-iad-kcgs7200102-IAD, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494683.932646,VS0,VE0
etag: "628d4087-1be3"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 10

GET
H3-Q050 200 seg-7-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 467 KB
468 KB 13ms
13ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-7-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55aecb1f1ef9bc1194c8c9226a1ebffe6b1e5dc0906e02e9da110930bb684e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:43 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30339816
expires: Thu, 11 May 2023 19:48:19 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 478648
quic-version: Q050

GET
H3-Q050 200 seg-8-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 203 KB
203 KB 21ms
21ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-8-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 937bec9cb281be602f0cee942df7c076b247a2139d171cf6bba92de6e2dea48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:43 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31379225
expires: Tue, 23 May 2023 20:31:48 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 207928
quic-version: Q050

GET
H3-Q050 200 seg-9-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 456 KB
456 KB 25ms
25ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-9-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88a9252da7c1ef7ef3071dc8bb05a9153d322558b8194721a258494a781501ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:43 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31188469
expires: Sun, 21 May 2023 15:32:32 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 466616
quic-version: Q050

GET
H3-Q050 200 seg-10-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 185 KB
185 KB 14ms
14ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-10-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ab583e1e1c81587c0efb344e14ae7f0b60e855bd12c3e22f30258d43f96f9bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:43 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31420310
expires: Wed, 24 May 2023 07:56:33 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 189880
quic-version: Q050

GET
H3-Q050 200 seg-11-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 83 KB
83 KB 184ms
184ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-11-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0dd7294f8dea6522592417618be6658cea6907e8c12d4751567f5e10c3344059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:43 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31535914
expires: Thu, 25 May 2023 16:03:17 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 84600
quic-version: Q050

GET
H3-Q050 200 seg-12-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 18DE 56 KB
56 KB 116ms
115ms XHR
video/mp2t 92.123.224.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-12-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.224.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c4f2068d91add4ccb80c76ec35eb938db206281684194bb65a8f6fa83c4ff59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:44 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30446737
expires: Sat, 13 May 2023 01:30:21 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 57528
quic-version: Q050

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

70 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 04:01:26	Name: _li_ss Value: MgkI_____wcQrxI
.wealthyretirement.com/	1970-01-20 03:18:16	Name: seerses Value: e
.wealthyretirement.com/	1970-01-23 18:54:14	Name: seerid Value: e5307797-4546-4d68-8743-323d9da57b39
.lytics.io/	1970-01-21 00:54:14	Name: seerid Value: e5307797-4546-4d68-8743-323d9da57b39
.bing.com/	1970-01-20 12:39:50	Name: MUID Value: 1A94797160A6620711B268DE617463CB
.wealthyretirement.com/	1970-01-20 03:19:41	Name: _uetsid Value: 6184a0c0dc4411ec8c5bc9f331b2bcdf
.wealthyretirement.com/	1970-01-20 12:39:50	Name: _uetvid Value: 61851570dc4411ecaf2ab1c25a31b5f7
.wealthyretirement.com/	1970-01-20 20:49:26	Name: _ga Value: GA1.2.461742079.1653494679
.wealthyretirement.com/	1970-01-20 03:19:41	Name: _gid Value: GA1.2.809764339.1653494679
.wealthyretirement.com/	1970-01-20 03:18:14	Name: _gat_secondary Value: 1
.wealthyretirement.com/	1970-01-20 07:37:26	Name: optimizelyEndUserId Value: oeu1653494679503r0.42933259967197746
.wealthyretirement.com/	1970-01-20 07:37:26	Name: optimizelySegments Value: %7B%22301652738%22%3A%22campaign%22%2C%22301739447%22%3A%22gc%22%2C%22301835208%22%3A%22false%22%7D
.wealthyretirement.com/	1970-01-20 07:37:26	Name: optimizelyBuckets Value: %7B%7D
.wealthyretirement.com/	1970-01-20 03:18:14	Name: optimizelyPendingLogEvents Value: %5B%5D
.wealthyretirement.com/	1970-01-20 05:27:50	Name: _fbp Value: fb.1.1653494679600.970702573
.criteo.com/	1970-01-20 12:39:50	Name: uid Value: 49e74e71-1b9c-48d2-bfc4-657f5d00dd1a
.linkedin.com/	1970-01-20 04:01:26	Name: UserMatchHistory Value: AQIqwdACazJ0hgAAAYD79oxaLSv6kgbRhT2yvT5toTQpCQeotU-VOKGjANPNKdog9wvHb5g6zbgVDw
.linkedin.com/	1970-01-20 04:01:26	Name: AnalyticsSyncHistory Value: AQKGAX2COlJQwQAAAYD79oxaz6FI76t8iboqXCqh2UsJSP5-xQjtdPd6Scw3NHdgW7R7wlvCPPbK1iu99Hp4RA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:50:08	Name: bcookie Value: "v=2&f28b7768-e6b6-4969-8396-e131acb4a77d"
.linkedin.com/	1970-01-20 03:19:41	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2315:u=1:x=1:i=1653494680:t=1653581080:v=2:sig=AQF-_KWcldjhJxJwcj-kROrBHXctl7Fa"
.wealthyretirement.com/	1970-01-20 12:03:50	Name: _hjSessionUser_478755 Value: eyJpZCI6IjRlNjlkMGUwLTFkMTMtNTQ0ZS04ZWZiLTMxMzEzODQzYWUyNiIsImNyZWF0ZWQiOjE2NTM0OTQ2Nzk2MzMsImV4aXN0aW5nIjpmYWxzZX0=
.wealthyretirement.com/	1970-01-20 03:18:16	Name: _hjFirstSeen Value: 1
wealthyretirement.com/	1970-01-20 03:18:14	Name: _hjIncludedInSessionSample Value: 1
.wealthyretirement.com/	1970-01-20 03:18:16	Name: _hjSession_478755 Value: eyJpZCI6IjYzM2FkY2NmLTQwMzQtNDBhZC1iYjMzLWU0YjhhNTc0MWNiMCIsImNyZWF0ZWQiOjE2NTM0OTQ2Nzk2NzQsImluU2FtcGxlIjp0cnVlfQ==
wealthyretirement.com/	1970-01-20 03:18:14	Name: _hjIncludedInPageviewSample Value: 1
.wealthyretirement.com/	1970-01-20 03:18:16	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 20:50:08	Name: bscookie Value: "v=1&20220525160440834f1754-eba9-479a-831f-d39125a8c171AQGdh3BzPPXUaR3-_N3TOu4X197W6-c3"
.linkedin.com/	1970-01-20 20:46:57	Name: li_gc Value: MTswOzE2NTM0OTQ2ODA7MjswMjFgM3hzJ34CJG7ya08mjW4s1oxhEPu/S8Kh+UdqYRjb/Q==
.yahoo.com/	1970-01-20 12:04:12	Name: A3 Value: d=AQABBJhTjmICECmA6dn2GJNURmn_cfGhkD8FEgEBAQGlj2KYYgAAAAAA_eMAAA&S=AQAAAll71rbLpvhwYb2sXB3QfiI
.wealthyretirement.com/	1970-01-20 12:47:38	Name: cto_bundle Value: DSHKpV95UHYxZHc4eHFkQjlOd0JlVGp4bk1Jc00wdFJ6UTFHdTRxcmFjQzdPcVV0VU9hTVJDNzRtMlZiWFp6NnglMkJMRWhydjhtOVVQNU4lMkJKMUNGb1I3MGxOY3JweW4waklQblFmNTFQUUxXbWZFUm0lMkJrTng3c2s0Z3pHeSUyRkZzb1RLRkZnQXY5bmo0Z1E5TCUyRkJZU0VrOG96RmFXUzlNczVycjN4b3JaVUlWdzNpRGhvJTNE
wealthyretirement.com/	1970-01-20 03:18:14	Name: outbrain_cid_fetch Value: true
.analytics.yahoo.com/	1970-01-20 12:03:50	Name: IDSYNC Value: 18zh~2534
.adnxs.com/	1970-01-20 05:27:50	Name: uuid2 Value: 1443726273940488932
.doubleclick.net/	1970-01-20 12:39:50	Name: IDE Value: AHWqTUmSmB8kM0xZDsQGTwddpgjwvJxDt8DocP4hcTLwza5M-WYJXQ4trQ2NNebX_uM
.addthis.com/	1970-01-20 12:39:50	Name: ouid Value: 628e53990001f258d96d8d9f1c6762048a5d97773ca64356ed8f
.addthis.com/	1970-01-20 12:39:50	Name: uid Value: 628e539949307a42
.addthis.com/	1970-01-20 12:39:50	Name: na_id Value: 2022052516044180700398559433
.bidswitch.net/	1970-01-20 12:03:50	Name: tuuid Value: cd1f04d0-d60f-4799-bf7a-21183fbaab68
.bidswitch.net/	1970-01-20 12:03:50	Name: c Value: 1653494681
.bidswitch.net/	1970-01-20 12:03:50	Name: tuuid_lu Value: 1653494681
.casalemedia.com/	1970-01-20 12:03:50	Name: CMID Value: Yo5TmXavCkkhKC7BLNRuhwAA
.casalemedia.com/	1970-01-20 05:27:50	Name: CMPS Value: 5237
.turn.com/	1970-01-20 07:37:26	Name: uid Value: 8652120667550982825
.revcontent.com/	1970-02-07 09:18:14	Name: __ID Value: 77fa54d116514636905410a3a59d4672
.revcontent.com/	1970-01-20 04:01:26	Name: v1_151 Value: 1
.casalemedia.com/	1970-01-20 05:27:50	Name: CMPRO Value: 1117
.casalemedia.com/	1970-01-20 12:03:50	Name: CMRUM3 Value: 14628e53992760k-XdbyP8pzPtOViSZa6_rnanvDnVHtahJlzV7Zuw
.casalemedia.com/	1970-01-20 03:19:41	Name: CMST Value: Yo5TmWKOU5kA
.media.net/	1970-01-20 12:03:50	Name: visitor-id Value: 2964962817267582000V10
.media.net/	1970-01-20 04:01:26	Name: data-c-ts Value: 1653494681
.media.net/	1970-01-20 04:01:26	Name: data-c Value: k-smWmZcpzPtOViSZa6_rnanvDnVGrXiAJaOtIuw~~3
.sharethrough.com/	1970-01-20 04:01:26	Name: stx_user_id Value: ddb8e80f-a9d1-4993-a5b4-2ba2edd4a724
.adnxs.com/	1970-01-20 05:27:50	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVPlsyqP!]tbK8bhzs#DIgl#Xsf]US-Uo
.outbrain.com/	1970-01-20 05:27:50	Name: obuid Value: d9144c49-630e-423b-999f-ff90087e5633
.outbrain.com/	1970-01-20 03:47:02	Name: criteo Value: k-Y2IPAspzPtOViSZa6_rnanvDnVG83H6r4-49_A
.360yield.com/	1970-01-20 05:27:50	Name: tuuid Value: c6c3abf3-85b6-474f-bdf7-7a5503ed573b
.360yield.com/	1970-01-20 05:27:50	Name: tuuid_lu Value: 1653494682
ads.stickyadstv.com/	1970-01-20 04:01:26	Name: UID Value: 86c57cf0ccf22fb076142fbde15db7
ads.stickyadstv.com/	1970-01-20 04:01:26	Name: uid-bp-11554 Value: k-z2MEd8pzPtOViSZa6_rnanvDnVGbf8e2gEjKzg
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: ecc66571d9fa9dac19ed300f42d6e
.360yield.com/	1970-01-20 05:27:50	Name: um Value: !38,516gc0rNq-VaoTZgPg204d7p-l4b2qhBLAf8Wai-j9rZxsmsv7YUDGGWJUhVfiyVgd6yfTZn,1661270682
.360yield.com/	1970-01-20 05:27:50	Name: umeh Value: !38,0,1715702682,-1
.postrelease.com/	1970-01-20 12:03:50	Name: opt_out Value: 1
.liadm.com/	1970-01-20 20:49:26	Name: lidid Value: afcce1c1-794d-4faf-ae8f-5afd866a955c
.pubmatic.com/	1970-01-20 04:01:26	Name: KRTBCOOKIE_97 Value: 3385-uid:k-rEbocMpzPtOViSZa6_rnanvDnVG0bNEghMqd2g&KRTB&23144-uid:k-rEbocMpzPtOViSZa6_rnanvDnVG0bNEghMqd2g&KRTB&23286-uid:k-rEbocMpzPtOViSZa6_rnanvDnVG0bNEghMqd2g&KRTB&23287-uid:k-rEbocMpzPtOViSZa6_rnanvDnVG0bNEghMqd2g
.pubmatic.com/	1970-01-20 04:01:26	Name: PugT Value: 1653447209
.wealthyretirement.com/	1970-01-20 03:18:14	Name: _gat_UA-344672-10 Value: 1
.wealthyretirement.com/	1970-01-20 12:03:50	Name: _bs Value: c522c9a8-f19c-1775-14d1-0d193c3bde4c

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://static.criteo.net/js/ld/ld.js Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-07cJ9spzPtOViSZa6_rnanvDnVHHdZj-0Dp3CA Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=NM8bAWSjf8FtAsuHV3UMNEr9b2i1PPmL Message: Failed to load resource: the server responded with a status of 451 ()
worker	info	URL: blob:https://fast.wistia.net/8a8b17eb-ae2b-44a9-b757-ecc1a666dbb3 Message: [log] >

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessibilityserver.org
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
amplify.outbrain.com
api.getblueshift.com
api.userway.org
bat.bing.com
c.aaxads.com
c.lytics.io
cdn.getblueshift.com
cdn.jsdelivr.net
cdn.optimizely.com
cdn.stickyadstv.com
cdn.userway.org
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d.turn.com
dis.criteo.com
distillery.wistia.com
dnzkifeab6.execute-api.us-east-1.amazonaws.com
e-10348.adzerk.net
eb2.3lift.com
embedwistia-a.akamaihd.net
events-b.mb.wealthyretirement.com
fast.wistia.com
fast.wistia.net
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
jadserve.postrelease.com
match.sharethrough.com
mug.criteo.com
partner.mediawallahscript.com
pipedream.wistia.com
pixel.rubiconproject.com
portrait-tracker.s3.amazonaws.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.yimg.com
s.zkcdn.net
s3.amazonaws.com
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
sync-t1.taboola.com
sync.outbrain.com
tr.outbrain.com
trc.taboola.com
trends.revcontent.com
ups.analytics.yahoo.com
vars.hotjar.com
wealthyretirement.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
100.20.53.196
104.111.242.245
104.75.88.126
104.92.105.214
108.138.17.96
108.157.4.99
13.107.42.14
13.248.245.213
141.226.228.48
142.250.185.194
142.250.185.66
178.250.0.157
178.250.0.163
178.250.2.151
18.156.0.31
18.215.59.240
18.233.27.104
18.66.139.28
18.66.139.46
18.66.248.61
185.33.220.100
185.33.220.244
185.86.139.89
2.18.234.233
2.20.157.165
2001:4de0:ac18::1:a:1b
2001:4de0:ac19::1:b:1a
2001:678:cb4:bbbb::13
212.82.100.181
23.35.228.23
23.35.236.247
2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5
2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
2606:4700:20::681a:216
2606:4700::6810:5514
2606:4700::6810:d03f
2620:1ec:22::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2010
2a00:1450:400c:c01::9a
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:2a8::13b8
2a02:26f0:f7::5c7b:e053
2a02:6ea0:c700::16
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::622
2a04:4e42::300
3.122.211.253
3.211.211.136
3.251.15.4
3.5.17.148
35.244.174.68
44.198.82.75
52.216.224.80
52.222.214.59
52.222.236.63
52.28.128.138
52.49.118.209
52.51.233.122
52.7.154.6
54.155.185.156
54.69.16.109
54.86.117.43
64.202.112.31
69.173.144.139
74.119.119.150
8.28.7.83
92.123.224.98
0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6
0a13b8882d2d4d3cffc50f0c95dff5efddb0ccf063d81178334653e77978ab8e
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
0aade02348ce850a6838397f3de10272fba7f1f94d8d53a85c8002d8b2765a42
0c4f2068d91add4ccb80c76ec35eb938db206281684194bb65a8f6fa83c4ff59
0c5d8571bd69f7af0d24f50179fa83683c6a655145cf263792ccfeb81458b2da
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0dd7294f8dea6522592417618be6658cea6907e8c12d4751567f5e10c3344059
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06
0f2ffc2a01a717d97125724a3347b0b35eb3ef050b9c3c1b7906ad80d8a4ba61
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
14ff520fea7566ada0ac63f9fb35a124c665f40bade753efd74910b459cec16e
15236ecf56f44fb5f69468c0a4b02f2fd9aa8e905bae13aff6278d2b2980645d
1bad1d265b00ba31bf8d294835b87b346f81c15db195b07cdf4f2cdeab9c93c8
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1dd4213778e92d448fe07cf0d91d1e8caced383c1d7b8de3d01e28b82d2dc020
1ddc9e19ccefc0d2de33245f132ea603775fb0785df813df05fe47c0edad63ba
1f4f5fdffaf00193968ce7061b79f50ecb891aa19d6303cfca92ee57ef0d5fb7
207b577bfae8a787e31f4a32ac4332232351f9db3a3bf44de19c97cc8bbc29f0
229d6077e7d50edc21b4fbde98ddd834327691ca0c12f91e99a38ae42e1a9116
25294875032f9525d068cd8a2f5764cf60ac8a5927fee1c4e0cb8f560363c3a5
26a74aa295ceeba34b3ced6606085d0d0ddb1f2120ab099e6aa5aba3620750de
29f4170b29c87ec1c550d9fb550d79a4969ad85243d7829f8c608eda5813221d
2b8c89badb0ca3879aeb34d3f732cb03353f108b82a97f02b62cb053d40a6f19
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3b741712c686178db485287c4f7f7ee1f077a6b01a7552fe699c7255ded7c28b
3d31cc9941618450823acf5ef28d2afffda7632bb1dd58be0518d66616a18c49
3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738
3f1cf9a6fb94f6305259011eca4e7c4a41140e274baee6e6384b23ac1096fa0d
3febc917267518688440906bbbbbb3a9b32e21497d21494daaefbeb5222e4a23
415422ec9a8645bc4a15ba4a860e5a7cb133038c69b28d7a23f3febfc40f9242
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
439d1ae467f77cad2ab326aed33c02d521022f57e334cabe4d7a0c657f814b5f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d77b18e848a256a02a12d29d24041d54831f06b54dbf81412004129d24fbde
45e16c099f70d0a28b59ef206ca26fc1770ca1dc75b9139ffb03fbccf1eb4a9e
462b8889124912fffcc6336098a7f756d3df4d4015f978a6fdc8670d67bd1c8a
4a8192adab342bc70a40ed0b25bc563deb361afd2fdbdb2dedc1ce26bb0c4aee
4a82ae3c77edece9c05d244708bbb5640c6a7bc69efaca4278c1c560e55f710f
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b4344e91454590284aaeef5fcbe09d3fa3e321bebcd4b23730249e1d7c34704
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4deada37c1f7b4f0c30d01839b5b200027d7f25c4931d16ddc0495bfc04a95dc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52ada88a3283f8f7e92824680aa1193016922892c8d46b728e9edc225b3e3996
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55aecb1f1ef9bc1194c8c9226a1ebffe6b1e5dc0906e02e9da110930bb684e49
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58c0710fe366a2d11678daa0cedaa29df18117b4ded5f6d4bfab40557aebee84
5a41d57891295c41db15219348cd6ea25b905786b4485bef3ba4a692c0af7655
5b89676358a3d7e8b89c76fbf5a3d2ff3e307d2e87cb054e6320ebc3bc045d34
5f023322a1b4270e46c6c60927e78a4da3e7d76469c35d0d5357a413a4635ee6
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
634fa75dd2959d7a115a567fb9db372e47934d19fb867fd05502cab7793cb06f
65a20c69e67c35a92602f8caefd13afeee999ee6267c87a78e212ef431d51b69
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
680cdcd211db6bb3ac3a108c6194503e34964b48725d0775c2c6448506c6d3aa
6a5ae454547b6b662283dce0b3f137e93c7471f2e5336a3494e4dc15ac400e61
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7150e7676d30c0a1323ee90f76fe773054556ca3e335306dc3929edb3149ef65
7480b8eb507474c3f788373fe41976213cda73774f37d1024a4b06727af9c0d4
76f9c920313d573b70eefe995e902a4f5fe38098666555067056960664a672dc
780cbfb3b7c4ce8e8a4b456166d0d713c73007acee33acd0cc8e6481110c229f
792def515e1894078522cdfc7814dc74be2345a635e572c0139284215b2cb362
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
7fb68a0b1a6c3d4c413a6183ffeb1bcede894171ddfb9a5fa0b2c768253badaa
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85c3d51d7eb47ac25de5f4043fba14177f6d131e1ca88ce545744bdfbf77a328
88a9252da7c1ef7ef3071dc8bb05a9153d322558b8194721a258494a781501ba
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a7ffcb1785815a28350d7287b28369ea2fb8e74d6df43aaea7bf6c03adf508d
937bec9cb281be602f0cee942df7c076b247a2139d171cf6bba92de6e2dea48a
94fe0bf34718ae3d0c48f2314a22e190e8189a15b536828b4b5c93c8b32ca36a
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
99057633502cc1a3b43932c7ac6827806fff1f091b3e8a07e15f09cfdfd394bb
99062d7c1575e18ee54fc893bd3f8fca32fd2fc6e3199d9b83fa9be7a00e3a9b
9b6554e3dbe9e11702720eb95ef8808b4e1e307bbec908ab5e6d0e1da2294470
9b70d6dc0d9eebb8a7a0bb4bcaf40f7f5ce562403293c4505110c3b817a31d04
9ca4065e16a157acfc5160a6698ce60cb2911f90210d5df131cbd528e39448e6
9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec
9de232e3a21b070afd01c7828a9ec1416ece3476c7905446869fdb56fa26d496
9f1e7f4aec0ef790fc7568dd497d278a2cb6488d8961792f7d6421b83b83ccf7
9f72ed2dfeef063e009cb45581ae6df3d43bd0cf04c299cbde9ed456ae594f8b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ab583e1e1c81587c0efb344e14ae7f0b60e855bd12c3e22f30258d43f96f9bc8
aee924d2e41f5f1e234067817e237dece3306e48aa08cd6230bd1806d0863980
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9b215bbdb26978ced9af85ac38f07275fee2a8488b2849e0731373f922a3aa4
ba84736079d69a538e14183da5837f9ea30566945ff57c5f5e151fd149feecfa
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9d2e9db7611ec45ec27b7bfbf174b6b26c18215b64502b8756711ac3b1c767
bbebd127ca8ad09b1db472eb7d740de3927601e3acc0dc78723168c48636369a
bdef145a212b1c018c220387d182435d6f69b4a653dbc806fbe3414667d1c70f
bf437c94b6f8b4f367e0b8d54e3256f093051d0f27a7eccb092dadf0b173a88c
c0e7c8895f8f743ec014f264c9090b8797cf7798bd4de1df1d9f06eced941f2b
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c5432314c2215a1052479602186328ab543c20b15f35dafd0946137f9d7a54cd
c85d1db883c4b08296fcd7e9f258fcd647d725aca193a2dc51a4f1753ecda00c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d9c3b4e6294be01504727852c68ea03d3864aa1cbbcfa5c2292ebcdd4f0850a1
dce5e27b81535a12aeb33ee1680377f71954e1873cf85a4ae518838f2c9bb2e6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76eaa2ca64511cf4b805040f38f1c9181b19a5463a6f00ccd931483b388ae07
e850af6dc7699719c75bc5d6ea2a272359ff8782727c342ab215a0f0de19e479
ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f155b4555f250e1524df719787be037245690fba6218bb64b0e111f7ccab840b
f225f6d3130aa78e6a67757e19f126e729010b2b2148642d8691cdb21caaa645
f27782c652bc608717ddc8d7989a6654abe0bd23d4826298feb66eddb53d015e
f95cd5428bb287edae3aeca43f83b3776da4f78f56f64c2791493ee1899aa300
f9725593c0dcf38e3f7b70342a00f50ad485c69d6101f69c9fd0fc712abb1b49
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

wealthyretirement.com Open in urlscan Pro 18.233.27.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

191 Requests

92 %HTTPS

36 %IPv6

54 Domains

80 Subdomains

69 IPs

8 Countries

6237 kBTransfer

9397 kBSize

70 Cookies

4 Outgoing links

Page URL History

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wealthyretirement.com Open in urlscan Pro
18.233.27.104 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

92 %
HTTPS

36 %
IPv6

54
Domains

80
Subdomains

69
IPs

8
Countries

6237 kB
Transfer

9397 kB
Size

70
Cookies

191 HTTP transactions
1 data transactions