wealthyretirement.com Open in urlscan Pro
18.233.27.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://events-b.mb.wealthyretirement.com/z/84bm1pxze?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&ut...
Effective URL:
https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-...
Submission: On May 25 via api (May 25th 2022, 4:05:02 pm UTC) from CH — Scanned from DE

Summary HTTP 191 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 70 IPs in 8 countries across 54 domains to perform 191 HTTP transactions. The main IP is 18.233.27.104, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is wealthyretirement.com.
TLS certificate: Issued by R3 on April 12th 2022. Valid for: 3 months.

This is the only time wealthyretirement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6810:cf3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	18.233.27.104 18.233.27.104	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
2	52.216.147.19 52.216.147.19	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.216.133.197 52.216.133.197	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:20:... 2606:4700:20::681a:316	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.41 143.204.98.41	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.248.61 18.66.248.61	16509 (AMAZON-02) (AMAZON-02)
3	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	108.157.4.114 108.157.4.114	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:88e::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dd9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	143.204.98.76 143.204.98.76	16509 (AMAZON-02) (AMAZON-02)
1	2.20.157.165 2.20.157.165	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	54.69.16.109 54.69.16.109	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.225.52 143.204.225.52	16509 (AMAZON-02) (AMAZON-02)
3	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	143.204.98.102 143.204.98.102	16509 (AMAZON-02) (AMAZON-02)
3 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
22	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.171.126.73 54.171.126.73	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:401... 2a00:1450:4014:80a::2010	15169 (GOOGLE) (GOOGLE)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
3	3.223.156.232 3.223.156.232	14618 (AMAZON-AES) (AMAZON-AES)
12	2a04:4e42:600... 2a04:4e42:600::622	54113 (FASTLY) (FASTLY)
1	143.204.98.118 143.204.98.118	16509 (AMAZON-02) (AMAZON-02)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.251.15.4 3.251.15.4	16509 (AMAZON-02) (AMAZON-02)
1	23.205.241.117 23.205.241.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2.20.157.55 2.20.157.55	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:215... 2600:9000:2156:ea00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	3.122.58.191 3.122.58.191	16509 (AMAZON-02) (AMAZON-02)
1	54.229.101.204 54.229.101.204	16509 (AMAZON-02) (AMAZON-02)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.57 185.86.139.57	201081 (SMARTADSE...) (SMARTADSERVER)
1	52.28.128.138 52.28.128.138	16509 (AMAZON-02) (AMAZON-02)
1 2	54.155.65.255 54.155.65.255	16509 (AMAZON-02) (AMAZON-02)
2 2	35.153.58.122 35.153.58.122	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4602:66c0:1498:bf97:ef60	14618 (AMAZON-AES) (AMAZON-AES)
1	52.9.57.1 52.9.57.1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:35be:ace0:b22e:18d9	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
17	23.216.77.195 23.216.77.195	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.205.143.103 18.205.143.103	14618 (AMAZON-AES) (AMAZON-AES)
2	52.54.116.217 52.54.116.217	14618 (AMAZON-AES) (AMAZON-AES)
2	54.188.140.173 54.188.140.173	16509 (AMAZON-02) (AMAZON-02)
191	70

1 2606:4700::6810:cf3f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

events-b.mb.wealthyretirement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.233.27.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-27-104.compute-1.amazonaws.com

wealthyretirement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.147.19 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

portrait-tracker.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.216.133.197 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-41.fra50.r.cloudfront.net

cdn.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-61.dus51.r.cloudfront.net

accessibilityserver.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.157.4.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-114.dus51.r.cloudfront.net

dnzkifeab6.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:88e::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dd9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.157.165 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-165.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.16.109 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-16-109.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.225.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-225-52.cdg3.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.126.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-126-73.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80a::2010 (Ireland)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.223.156.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-156-232.compute-1.amazonaws.com

e-10348.adzerk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-118.fra50.r.cloudfront.net

s.zkcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.251.15.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-15-4.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.241.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-117.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.14 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.53 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.20.157.55 (Milan, Italy) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ea00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.58.191 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-58-191.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.101.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-101-204.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.128.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-128-138.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.65.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-65-255.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.153.58.122 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-58-122.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:66c0:1498:bf97:ef60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.9.57.1 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-57-1.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:35be:ace0:b22e:18d9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.216.77.195 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-195.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.205.143.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-143-103.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.116.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-116-217.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.188.140.173 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-140-173.us-west-2.compute.amazonaws.com

api.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	1 KB
17	akamaihd.net embedwistia-a.akamaihd.net — Cisco Umbrella Rank: 8280	4 MB
14	wealthyretirement.com 1 redirects events-b.mb.wealthyretirement.com wealthyretirement.com	49 KB
12	wistia.net fast.wistia.net — Cisco Umbrella Rank: 7584	330 KB
11	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 393 mug.criteo.com — Cisco Umbrella Rank: 2669 sslwidget.criteo.com — Cisco Umbrella Rank: 1705 widget.us.criteo.com — Cisco Umbrella Rank: 18771 dis.criteo.com — Cisco Umbrella Rank: 725	20 KB
11	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	283 KB
11	amazonaws.com portrait-tracker.s3.amazonaws.com — Cisco Umbrella Rank: 460230 s3.amazonaws.com dnzkifeab6.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 464688	471 KB
10	lytics.io c.lytics.io — Cisco Umbrella Rank: 5580	58 KB
7	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 424 ib.adnxs.com — Cisco Umbrella Rank: 240	7 KB
7	bing.com bat.bing.com — Cisco Umbrella Rank: 375	12 KB
5	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4955 distillery.wistia.com — Cisco Umbrella Rank: 6240 pipedream.wistia.com — Cisco Umbrella Rank: 6738	2 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	5 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5483	782 B
4	google.com www.google.com — Cisco Umbrella Rank: 7	782 B
4	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 849 ads.yahoo.com — Cisco Umbrella Rank: 1156 ups.analytics.yahoo.com — Cisco Umbrella Rank: 297	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 511 www.linkedin.com — Cisco Umbrella Rank: 616 px4.ads.linkedin.com — Cisco Umbrella Rank: 4745	5 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2276 tr.outbrain.com — Cisco Umbrella Rank: 2072 sync.outbrain.com — Cisco Umbrella Rank: 782	4 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 645 script.hotjar.com — Cisco Umbrella Rank: 896 vars.hotjar.com — Cisco Umbrella Rank: 989 in.hotjar.com — Cisco Umbrella Rank: 1730	67 KB
4	userway.org cdn.userway.org — Cisco Umbrella Rank: 5488 api.userway.org — Cisco Umbrella Rank: 5459	33 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 525 i6.liadm.com — Cisco Umbrella Rank: 1678	1 KB
3	adzerk.net e-10348.adzerk.net	4 KB
3	getblueshift.com cdn.getblueshift.com — Cisco Umbrella Rank: 13797 api.getblueshift.com — Cisco Umbrella Rank: 8966	3 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 646	853 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1551	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 330	140 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 413	7 KB
2	taboola.com trc.taboola.com — Cisco Umbrella Rank: 679 sync-t1.taboola.com — Cisco Umbrella Rank: 1259	329 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	142 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 811	418 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2097	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1181	428 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 634	262 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 611	163 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1779	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1872	337 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 741	240 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 526	785 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 414	140 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 606	581 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 354	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1413	428 B
1	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 3513	234 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 1869	232 B
1	zkcdn.net s.zkcdn.net — Cisco Umbrella Rank: 36698	26 KB
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 498	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	14 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 939	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	15 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 683	71 KB
1	accessibilityserver.org accessibilityserver.org — Cisco Umbrella Rank: 26416	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	19 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 660	30 KB
191	54

	Domain	Requested by
22	www.facebook.com	wealthyretirement.com
17	embedwistia-a.akamaihd.net	fast.wistia.net
13	wealthyretirement.com	wealthyretirement.com
12	fast.wistia.net	c.lytics.io fast.wistia.net
11	connect.facebook.net	wealthyretirement.com connect.facebook.net
10	c.lytics.io	portrait-tracker.s3.amazonaws.com c.lytics.io wealthyretirement.com
7	bat.bing.com	wealthyretirement.com bat.bing.com
5	s3.amazonaws.com	wealthyretirement.com www.googletagmanager.com
4	secure.adnxs.com	3 redirects
4	dis.criteo.com
4	www.google.de	wealthyretirement.com
4	www.google.com	wealthyretirement.com
4	gum.criteo.com	3 redirects static.criteo.net
4	www.google-analytics.com	www.googletagmanager.com portrait-tracker.s3.amazonaws.com wealthyretirement.com
4	dnzkifeab6.execute-api.us-east-1.amazonaws.com	portrait-tracker.s3.amazonaws.com
3	ib.adnxs.com	3 redirects
3	e-10348.adzerk.net	portrait-tracker.s3.amazonaws.com
3	cdn.userway.org	accessibilityserver.org wealthyretirement.com
2	api.getblueshift.com	portrait-tracker.s3.amazonaws.com
2	pipedream.wistia.com	fast.wistia.net
2	distillery.wistia.com	fast.wistia.net
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	idsync.rlcdn.com
2	stats.g.doubleclick.net	portrait-tracker.s3.amazonaws.com
2	sp.analytics.yahoo.com	wealthyretirement.com
2	tr.outbrain.com	amplify.outbrain.com wealthyretirement.com
2	px.ads.linkedin.com	2 redirects
2	googleads.g.doubleclick.net	www.googleadservices.com
2	s.yimg.com	wealthyretirement.com portrait-tracker.s3.amazonaws.com
2	www.googletagmanager.com	portrait-tracker.s3.amazonaws.com wealthyretirement.com
2	portrait-tracker.s3.amazonaws.com	wealthyretirement.com portrait-tracker.s3.amazonaws.com
1	d.turn.com	1 redirects
1	fast.wistia.com	fast.wistia.net
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	s.ad.smaato.net
1	contextual.media.net
1	eb2.3lift.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	ups.analytics.yahoo.com
1	ads.yahoo.com
1	c.aaxads.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	s.zkcdn.net	wealthyretirement.com
1	widget.us.criteo.com	wealthyretirement.com
1	sslwidget.criteo.com	1 redirects
1	storage.googleapis.com	c.lytics.io
1	in.hotjar.com	portrait-tracker.s3.amazonaws.com
1	mug.criteo.com	wealthyretirement.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	wealthyretirement.com
1	www.linkedin.com	1 redirects
1	api.userway.org	portrait-tracker.s3.amazonaws.com
1	amplify.outbrain.com	wealthyretirement.com
1	static.hotjar.com	wealthyretirement.com
1	static.criteo.net	www.googletagmanager.com
1	snap.licdn.com	wealthyretirement.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.optimizely.com	www.googletagmanager.com
1	trc.taboola.com	wealthyretirement.com
1	accessibilityserver.org	wealthyretirement.com
1	cdn.getblueshift.com	portrait-tracker.s3.amazonaws.com
1	cdn.jsdelivr.net	wealthyretirement.com
1	code.jquery.com	wealthyretirement.com
1	events-b.mb.wealthyretirement.com	1 redirects
191	79

This site contains links to these domains. Also see Links.

Domain
e-10348.adzerk.net
oxfordclub.com
privacyportal-cdn.onetrust.com

Subject Issuer	Validity	Valid
wealthyretirement.com R3	`2022-04-12` - `2022-07-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.getblueshift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
accessibilityserver.org Amazon	`2021-12-09` - `2023-01-05`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2022-03-17` - `2022-06-15`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2022-03-10` - `2023-04-08`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-04` - `2022-06-02`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-06-22`	2 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
api.userway.org Amazon	`2021-11-02` - `2022-11-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.adzerk.net Amazon	`2021-12-06` - `2023-01-02`	a year	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.zkcdn.net Amazon	`2022-04-22` - `2023-05-21`	a year	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.wistia.com Amazon	`2022-03-02` - `2023-03-31`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Frame ID: 092E597586C1B002F2CCB7FC998B6CD5
Requests: 108 HTTP requests in this frame

Frame: https://portrait-tracker.s3.amazonaws.com/index.html
Frame ID: C13E60225EE1256C1C613C775BDEDEF7
Requests: 1 HTTP requests in this frame

Frame: https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait
Frame ID: AAD1623877BC20C8FE9CF7702C2596E3
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: CBE07C4DA76944D4A98F1AE54D56FDC1
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=wealthyretirement.com&origin=onetag
Frame ID: 44623427BB80A09D065A3E75FAE916EF
Requests: 2 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
Frame ID: 9A735B38A894E699C142D5DF5A6A5694
Requests: 36 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F91561C039F999A48F3FA1ABAA14BDAA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7F4D2D39A6E37D6CDF69A68BA340DEA4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B96771DB63CD7B19C77A47A42A142B76
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6ACEE10ED9670E74B245A0AB2C3481E7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E01E8B5C31470E6D569A06694649805D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5372E967ED32F41175ED74D6F602BF7F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 90DAD898C8C3DD2F4D61210F4B04A03E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F14D797490B4F607EB7B021C193CCD46
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8DFA856F69A46DE17A8847D371A39A31
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4F7CDB6FE9A9B24DAB1D8D702424C4E0
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tc4rTJI_HhgNKmbLESu3t9vcnQQd3MtWr1Yqiw&google_gid=CAESEJBhh1ZRGGRBAisznHn2j5A&google_cver=1&google_ula=913071,0
Frame ID: 4AECB2C30CEAE933A8883221D991918A
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A Brutal Lesson in Valuation

Page URL History Show full URLs

https://events-b.mb.wealthyretirement.com/z/84bm1pxze?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=1b5c0329-9905-4c08-... HTTP 307
https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba61... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

191
Requests

93 %
HTTPS

37 %
IPv6

54
Domains

79
Subdomains

70
IPs

8
Countries

5938 kB
Transfer

9099 kB
Size

67
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://e-10348.adzerk.net/r?e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjozNjgzLCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA4NTEwLCJkaSI6IjA2MTYzZTI2YTYxMTQzM2ZiNDlmMDA4OWFhZGNlZjYzIiwiZGoiOjAsImlpIjoiYzI1MzNjNjcxNmYzNDJmN2JjZmE2MWE1NGQyMmI2MmQiLCJkbSI6MywiZmMiOjE3MDA0NDgyMCwiZmwiOjE2MTkxMzE2OCwiaXAiOiIyMTcuMTE0LjIxNS4xMzMiLCJudyI6MTAzNDgsInBjIjo1MCwib3AiOjUwLCJlYyI6MTIuMDU0LCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wNDQzZmUxNDIzODMwMzY1MyIsInNwIjo1OTM2NjgsInN0IjoxMTI4MDcyLCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtOTk1NTg4NzNkMWY3NGUyNjk1MDY1YzlhYmIxNmNiN2EiLCJ6biI6MjUzNDIzLCJ0cyI6MTY1MzQ5NDY5NDY2NywicG4iOiJhcUlZek9XeGpsamFIQldxeHhWaSIsImdjIjpmYWxzZSwiZ0MiOmZhbHNlLCJnaSI6dHJ1ZSwiZ3MiOiJub25lIiwicnIiOjEsImJpIjoxLCJ0eiI6IlVUQyIsInVyIjoiaHR0cHM6Ly9wcm8ub3hmb3JkY2x1Yi5jb20vbS8xOTgxNTg0In0&s=KMCIPjIquTPE_v9w9IYJRq3Tcn0&adz_e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjozNjgzLCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA4NTEwLCJkaSI6IjA2MTYzZTI2YTYxMTQzM2ZiNDlmMDA4OWFhZGNlZjYzIiwiZGoiOjAsImlpIjoiYzI1MzNjNjcxNmYzNDJmN2JjZmE2MWE1NGQyMmI2MmQiLCJkbSI6MywiZmMiOjE3MDA0NDgyMCwiZmwiOjE2MTkxMzE2OCwiaXAiOiIyMTcuMTE0LjIxNS4xMzMiLCJudyI6MTAzNDgsInBjIjo1MCwib3AiOjUwLCJlYyI6MTIuMDU0LCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wNDQzZmUxNDIzODMwMzY1MyIsInNwIjo1OTM2NjgsInN0IjoxMTI4MDcyLCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtOTk1NTg4NzNkMWY3NGUyNjk1MDY1YzlhYmIxNmNiN2EiLCJ6biI6MjUzNDIzLCJ0cyI6MTY1MzQ5NDY5NDY2OCwicG4iOiJhcUlZek9XeGpsamFIQldxeHhWaSIsImdjIjpmYWxzZSwiZ0MiOmZhbHNlLCJnaSI6dHJ1ZSwiZ3MiOiJub25lIiwicnIiOjEsImJpIjoxLCJ0eiI6IlVUQyIsImV0IjoyfQ&adz_s=82t1WrL9SRSHRDFpgugFiTEUf1I&s4=email&s5=wealthre&s6=20220524_wr_nonoxf

Search URL Search Domain Scan URL

URL: https://e-10348.adzerk.net/r?e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjoxMDI5LCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA3MTQzLCJkaSI6IjliYmExZWEwODc5ZjRkZjZhYzcwZDI4MWJjYjE1MDZkIiwiZGoiOjAsImlpIjoiMmZmNzlkZmE1NmE0NDkyM2E0NDMzOGI3YTY2NWVmYjgiLCJkbSI6MywiZmMiOjE3MDAzMzQ5NCwiZmwiOjE2MTg5NjU2MiwiaXAiOiIyMTcuMTE0LjIxNS4xMzMiLCJudyI6MTAzNDgsInBjIjo1MCwib3AiOjUwLCJlYyI6MjkuMTI0LCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wNDQzZmUxNDIzODMwMzY1MyIsInNwIjo1OTM2NjgsInN0IjoxMTI4MDcyLCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtOTk1NTg4NzNkMWY3NGUyNjk1MDY1YzlhYmIxNmNiN2EiLCJ6biI6MjUzNDE2LCJ0cyI6MTY1MzQ5NDY5NDY2OSwicG4iOiJ2cHZPeXhKd1JmdFR0WUpIaEN2QyIsImdjIjpmYWxzZSwiZ0MiOmZhbHNlLCJnaSI6dHJ1ZSwiZ3MiOiJub25lIiwiYmkiOjEsInR6IjoiVVRDIiwidXIiOiJodHRwczovL3Byby5veGZvcmRjbHViLmNvbS9tLzE5ODE1ODAifQ&s=S307KkWGi_iWHeNkDSo72e6jkwE&adz_e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjoxMDI5LCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA3MTQzLCJkaSI6IjliYmExZWEwODc5ZjRkZjZhYzcwZDI4MWJjYjE1MDZkIiwiZGoiOjAsImlpIjoiMmZmNzlkZmE1NmE0NDkyM2E0NDMzOGI3YTY2NWVmYjgiLCJkbSI6MywiZmMiOjE3MDAzMzQ5NCwiZmwiOjE2MTg5NjU2MiwiaXAiOiIyMTcuMTE0LjIxNS4xMzMiLCJudyI6MTAzNDgsInBjIjo1MCwib3AiOjUwLCJlYyI6MjkuMTI0LCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wNDQzZmUxNDIzODMwMzY1MyIsInNwIjo1OTM2NjgsInN0IjoxMTI4MDcyLCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtOTk1NTg4NzNkMWY3NGUyNjk1MDY1YzlhYmIxNmNiN2EiLCJ6biI6MjUzNDE2LCJ0cyI6MTY1MzQ5NDY5NDY3MCwicG4iOiJ2cHZPeXhKd1JmdFR0WUpIaEN2QyIsImdjIjpmYWxzZSwiZ0MiOmZhbHNlLCJnaSI6dHJ1ZSwiZ3MiOiJub25lIiwiYmkiOjEsInR6IjoiVVRDIiwiZXQiOjJ9&adz_s=8R8GqeAgJNHbc5d27HHxCv7M6AA&s4=email&s5=wealthre&s6=20220524_wr_nonoxf
Title: Click here to get my No. 1 dividend stock as part of my FREE Ultimate Dividend Package.

Search URL Search Domain Scan URL

URL: https://oxfordclub.com/affiliates/?referralFranchise=WR
Title: Partner With Us

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/90ddaa87-9d70-4282-9d4f-d6cbd96bd224/c4dd28cf-6762-4f86-acf4-3e1c6ec51a3a.html
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://events-b.mb.wealthyretirement.com/z/84bm1pxze?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_mime_type=html&bsft_tv=6&bsft_lx=7 HTTP 307
https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494692507&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26utm_campaign%3D20220524_wr_nonoxf%26utm_content%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26src%3Demail%26bsft_lx%3D7%26bsft_tv%3D6 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D518825%26time%3D1653494692507%26url%3Dhttps%253A%252F%252Fwealthyretirement.com%252Fwebview%252Fbuyers-of-rivian-are-caught-in-a-bloodbath%252F%253Fbsft_utid%253D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%2526bsft_clkid%253D158d472b-df7c-47bf-9251-4af5fc1779f0%2526bsft_aaid%253Dba611593-2123-403a-9286-2afa6fa671c2%2526bsft_eid%253D97633ca0-dbd1-4e89-8008-abc922a44b56%2526bsft_uid%253D5ebec341-8e79-4078-ad86-82f483c1ad30%2526bsft_mid%253D1b5c0329-9905-4c08-94ad-35d3ba07586c%2526bsft_ek%253D2022-05-24T20%25253A30%25253A42Z%2526utm_campaign%253D20220524_wr_nonoxf%2526utm_content%253D20220524_wr_nonoxf%2526utm_source%253Dwealthre%2526bsft_mime_type%253Dhtml%2526utm_medium%253Demail%2526src%253Demail%2526bsft_lx%253D7%2526bsft_tv%253D6%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494692507&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26utm_campaign%3D20220524_wr_nonoxf%26utm_content%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26src%3Demail%26bsft_lx%3D7%26bsft_tv%3D6&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494692507&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26utm_campaign%3D20220524_wr_nonoxf%26utm_content%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26src%3Demail%26bsft_lx%3D7%26bsft_tv%3D6&liSync=true&e_ipv6=AQJhKGi_BGZV8AAAAYD79r6l_hvUUB460g2rs5IbwMPrAY4zqB5ILfTFGZoUnFtYe1-H6zbZ6dU9gThKKe4B-LLzWwc

Request Chain 74

https://gum.criteo.com/sid/json?origin=onetag&domain=wealthyretirement.com&sn=ChromeSyncframe&so=0&topUrl=wealthyretirement.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=0uvDrHxFUXd5enpIb2dSRlFKa1BmbXVhYnY5dVVtNzVLODZnQ0hQamMvMTh3N0NXR1R0bk5XNThtWHIvWlhCZjRzYUNLei85NHRHR1F3NlJCbVp4SjlocHh6c1NPbVB5RTE1ZkZYRUo3S2dVRFhWNTduRUlhbG1TMFc2RUhFcW1lMWg4cE5LSzhzcXBWRVFVMTVTZWluNU94anZCcEFWL3ZyQjVNOVlwbVlYeUpkeEJjWHB1NjNDN0hZaVZwVWJ2MWxmdytnekdvSXNHV0JMMFNkci9DL2JLQ29LRjZCMEo2WFpzQ0J0YjFISmFOYW94Y3NWcDZod0xFU25DbDVYN3ZhTk1TVllSWFBRTUNJdkNOaXlvdGtTSCtKN3hWbWZhOS9EUDlEYlFNWUtDKzdvMD18&cppv=2

Request Chain 88

https://sslwidget.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=wUBTJV9mUlRjVm1BY3I4NGFLQWZGU1NsNXJKY294OWt0VXZTQkl5MkZoek5YRnBjSk52bTk3WHk1OTNZcnh5ZEFYV0daZFIlMkZwbWRtT0dlNGpFUWpHdW1aNlJLNWNyeUhCNlM4ciUyRjN4cnBmRlJiJTJCU1NuJTJGUXFaMFZpa3d4R29TcUdPMThVSzMlMkZvclQ1VVEwZWlGSUQwNHJlazZnazVvdDVDN3FQZjU2JTJGS3pTdTdmbE0lM0Q&tld=wealthyretirement.com&ful=629&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8&dtycbr=5232 HTTP 302
https://widget.us.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=wUBTJV9mUlRjVm1BY3I4NGFLQWZGU1NsNXJKY294OWt0VXZTQkl5MkZoek5YRnBjSk52bTk3WHk1OTNZcnh5ZEFYV0daZFIlMkZwbWRtT0dlNGpFUWpHdW1aNlJLNWNyeUhCNlM4ciUyRjN4cnBmRlJiJTJCU1NuJTJGUXFaMFZpa3d4R29TcUdPMThVSzMlMkZvclQ1VVEwZWlGSUQwNHJlazZnazVvdDVDN3FQZjU2JTJGS3pTdTdmbE0lM0Q&tld=wealthyretirement.com&ful=629&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8&dtycbr=5232

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tc4rTJI_HhgNKmbLESu3t9vcnQQd3MtWr1Yqiw&google_cm&google_hm=ay10YzRyVEpJX0hoZ05LbWJMRVN1M3Q5dmNuUVFkM010V3IxWXFpdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tc4rTJI_HhgNKmbLESu3t9vcnQQd3MtWr1Yqiw&google_gid=CAESEJBhh1ZRGGRBAisznHn2j5A&google_cver=1&google_ula=913071,0

Request Chain 131

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=N72YpFSNjhtXo9pj1XEiEur8y3UIAkBB

Request Chain 141

https://secure.adnxs.com/setuid?entity=52&code=k-7rVXNpI_HhgNKmbLESu3t9vcnQQ4pTSjf22fcA&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-7rVXNpI_HhgNKmbLESu3t9vcnQQ4pTSjf22fcA%26seg%3D95287

Request Chain 142

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8470024256000949395

Request Chain 146

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-01SfY5I_HhgNKmbLESu3t9vcnQRjB4Jaw_QtAA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-01SfY5I_HhgNKmbLESu3t9vcnQRjB4Jaw_QtAA&C=1

Request Chain 148

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-zyYm0pI_HhgNKmbLESu3t9vcnQTMTGQsXsHiMQ&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-zyYm0pI_HhgNKmbLESu3t9vcnQTMTGQsXsHiMQ&expires=30&user_group=5

Request Chain 154

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-zPDAqZI_HhgNKmbLESu3t9vcnQQtXihv9FiuQQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-zPDAqZI_HhgNKmbLESu3t9vcnQQtXihv9FiuQQ

Request Chain 155

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-WxmEVJI_HhgNKmbLESu3t9vcnQR-hlJDlN8XLw HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-WxmEVJI_HhgNKmbLESu3t9vcnQR-hlJDlN8XLw&_li_chk=true&previous_uuid=21887cd16c004407a76c4a445e87a4fa HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-WxmEVJI_HhgNKmbLESu3t9vcnQR-hlJDlN8XLw

Request Chain 161

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/PN20c95jpt2dKtY_uVycYgF-NrAoT2ch/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4140357701486752859

Request Chain 162

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8470024256000949395

191 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/
Redirect Chain

https://events-b.mb.wealthyretirement.com/z/84bm1pxze?uid=5ebec341-8e79-4078-ad86-82f483c1ad30&mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_ek=20...
https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign...

20 KB
6 KB

576ms
338ms

Document
text/html

18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9685618bbebea19059c3969aa28d2939f1c6345d6411674aecae0ce2101cb182

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 May 2022 16:04:50 GMT
Server: nginx
Transfer-Encoding: chunked
X-Cache-Status: BYPASS

Redirect headers

access-control-allow-headers: Content-Type, X-Api-Key
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 710f824f5fd69bc4-FRA
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 16:04:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
pragma: no-cache
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: e1b2e24b-dfd7-4ef8-a469-92feed8bf1a2
x-runtime: 0.375004
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 133ms
51ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://wealthyretirement.com/
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:50 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1653494690.dop164.fr8.t,1653494690.cds053.fr8.hn,1653494690.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H/1.1 200
OK all.js Show response
portrait-tracker.s3.amazonaws.com/ 37 KB
38 KB 523ms
134ms Script
application/javascript 52.216.147.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/all.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 415422ec9a8645bc4a15ba4a860e5a7cb133038c69b28d7a23f3febfc40f9242

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:52 GMT
Last-Modified: Tue, 17 May 2022 20:14:26 GMT
Server: AmazonS3
x-amz-request-id: VQ328JPDSNX7Y111
ETag: "faa72930cbf681cb6fe7023413f1978b"
Content-Type: application/javascript
x-amz-version-id: YFZSMuVueqXRStn.kw7bvcS_1lf7ZK_q
Accept-Ranges: bytes
Content-Length: 38262
x-amz-id-2: nN8XfJXw1EVu8gHDAsnCkBBwOuWK0CLO5jP9xPViF5gkE5OmOgY0Hsmf5Sy5ln+XLm9/0WgUGYw=

GET
H/1.1 200
OK all.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 9 KB
3 KB 107ms
106ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4b4344e91454590284aaeef5fcbe09d3fa3e321bebcd4b23730249e1d7c34704

Request headers

Referer: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:51 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-241b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 foundation.min.css
cdn.jsdelivr.net/npm/foundation-sites@6.7.4/dist/css/ 132 KB
19 KB 137ms
56ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/foundation-sites@6.7.4/dist/css/foundation.min.css

Requested by

Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

229d6077e7d50edc21b4fbde98ddd834327691ca0c12f91e99a38ae42e1a9116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5640144
x-jsd-version: 6.7.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19165-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"20ef1-bhEYyg3UHPtQeklGmSXYZB57t6s"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1uB2mY1HM4RUiGSaoNGglBVY0rT9qn9LxDLKWUkp9KPWq%2FwhOmG7D8Hl%2BrTEmI6uTGZ1wvKSZk8XhsRcv6DHenCRE%2BsbkQWsxtzxypmvSeKbo5iZvioSEqXq8SGSIN6p28k18cTysFcWSQauTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 710f825a5ba19a09-FRA

GET
H/1.1 200
OK single-webview.css
wealthyretirement.com/wp-content/plugins/og-plugins-webview/styles/ 1 KB
603 B 141ms
141ms Stylesheet
text/css 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/og-plugins-webview/styles/single-webview.css
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 26a74aa295ceeba34b3ced6606085d0d0ddb1f2120ab099e6aa5aba3620750de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:50 GMT
Content-Encoding: br
Last-Modified: Thu, 14 Apr 2022 16:16:25 GMT
Server: nginx
ETag: W/"625848d9-407"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK wealthy-retirement-logo.svg
s3.amazonaws.com/cdn.wealthyretirement.com/wp-content/uploads/2018/07/ 14 KB
14 KB 514ms
144ms Image
image/svg+xml 52.216.133.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.wealthyretirement.com/wp-content/uploads/2018/07/wealthy-retirement-logo.svg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.133.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bb9d2e9db7611ec45ec27b7bfbf174b6b26c18215b64502b8756711ac3b1c767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:52 GMT
Last-Modified: Mon, 09 Jul 2018 21:08:10 GMT
Server: AmazonS3
x-amz-request-id: VQ3F5A5AE53VJD4S
ETag: "d9c31e6f3af9510bb2ec6b29a1486b8c"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 14156
x-amz-id-2: JKZxjI4+qB7/57ObbW/CGguiolbr2owka3POmpMAjycXU4tSuKSE2sesR46kxae0k5znINFQC+w=

GET
H/1.1 200
OK jody-1.png
wealthyretirement.com/wp-content/uploads/2020/03/ 32 KB
33 KB 303ms
213ms Image
image/png 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wealthyretirement.com/wp-content/uploads/2020/03/jody-1.png
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b9b215bbdb26978ced9af85ac38f07275fee2a8488b2849e0731373f922a3aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:51 GMT
Last-Modified: Wed, 11 Mar 2020 18:36:41 GMT
Server: nginx
ETag: "5e692fb9-81c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33216

GET
H/1.1 200
OK 20220524_WR-Rivian-financials.jpg
s3.amazonaws.com/assets.oxfordclub.com/emails/images/ 160 KB
160 KB 484ms
140ms Image
image/jpeg 52.216.133.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/emails/images/20220524_WR-Rivian-financials.jpg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.133.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4deada37c1f7b4f0c30d01839b5b200027d7f25c4931d16ddc0495bfc04a95dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:52 GMT
Last-Modified: Tue, 24 May 2022 17:52:58 GMT
Server: AmazonS3
x-amz-request-id: VQ36HH3DWHCXK5H3
ETag: "3d32f28b7167f42d2805b0775cbca315"
Content-Type: image/jpeg
x-amz-version-id: NJcaILiL_n.IvaUPSY8ZPRJDIxUG1WZb
Accept-Ranges: bytes
Content-Length: 163575
x-amz-id-2: XdPP45h3ACXjW6eT7jBYWPW6sxFBF7TyuJOR2T9B+BtIw9WKzvGVclFlzQlAeBB5jCbhyTDutIc=

GET
H/1.1 200
OK 20220524_WR-Rivian-share-price.jpg
s3.amazonaws.com/assets.oxfordclub.com/emails/images/ 100 KB
100 KB 508ms
162ms Image
image/jpeg 52.216.133.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/emails/images/20220524_WR-Rivian-share-price.jpg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.133.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 94fe0bf34718ae3d0c48f2314a22e190e8189a15b536828b4b5c93c8b32ca36a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:52 GMT
Last-Modified: Tue, 24 May 2022 17:52:57 GMT
Server: AmazonS3
x-amz-request-id: VQ307PEGH2MJM1BZ
ETag: "0c409838fd895c3342d61c59d3b72932"
Content-Type: image/jpeg
x-amz-version-id: 4YSxwJgMJ8tmmg6_rLFcliMbXvY9l8cM
Accept-Ranges: bytes
Content-Length: 102169
x-amz-id-2: AGr3YHh272SKb0+vLoxOnOc3yOIEepR+0iQLGihGMUuUA+Na998KgUGjK+HNB8s0KFc2yA9L1lQ=

GET
H/1.1 200
OK 20220524_WR-Rivian-Enterprise-value.jpg
s3.amazonaws.com/assets.oxfordclub.com/emails/images/ 99 KB
100 KB 496ms
149ms Image
image/jpeg 52.216.133.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/emails/images/20220524_WR-Rivian-Enterprise-value.jpg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.133.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f9725593c0dcf38e3f7b70342a00f50ad485c69d6101f69c9fd0fc712abb1b49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:52 GMT
Last-Modified: Tue, 24 May 2022 17:52:58 GMT
Server: AmazonS3
x-amz-request-id: VQ3EM9NENEFTNXBQ
ETag: "0569d7efb419711040abe9f657bfeb2e"
Content-Type: image/jpeg
x-amz-version-id: LR2FuTdECsgG4rINDyRQ5.CXKxlY_i3k
Accept-Ranges: bytes
Content-Length: 101569
x-amz-id-2: kxw+8ZBjO//3Y709iJZbtrmD48kU6tqIodT2eCSI5BhL1gP91RQNfyY6zp10+XAQ0juGwSpeqTU=

GET
H/1.1 200
OK basic_html.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 519 B
438 B 162ms
104ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/basic_html.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c5432314c2215a1052479602186328ab543c20b15f35dafd0946137f9d7a54cd

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:51 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-207"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK basic_text.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 275 B
412 B 234ms
105ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/basic_text.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 15236ecf56f44fb5f69468c0a4b02f2fd9aa8e905bae13aff6278d2b2980645d

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:51 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-113"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK basic_html_single_image.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 667 B
504 B 248ms
107ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/basic_html_single_image.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f225f6d3130aa78e6a67757e19f126e729010b2b2148642d8691cdb21caaa645

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:51 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-29b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK basic_html_center_image.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 653 B
495 B 299ms
103ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/basic_html_center_image.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4a82ae3c77edece9c05d244708bbb5640c6a7bc69efaca4278c1c560e55f710f

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:51 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-28d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK leadgen_html.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 3 KB
1 KB 323ms
109ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/leadgen_html.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bdef145a212b1c018c220387d182435d6f69b4a653dbc806fbe3414667d1c70f

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:51 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-d34"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK video_html.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 2 KB
813 B 325ms
111ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/video_html.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 439d1ae467f77cad2ab326aed33c02d521022f57e334cabe4d7a0c657f814b5f

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:51 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-724"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK iu_recent_article.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 948 B
633 B 324ms
110ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/iu_recent_article.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 85c3d51d7eb47ac25de5f4043fba14177f6d131e1ca88ce545744bdfbf77a328

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:51 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-3b4"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK modal.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 2 KB
847 B 329ms
105ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/modal.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1ddc9e19ccefc0d2de33245f132ea603775fb0785df813df05fe47c0edad63ba

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:51 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-82c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK timed_modal.js Show response
wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/ 3 KB
998 B 355ms
116ms Script
application/javascript 18.233.27.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/timed_modal.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.27.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-27-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8a7ffcb1785815a28350d7287b28369ea2fb8e74d6df43aaea7bf6c03adf508d

Request headers

Referer: https://wealthyretirement.com/wp-content/plugins/portrait-tracker-adzerk-decisions/js/dist/all.js
Origin: https://wealthyretirement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:51 GMT
Content-Encoding: br
Last-Modified: Tue, 12 Apr 2022 15:42:43 GMT
Server: nginx
ETag: W/"62559df3-adf"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/ 65 KB
22 KB 88ms
41ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25294875032f9525d068cd8a2f5764cf60ac8a5927fee1c4e0cb8f560363c3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:51 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1908
content-encoding: br
last-modified: Wed, 25 May 2022 15:33:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KvGkkfatJ3A9QvfMPVg6xOAqMboluXX%2FbSUnh8e38U13pUOUSFfH74p1WOM7IGXVYMgExV%2BckXG004Hdk%2BsoeCk8OINXfLOJkDDnDwTmbNblH7tScF1BOOkchz9zvhYNU0o2ccUk8dF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 710f825e2981698b-FRA

GET
H/1.1 200
OK blueshift.js Show response
cdn.getblueshift.com/ 4 KB
2 KB 70ms
26ms Script
application/javascript 143.204.98.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getblueshift.com/blueshift.js
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f72ed2dfeef063e009cb45581ae6df3d43bd0cf04c299cbde9ed456ae594f8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:55:52 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 08 Feb 2022 00:38:50 GMT
Server: AmazonS3
Age: 544
ETag: "e180e60ec878d69551a1c449b37c6552"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 1990
X-Amz-Cf-Id: -okj5mfOqRoImpIGoBMwTUygMW4RgScFs3-4NcUdpulttTELWhPvZQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 253 KB
75 KB 120ms
70ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ce7b1638fe4091d69bcda3b62681023ef97d3fc9bcf890d767d1c7097efaec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76083
x-xss-protection: 0
last-modified: Wed, 25 May 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 May 2022 16:04:51 GMT

GET
H/1.1 200
OK index.html Show response
portrait-tracker.s3.amazonaws.com/ Frame C13E 2 KB
3 KB 126ms
126ms Document
text/html 52.216.147.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/index.html
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9b6554e3dbe9e11702720eb95ef8808b4e1e307bbec908ab5e6d0e1da2294470

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 2371
Content-Type: text/html
Date: Wed, 25 May 2022 16:04:52 GMT
ETag: "c029f674b13b082e9a03b16217c3f576"
Last-Modified: Wed, 03 Nov 2021 21:10:09 GMT
Server: AmazonS3
x-amz-id-2: 5XHaVfQ3X7vaFhWHFqvJOIaMA0t2si3iDfAtnkpd3tgczhhef0d+BW04vXT59Mp3n6i6UzL5kEQ=
x-amz-request-id: VQ32DKR5BJ2FEHBC
x-amz-version-id: X1zblgbOV1d.Qkc55AyQidmgNGbabuW5

GET
H2 200 widget.js Show response
accessibilityserver.org/ 1 KB
1 KB 132ms
38ms Script
application/javascript 18.66.248.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accessibilityserver.org/widget.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-61.dus51.r.cloudfront.net
Software: CDN77-Turbo /
Resource Hash: 3d31cc9941618450823acf5ef28d2afffda7632bb1dd58be0518d66616a18c49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 May 2022 15:43:40 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront), 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
etag: W/"c6e1e866dfbba7f0d2241713ed48d46d"
age: 2011
x-77-cache: HIT
x-cache: Hit from cloudfront
x-age: 2837
content-encoding: gzip
x-77-nzt: AcO1ry9vy2j/FQsAAA
last-modified: Mon, 23 May 2022 00:08:28 GMT
server: CDN77-Turbo
x-77-nzt-ray: neyZwYz9/CA
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
x-amz-cf-pop: FRA60-P3, DUS51-P1
x-amz-cf-id: nYSo5JymBSbiertjZ2dLD-XUhbP9EN8QovdgM-_upvtZTZjvXpO_vg==

GET
H2 200 70b5d251-00ac-4d69-9b9c-08acff390341 Show response
c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/ 12 KB
3 KB 184ms
182ms Script
application/json 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/70b5d251-00ac-4d69-9b9c-08acff390341?segments=true&fields=pub_circulation_status,su_list_email_status,bi_ltv&mergestate=true&state=%7B%22_uid%22%3A%2270b5d251-00ac-4d69-9b9c-08acff390341%22%2C%22utm_campaign%22%3A%2220220524_wr_nonoxf%22%2C%22utm_source%22%3A%22wealthre%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_content%22%3A%2220220524_wr_nonoxf%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22wealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6%22%2C%22_v%22%3A%223.0.27%22%7D&ts=1653494691843&callback=u_101393067897465060

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

496557104c2e1af9f01a86beb5253966b252281c68d53b67631bafc15e890f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 710f82601d4a698b-FRA
date: Wed, 25 May 2022 16:04:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSo1tZaZLkm5DlKUloIZyX2Cu8EZ5bIE34Nm9zoGH1krlLv70cCckzQ1yinlvHJvRsALmT8ec8BUcKSXsSCgBKfjxDYZW9hoGebQ54NAalI9FuVeuAmQjc7xaedG0QeR6Espio3sKxuz"}],"group":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
552 B 144ms
142ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1653494691779&_nmob=t&_device=desktop&url=wealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&_v=3.0.27&_uid=70b5d251-00ac-4d69-9b9c-08acff390341&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUY%2FWtS4ywhTYyS5s7MbLl428QtPlduc83aKHJzFOV%2Fd1S8JuyXtEc6BD3rcOL4YuFe2lr2tqaht02j6VfXTZ8gIM5DJcpPrAwg%2BSGth0%2FuufbPsrrMA%2FggIR%2FJgJyVPyPFd2HddERRb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 710f82601d4d698b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 widget_app_base_1653264363668.js Show response
cdn.userway.org/widgetapp/2022-05-23/ 110 KB
30 KB 122ms
26ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-05-23/widget_app_base_1653264363668.js
Requested by: Host: accessibilityserver.org
URL: https://accessibilityserver.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 207b577bfae8a787e31f4a32ac4332232351f9db3a3bf44de19c97cc8bbc29f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 May 2022 16:04:52 GMT
via: 1.1 e7150584c93f85e64aa53364c55a16c6.cloudfront.net (CloudFront)
x-77-nzt-ray: ifTDfImIJmI
age: 4
x-77-cache: HIT
x-cache: HIT
x-age: 189725
content-encoding: br
x-77-nzt: AcO1rgVW6Zr/HeUCAA
x-accel-expires: @1679224967
last-modified: Mon, 23 May 2022 00:08:27 GMT
server: CDN77-Turbo
etag: W/"6c5008c063c1544296ed4109e51420d7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=25920000, public
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: FIxHOF0iLI7gDCY30hwkCY5Tq8rqQ2PGkrUHVQiVBLLBsyt73dL14g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
67 KB 48ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9240b41c0d2ef1fbeb4ac4a4fec7f6f019a96a6878a8c14761b9359e572a692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68304
x-xss-protection: 0
last-modified: Wed, 25 May 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 May 2022 16:04:51 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 128ms
52ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF32C25C5FBD46BA8CB514D0E7A8AD0F Ref B: FRAEDGE1212 Ref C: 2022-05-25T16:04:52Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 25 May 2022 16:04:51 GMT
accept-ranges: bytes
content-length: 11333

GET
H/1.1 200
OK lytics-styles.css
s3.amazonaws.com/assets.oxfordclub.com/css/global/ 28 KB
29 KB 135ms
127ms Stylesheet
text/css 52.216.133.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.133.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9de232e3a21b070afd01c7828a9ec1416ece3476c7905446869fdb56fa26d496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:53 GMT
Last-Modified: Mon, 23 May 2022 19:50:53 GMT
Server: AmazonS3
x-amz-request-id: EBA99Q9QRGDRN27D
ETag: "fef71b42c6e493ff7c6406b23119bdc2"
Content-Type: text/css
x-amz-version-id: nRCBEQTWzD_.0v7_YhjbfrtQG3SFfllB
Accept-Ranges: bytes
Content-Length: 28788
x-amz-id-2: roh1gdkd+Lc1MRpUNoYKOK34s7gtO/hicCUYBge/BOdf6jUknjDEYCtqEZ6EGWXmqflLHHrq87A=

POST
H2 200 GetBlueshiftUserData Show response
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 8 KB
8 KB 776ms
763ms XHR
application/json 108.157.4.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetBlueshiftUserData
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-114.dus51.r.cloudfront.net
Software: /
Resource Hash: 9c2249f3e727e08575d9577decd7c4e95dcaafdb814b8493e4490ee65e4db28c

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 16:04:53 GMT
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amzn-requestid: b7c1a9d2-d97b-46b3-a7c7-cca6edd8f9d1
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-628e53a4-2c997e1c5e8c73ac3fdd81cd;Sampled=0
x-cache: Miss from cloudfront
x-amz-apigw-id: SsIBvEhvoAMF7Jg=
content-length: 7814
x-amz-cf-id: nGJNrvoe3D2tPCRIJnLc1F0jdJ5jAud13wvpAk9_iH_mP6HuUnVmqw==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 GetBlueshiftUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 0
0 385ms
309ms Preflight
application/json 108.157.4.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetBlueshiftUserData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-114.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wealthyretirement.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 3
content-type: application/json
date: Wed, 25 May 2022 16:04:52 GMT
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-apigw-id: SsIBsGGqIAMF_vA=
x-amz-cf-id: 3BYZt7hRqDb6Aa50jVj59azemiCPUE5aD92BnBloOcdyFHsgikzGiQ==
x-amz-cf-pop: DUS51-P2
x-amzn-requestid: 3376da26-ef8f-466f-a76e-590e7e35d39f
x-cache: Miss from cloudfront

POST
H2 200 portrait Show response
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/ Frame AAD1 0
290 B 151ms
149ms Document
text/html 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 710f82610eea698b-FRA
content-encoding: br
content-type: text/html
date: Wed, 25 May 2022 16:04:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=danG8tMAcZ9mmmGPyo%2FcIHcNWey%2FQ3pacjiPwhujiJEK3lW9utJOXcFRA%2BeyFm7VxwQIVvX3V8QCg%2FzcKtjM8Flr8rz%2FiaR5%2FBKfbZTKINLWv7zki1seQj2OFnFsSBncs8T6ybZRLJ4d"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000;
via: 1.1 google

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
230 B 162ms
29ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D70b5d251-00ac-4d69-9b9c-08acff390341%26account_id%3D9c32784e3cc4888a693a7988ad64c63d
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 25 May 2022 16:04:52 GMT
via: 1.1 varnish
server: nginx
x-timer: S1653494692.193547,VS0,VE9
x-served-by: cache-hhn4040-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 288828202.js Show response
cdn.optimizely.com/js/ 214 KB
71 KB 125ms
27ms Script
text/javascript 2a02:26f0:3500:88e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/288828202.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a41d57891295c41db15219348cd6ea25b905786b4485bef3ba4a692c0af7655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: AGSiDl9zqJRPmIt26XVCbr_lobkx_V3G
content-encoding: gzip
etag: "ead132393d856a23bae9a5e509595194"
x-amz-request-id: CCBBE8DF0DDFF989
x-amz-meta-revision: 600
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="18";dur=0,cdnip;desc="2a02:26f0:3500:88e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 71386
x-amz-id-2: YMCcq30pvndMWSbwlPZ9zv9166ZNdjaQYOfIlOv5Ezj8W7v3JZCCfxINJWSoz5VhCiX0ebWW6xc=
last-modified: Thu, 05 Jul 2018 14:14:39 GMT
server: AmazonS3
date: Wed, 25 May 2022 16:04:52 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 126ms
40ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14849
x-xss-protection: 0
server: cafe
etag: 10272469744856839321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 16:04:52 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 121ms
28ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dd9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dd9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=51638
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 143ms
27ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: f6SsIi08E+DOlsCvdPXZ5jqk7MElPrdUlXFQnXMf45MuMQqfocD3JZIb0Uql1IZSrGs8kpkPDeTaaTDP09fsVA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 138ms
34ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 9D20BZR81DWFQQ9F
x-amz-id-2: KnSPBNyBdwRe8gBWdLTFL3k1id5Q+A5gAhn4pK77bO2eioZOgHvASEopvNpGmmFdyX+OlzL2RrM=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 41 KB
14 KB 199ms
30ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:52 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 06:27:13 GMT
server: nginx
etag: W/"626a33c1-a5a0"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 May 2022 16:04:52 GMT

GET
H2 200 hotjar-478755.js Show response
static.hotjar.com/c/ 4 KB
2 KB 130ms
28ms Script
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-478755.js?sv=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-76.fra50.r.cloudfront.net

Software

Resource Hash

7150e7676d30c0a1323ee90f76fe773054556ca3e335306dc3929edb3149ef65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 14
etag: W/fdf6419f254671bd6dc7c17d93a9eb2f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4TLC-uCbEqhbKVsxYdPgOjXR2uSIVurrzMb2ywD0Jh5tfLMPrxJMug==
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 136ms
33ms Script
application/x-javascript 2.20.157.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.165 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-165.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Wed, 25 May 2022 16:24:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
25ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF7VQJT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1806
date: Wed, 25 May 2022 15:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 17:34:46 GMT

POST
H2 200 ycrjEXSWMj Show response
api.userway.org/api/tunings/ 641 B
960 B 700ms
170ms XHR
application/json 54.69.16.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/ycrjEXSWMj
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.16.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-16-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3b741712c686178db485287c4f7f7ee1f077a6b01a7552fe699c7255ded7c28b

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 25 May 2022 16:04:52 GMT
etag: W/"281-BmYH4sDNw6iJQNREuP4wRwUGyHo"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 641
x-service-version: uw-pr

GET
H2 204 4056182.js Show response
bat.bing.com/p/action/ 0
117 B 318ms
313ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4056182.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1415E36703194B6593B4D09910EB9E39 Ref B: FRAEDGE1212 Ref C: 2022-05-25T16:04:52Z
date: Wed, 25 May 2022 16:04:52 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 56ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4056182&Ver=2&mid=2af06bf7-ad9f-4a8e-b3f2-0d25b87b115e&sid=692ab120dc4411ecaae48bfb94fbcc17&vid=692d8bf0dc4411ec992a195bcd4f5610&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=A%20Brutal%20Lesson%20in%20Valuation&p=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&r=&lt=2079&evt=pageLoad&msclkid=N&sv=1&rn=122206

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D5F91637CBD64EB0BF65A58180E20921 Ref B: FRAEDGE1212 Ref C: 2022-05-25T16:04:52Z
date: Wed, 25 May 2022 16:04:52 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 15020902.js Show response
bat.bing.com/p/action/ 0
118 B 254ms
246ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15020902.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7CA927C3B056460EAD91EEC5E10C3F83 Ref B: FRAEDGE1212 Ref C: 2022-05-25T16:04:52Z
date: Wed, 25 May 2022 16:04:52 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
120 B 80ms
47ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15020902&Ver=2&mid=93f34989-2e71-4b33-89f5-bc1c08a8c333&sid=692ab120dc4411ecaae48bfb94fbcc17&vid=692d8bf0dc4411ec992a195bcd4f5610&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=A%20Brutal%20Lesson%20in%20Valuation&p=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&r=&lt=2079&evt=pageLoad&msclkid=N&sv=1&rn=2508

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9487AEB99AB14E5F8C9D4E0A9D96692F Ref B: FRAEDGE1212 Ref C: 2022-05-25T16:04:52Z
date: Wed, 25 May 2022 16:04:52 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 15322609.js Show response
bat.bing.com/p/action/ 0
118 B 199ms
171ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15322609.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BE597CB72A764A0387DFF6CDEC02C493 Ref B: FRAEDGE1212 Ref C: 2022-05-25T16:04:52Z
date: Wed, 25 May 2022 16:04:52 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
120 B 129ms
123ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15322609&Ver=2&mid=2109bd47-9599-4eef-b107-67f357e196f7&sid=692ab120dc4411ecaae48bfb94fbcc17&vid=692d8bf0dc4411ec992a195bcd4f5610&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=A%20Brutal%20Lesson%20in%20Valuation&p=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&r=&lt=2079&evt=pageLoad&msclkid=N&sv=1&rn=558088

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F2559B10CA0B4E78A4F02AEFDE8EC38D Ref B: FRAEDGE1212 Ref C: 2022-05-25T16:04:52Z
date: Wed, 25 May 2022 16:04:52 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/780296261/ 3 KB
2 KB 108ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/780296261/?random=1653494692473&cv=9&fst=1653494692473&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a884595f9dd8d5a5901309331b9660f53684e41da937f9cc01bbe505a04926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/665056240/ 3 KB
2 KB 110ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/665056240/?random=1653494692476&cv=9&fst=1653494692476&num=1&label=H5lgCLKD4sgBEPDnj70C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a5b44a9e02eada7b38800af4d5278d2e1ef259df860ed3aea7ac57e02a909f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494692507&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D518825%26time%3D1653494692507%26url%3Dhttps%253A%252F%252Fwealthyretirement.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494692507&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494692507&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec34...

0
265 B

389ms
174ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494692507&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26utm_campaign%3D20220524_wr_nonoxf%26utm_content%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26src%3Demail%26bsft_lx%3D7%26bsft_tv%3D6&liSync=true&e_ipv6=AQJhKGi_BGZV8AAAAYD79r6l_hvUUB460g2rs5IbwMPrAY4zqB5ILfTFGZoUnFtYe1-H6zbZ6dU9gThKKe4B-LLzWwc
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:53 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 690B0D151AC64DB9BDE9476589BBB65D Ref B: FRAEDGE1212 Ref C: 2022-05-25T16:04:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXf2DvfqTYKepNVrSPv2Q==
x-li-fabric: prod-ltx1

Redirect headers

date: Wed, 25 May 2022 16:04:53 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6DBDFAA7CE6B455C887807DE3A44BA61 Ref B: FRAEDGE1211 Ref C: 2022-05-25T16:04:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=518825&time=1653494692507&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fbsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26utm_campaign%3D20220524_wr_nonoxf%26utm_content%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26bsft_mime_type%3Dhtml%26utm_medium%3Demail%26src%3Demail%26bsft_lx%3D7%26bsft_tv%3D6&liSync=true&e_ipv6=AQJhKGi_BGZV8AAAAYD79r6l_hvUUB460g2rs5IbwMPrAY4zqB5ILfTFGZoUnFtYe1-H6zbZ6dU9gThKKe4B-LLzWwc
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXf2DvYhTyxjKe09hSXJw==

GET
H3 200 172267203502730 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 96ms
25ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/172267203502730?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf437c94b6f8b4f367e0b8d54e3256f093051d0f27a7eccb092dadf0b173a88c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10520
x-xss-protection: 0
pragma: public
x-fb-debug: ni+b/0LHU6XqsBUYGPPzye4lMIZmOQkdQkd656d37EXhavwCLstmsKZPv/Pvp09pf7YdaIGhqPwxqVWrPcemew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.7a321ecb93fde9f07226.js Show response
script.hotjar.com/ 243 KB
63 KB 125ms
34ms Script
application/javascript 143.204.225.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7a321ecb93fde9f07226.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-478755.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.225.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-225-52.cdg3.r.cloudfront.net

Software

Resource Hash

ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101925
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63914
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 11:46:00 GMT
etag: "913be037dec49b596e1cf5ff932a2a6e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b3229c68bc96ea68371695efdc615316.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: CDG3-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: hmldQ_rX1_DB3T34PUofyVcEXu6ETlvoFjngCYjkuS2_naTZkJlDUw==

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 530ms
119ms Script
application/javascript 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=0040752ca591876c6ab7eb366d24329d4d
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:53 GMT
content-encoding: gzip
X-TraceId: 0c3ecd98a94c1db2cc99a4b7c2aa52d5
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 526ms
118ms Image
image/gif 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=0040752ca591876c6ab7eb366d24329d4d&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&optOut=false&bust=036224593961992735
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:53 GMT
Cache-Control: no-cache
X-TraceId: 71adb9fb27c9a3a565b18570348cffe7
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 405446.json Show response
s.yimg.com/wi/config/ 2 B
449 B 130ms
23ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/405446.json

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:00:40 GMT
x-content-type-options: nosniff
age: 252
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 6NHB97MVEXPH505A
x-amz-id-2: 8ZT9eMzIXY9gRLlyHpuRzo5RFLdF8evf/vCllEDXZdMgw+LMCnL9L/99n1G1Mt8u/PoT1kQ0A8o=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 191ms
125ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1938487643&t=pageview&_s=1&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&ul=en-us&de=UTF-8&dt=A%20Brutal%20Lesson%20in%20Valuation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=712023931&gjid=589541621&cid=962181550.1653494693&tid=UA-344672-10&_gid=1692037614.1653494693&_r=1&gtm=2wg5n0WF7VQJT&cd3=&cd5=Buyers%20of%20Rivian%20Are%20Caught%20in%20a%20Bloodbath&cd6=Jody%20Chudley&cd7=Tuesday%2C%20May%2024%2C%202022&cd8=category%3AIncome%20Opportunities%7Cpost_tag%3Aelectric%20vehicles%7Cpost_tag%3AEVs%7Cpost_tag%3Ainitial%20public%20offering%7Cpost_tag%3AIPO%7C&cd9=_bx6vlgn5t0g&cd10=b6e5bcc3-df35-44cc-b173-f8be143812eb&cd11=1653494691487&cd12=electric-vehicles%7Cevs%7Cinitial-public-offering%7Cipo%7C&z=830652905

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wealthyretirement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-4924254a9ce4dc9b959b6e4a9b662d60.html Show response
vars.hotjar.com/ Frame CBE0 2 KB
1 KB 128ms
0ms Document
text/html 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-478755.js?sv=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: /
Resource Hash: 67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3647747
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 10:49:06 GMT
etag: "1635635016e428baa170305e9282c34a"
last-modified: Wed, 13 Apr 2022 10:48:29 GMT
vary: Accept-Encoding
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-id: l2b3dwsgpfvV0MSO0sOGNUifo6wQXVAm6As4KRp_xTCh1B-cEByqvA==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4462 15 KB
6 KB 272ms
32ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=wealthyretirement.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6123
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:52 GMT
server-processing-duration-in-ticks: 2148
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 283ms
47ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2025%20May%202022%2016%3A04%3A53%20GMT&n=0&b=A%20Brutal%20Lesson%20in%20Valuation&.yp=405446&f=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:53 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 25 May 2022 16:04:53 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/780296261/ 42 B
548 B 251ms
25ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/780296261/?random=1653494692473&cv=9&fst=1653494400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&async=1&fmt=3&is_vtc=1&random=291761940&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/780296261/ 42 B
108 B 253ms
28ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/780296261/?random=1653494692473&cv=9&fst=1653494400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&async=1&fmt=3&is_vtc=1&random=291761940&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/665056240/ 42 B
108 B 253ms
29ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/665056240/?random=1653494692476&cv=9&fst=1653494400000&num=1&label=H5lgCLKD4sgBEPDnj70C&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&async=1&fmt=3&is_vtc=1&random=1808083172&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/665056240/ 42 B
548 B 250ms
27ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/665056240/?random=1653494692476&cv=9&fst=1653494400000&num=1&label=H5lgCLKD4sgBEPDnj70C&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5n0&sendb=1&frm=0&url=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D202&tiba=A%20Brutal%20Lesson%20in%20Valuation&async=1&fmt=3&is_vtc=1&random=1808083172&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 162317297901043 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 60ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/162317297901043?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e850af6dc7699719c75bc5d6ea2a272359ff8782727c342ab215a0f0de19e479

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10520
x-xss-protection: 0
pragma: public
x-fb-debug: 4A1qLO9Iq5MLEEQsoMYug5A2UB3JExNADNImKLxFbKfDeqGVBGznd/Ax/W/OLksleLZKGBC3o9F/iqSq3aFA7A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 125ms
28ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=172267203502730&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494693168&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 25 May 2022 16:04:53 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 119ms
30ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-344672-10&cid=962181550.1653494693&jid=712023931&gjid=589541621&_gid=1692037614.1653494693&_u=YEBAAAAAAAAAAC~&z=1821208267

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 16:04:53 GMT
content-type: text/plain
access-control-allow-origin: https://wealthyretirement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 GetLyticsUserData Show response
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 19 KB
20 KB 359ms
358ms XHR
application/json 108.157.4.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-114.dus51.r.cloudfront.net
Software: /
Resource Hash: 462b8889124912fffcc6336098a7f756d3df4d4015f978a6fdc8670d67bd1c8a

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 16:04:54 GMT
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amzn-requestid: 976dd1be-7385-4062-ab46-a9aa9bc7e406
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-628e53a5-37bf7b0478d4838832d07c21;Sampled=0
x-cache: Miss from cloudfront
x-amz-apigw-id: SsIB8G9NoAMFnow=
content-length: 19652
x-amz-cf-id: 3IASzrcNO9AJLd7qxkMDqEqfkzd7tqoHu6xoUYTj3_gJIFvxmHcWkw==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 0
0 321ms
297ms Preflight
application/json 108.157.4.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-114.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wealthyretirement.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 3
content-type: application/json
date: Wed, 25 May 2022 16:04:53 GMT
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-apigw-id: SsIB6EtFIAMF1IA=
x-amz-cf-id: qbH4ErsyHXGH4tBmzWzAy-2F7m88Th-IikMSDA-P9R4_ho4QWJOQ-g==
x-amz-cf-pop: DUS51-P2
x-amzn-requestid: 134edf29-935a-4700-ae4b-3facef47d0ba
x-cache: Miss from cloudfront

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
325 B 152ms
151ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?email=alan.katz%40ubs.com&_ts=1653494693360&_nmob=t&_device=desktop&url=wealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&_uid=70b5d251-00ac-4d69-9b9c-08acff390341&optimizelyid=oeu1653494692558r0.3167723171454848&_v=3.0.27&_uido=70b5d251-00ac-4d69-9b9c-08acff390341

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdTF%2BWYwfIYOiSh4usMrytPUIZ5l5Iian9CvwUL%2BJMPXroPHGaEVmd%2FLS6K%2Bt3SKHaFwmWY1Cnmqfr%2F85X5Ad24nzJS%2FrZ8SY2A6kxIY14dDauLgNKd%2F6QRzDBBWg%2F80Ez%2BHA%2FHWnVeN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 710f826a289e698b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H3 200 1420932934903352 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1420932934903352?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba84736079d69a538e14183da5837f9ea30566945ff57c5f5e151fd149feecfa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10520
x-xss-protection: 0
pragma: public
x-fb-debug: X0Bp2t/iP+zDohMEKJ5Oksec7luiUVRedpzNOre8mv5s1LwVV4gK6TSJxhgRdVvZF4Gi2Jc6ZsZx8EdIXrWBhQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 47ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=162317297901043&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494693460&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:53 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4462
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=wealthyretirement.com&sn=ChromeSyncframe&so=0&topUrl=wealthyretirement.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=0uvDrHxFUXd5enpIb2dSRlFKa1BmbXVhYnY5dVVtNzVLODZnQ0hQamMvMTh3N0NXR1R0bk5XNThtWHIvWlhCZjRzYUNLei85NHRHR1F3NlJCbVp4SjlocHh6c1NPbVB5RTE1ZkZYRUo3S2dVRFhWNTduRUlhbG1TMFc2RU...

457 B
654 B

252ms
31ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0uvDrHxFUXd5enpIb2dSRlFKa1BmbXVhYnY5dVVtNzVLODZnQ0hQamMvMTh3N0NXR1R0bk5XNThtWHIvWlhCZjRzYUNLei85NHRHR1F3NlJCbVp4SjlocHh6c1NPbVB5RTE1ZkZYRUo3S2dVRFhWNTduRUlhbG1TMFc2RUhFcW1lMWg4cE5LSzhzcXBWRVFVMTVTZWluNU94anZCcEFWL3ZyQjVNOVlwbVlYeUpkeEJjWHB1NjNDN0hZaVZwVWJ2MWxmdytnekdvSXNHV0JMMFNkci9DL2JLQ29LRjZCMEo2WFpzQ0J0YjFISmFOYW94Y3NWcDZod0xFU25DbDVYN3ZhTk1TVllSWFBRTUNJdkNOaXlvdGtTSCtKN3hWbWZhOS9EUDlEYlFNWUtDKzdvMD18&cppv=2

Requested by

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

fd4ef08b1c3a7bfa060d2913a55356d8791b686973e35e5a8a6839cb5984f438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:53 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4457
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:52 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=0uvDrHxFUXd5enpIb2dSRlFKa1BmbXVhYnY5dVVtNzVLODZnQ0hQamMvMTh3N0NXR1R0bk5XNThtWHIvWlhCZjRzYUNLei85NHRHR1F3NlJCbVp4SjlocHh6c1NPbVB5RTE1ZkZYRUo3S2dVRFhWNTduRUlhbG1TMFc2RUhFcW1lMWg4cE5LSzhzcXBWRVFVMTVTZWluNU94anZCcEFWL3ZyQjVNOVlwbVlYeUpkeEJjWHB1NjNDN0hZaVZwVWJ2MWxmdytnekdvSXNHV0JMMFNkci9DL2JLQ29LRjZCMEo2WFpzQ0J0YjFISmFOYW94Y3NWcDZod0xFU25DbDVYN3ZhTk1TVllSWFBRTUNJdkNOaXlvdGtTSCtKN3hWbWZhOS9EUDlEYlFNWUtDKzdvMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1371
content-length: 567
expires: 0

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 40ms
39ms Script
text/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f4f5fdffaf00193968ce7061b79f50ecb891aa19d6303cfca92ee57ef0d5fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 710f826a48d5698b-FRA
date: Wed, 25 May 2022 16:04:53 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 15:12:56 GMT
server: cloudflare
age: 3117
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4k3%2BstE1NHLw1xdcZjTPBV2rIMwCS6s4rLowAQoEGkDC%2BeyuQjZVVHrttLNiJd4%2BRFG579%2F1pHgkclXsDWwuxQbMiUSsF5q0Ku6TmDy9Kaln4eNbUMwvV8nmkUwUl6fKXkvtHQBHmhif"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 128ms
57ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-344672-10&cid=962181550.1653494693&jid=712023931&_u=YEBAAAAAAAAAAC~&z=1887680381

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 117ms
49ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-344672-10&cid=962181550.1653494693&jid=712023931&_u=YEBAAAAAAAAAAC~&z=1887680381

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/478755/ 147 B
322 B 377ms
44ms XHR
application/json 54.171.126.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/478755/visit-data?sv=5
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.126.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-126-73.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 25 May 2022 16:04:53 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
918 B 59ms
23ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 May 2022 16:04:53 GMT
via: 1.1 9fce949f3749407c8e6a75087e168b46.cloudfront.net (CloudFront)
x-77-nzt-ray: 5lfUogK5TEs
age: 5
x-cache: HIT
x-age: 189725
content-encoding: br
x-77-nzt: AcO1rgUZ0QD/HeUCAA
x-accel-expires: @1679224968
last-modified: Tue, 17 May 2022 16:25:51 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-cache: HIT
content-type: image/svg+xml
cache-control: max-age=25920000, public
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: tYijl26BT8pzHPAi7a2pPwBi7mVUDJi1bW_WofbdIqE1eh_-ISVRFw==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
959 B 35ms
24ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 May 2022 16:04:53 GMT
via: 1.1 36782ce80608b4ebb0112f2f4fdd01be.cloudfront.net (CloudFront)
x-77-nzt-ray: oP7WPBOhaKA
age: 5
x-77-cache: HIT
x-cache: HIT
x-age: 189725
content-encoding: br
x-77-nzt: AcO1rgUG9bH/HeUCAA
x-accel-expires: @1679224968
last-modified: Tue, 17 May 2022 16:25:51 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=25920000, public
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: d_LnBxdl3Q374O9WlQ469uadJDjYy4ag3Iqh41z9TXal2YDsWOtohA==

GET
H3 200 154661765322510 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 27ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/154661765322510?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99057633502cc1a3b43932c7ac6827806fff1f091b3e8a07e15f09cfdfd394bb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88744
x-xss-protection: 0
pragma: public
x-fb-debug: PE3WzdEy3X8u9fMSI0CKZM/6MmznZPqT0m5VuiNIl39EHu0931ELWFM8Q9z73TKD7XIqLfH7jyG5ceKAhtq9gw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 22ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1420932934903352&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494693715&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:53 GMT

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 31ms
30ms Stylesheet
text/css 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f155b4555f250e1524df719787be037245690fba6218bb64b0e111f7ccab840b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 710f826c0c49698b-FRA
date: Wed, 25 May 2022 16:04:53 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 14:55:31 GMT
server: cloudflare
age: 4162
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqznZq2uu2QsBH%2F063VBTEYzFI3aFxb63o2uq2lz1HY%2FQj%2BjED%2Fq89mJzZUrLtks5GxgWtWpZjegT81lSwl5vpf0ctFwhiV703bCZLaxAD9PVbn9O4A2P7CoKqBOWC46fGWOgWOPWWkx"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 lytics_overrides.min.css
storage.googleapis.com/lioservices/2470-oxford-club/ 602 B
1 KB 201ms
31ms Stylesheet
text/css 2a00:1450:4014:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4014:80a::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:22:35 GMT
age: 2538
x-guploader-uploadid: ADPycduX4PU_qCdB6fA4LpJhIRf-qjcKCp8qiOumON-HcRW1LH9FxfXt_ov72wS8e9hiZBJ8tp324Nfu1BzamjHXMyagRg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 602
last-modified: Thu, 04 Oct 2018 21:47:26 GMT
server: UploadServer
etag: "9df2d5ae6031369aa6e0f3685608cd8c"
x-goog-hash: crc32c=VZEimQ==, md5=nfLVrmAxNpqm4PNoVgjNjA==
x-goog-generation: 1538689646128559
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 602
accept-ranges: bytes
content-type: text/css
expires: Wed, 25 May 2022 16:22:35 GMT

GET
H3 200 261964361146571 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 36ms
32ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/261964361146571?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c5d8571bd69f7af0d24f50179fa83683c6a655145cf263792ccfeb81458b2da

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10597
x-xss-protection: 0
pragma: public
x-fb-debug: VQPwlfYbHvRuTUdFsSwEKh3/n+HSEQ/yHBKo5GQP13TOKWIeRu+q5cZBfpiAIzjgeLXZ6todacizm1O/xdXsZw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 37ms
34ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=154661765322510&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494693916&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:53 GMT

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/ 29 KB
5 KB 45ms
37ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a5ae454547b6b662283dce0b3f137e93c7471f2e5336a3494e4dc15ac400e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:53 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3249
content-encoding: br
last-modified: Wed, 25 May 2022 15:10:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab2s78F5gcYkjR0cDNsiDnMc4KMcAdrpgNa7JyFzwl0md4zdxYo4wieI4N9TZwUqUe%2FYe3hfDFKVwi5vK6CDzFO%2FGcdPDD2SUX3%2FyMDxpcePtL6pKBQivgrEcsKo%2B%2FE0Pmafs1N%2FkSSU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 710f826d6ef9698b-FRA

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=wUBTJV9mUlRjVm1BY3I4NGFLQWZGU1NsNXJKY294OWt0VXZTQkl5MkZoek5YRnBjSk52bTk3WHk1OTNZcnh...
https://widget.us.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=wUBTJV9mUlRjVm1BY3I4NGFLQWZGU1NsNXJKY294OWt0VXZTQkl5MkZoek5YRnBjSk52bTk3WHk1OTNZcnh...

9 KB
9 KB

376ms
119ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=wUBTJV9mUlRjVm1BY3I4NGFLQWZGU1NsNXJKY294OWt0VXZTQkl5MkZoek5YRnBjSk52bTk3WHk1OTNZcnh5ZEFYV0daZFIlMkZwbWRtT0dlNGpFUWpHdW1aNlJLNWNyeUhCNlM4ciUyRjN4cnBmRlJiJTJCU1NuJTJGUXFaMFZpa3d4R29TcUdPMThVSzMlMkZvclQ1VVEwZWlGSUQwNHJlazZnazVvdDVDN3FQZjU2JTJGS3pTdTdmbE0lM0Q&tld=wealthyretirement.com&ful=629&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8&dtycbr=5232

Requested by

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

24c5079e28db5d92e175e582545a2b5e42e044643628f3665851e4f0d83ac2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:54 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12901936
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:53 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=55939&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=wUBTJV9mUlRjVm1BY3I4NGFLQWZGU1NsNXJKY294OWt0VXZTQkl5MkZoek5YRnBjSk52bTk3WHk1OTNZcnh5ZEFYV0daZFIlMkZwbWRtT0dlNGpFUWpHdW1aNlJLNWNyeUhCNlM4ciUyRjN4cnBmRlJiJTJCU1NuJTJGUXFaMFZpa3d4R29TcUdPMThVSzMlMkZvclQ1VVEwZWlGSUQwNHJlazZnazVvdDVDN3FQZjU2JTJGS3pTdTdmbE0lM0Q&tld=wealthyretirement.com&ful=629&fu=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8&dtycbr=5232
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 20672431
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 380237935810224 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 65ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/380237935810224?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ca4065e16a157acfc5160a6698ce60cb2911f90210d5df131cbd528e39448e6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10520
x-xss-protection: 0
pragma: public
x-fb-debug: l35XN2SDJkyLiHVUrFDgNf5g9jBbE5gIsbKHwgtZeESmVdoVPmzxGV/QcI/u7eXI9gj5BOF0uNRiYKr10y5J4w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 51ms
38ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261964361146571&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494693990&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:54 GMT

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
455 B 146ms
142ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?pf-widget-id=7201585b3b470a5a8df9d40960e39f04&pf-widget-type=form&pf-widget-layout=modal&pf-widget-variant=1&pf-widget-event=show&_ts=1653494694043&_nmob=t&_device=desktop&url=wealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&_uid=70b5d251-00ac-4d69-9b9c-08acff390341&optimizelyid=oeu1653494692558r0.3167723171454848&_v=3.0.27&_uido=70b5d251-00ac-4d69-9b9c-08acff390341

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTbKJkO4lhB37vzjc3KfVKg7%2FWC2Ub%2Bu3eBqXR3AGx%2BDMFYDggTLDvGTjSx3b6xP9LONFZw9JRlz8cFhM7awsfdrn1BtTiUy9i0OSPa0Qx9bX%2F9JmeyR2sMxbNkKM3O%2FU6kKQP6goXwQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 710f826ec99d698b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H2 200 v2 Show response
e-10348.adzerk.net/api/ 8 KB
3 KB 522ms
274ms XHR
application/json 3.223.156.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://e-10348.adzerk.net/api/v2
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.156.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-156-232.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: 9a6c04db2fbee1e318276e445f8076f8f522a1d5f7a5ad0d2d2773f71fa30e0a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:54 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"1eea-XR7jHe6XZU8bxTRGwGuyqrUZgYE"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wealthyretirement.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
x-served-by: bifrost-production-shard001-us-east-1b-i-0443fe14238303653

GET
H2 200 vusn89uzxr Show response
fast.wistia.net/embed/iframe/ Frame 9A73 8 KB
3 KB 148ms
27ms Document
text/html 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d9c3b4e6294be01504727852c68ea03d3864aa1cbbcfa5c2292ebcdd4f0850a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 83552
cache-control: public, no-cache
content-encoding: br
content-length: 2917
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 16:04:54 GMT
etag: W/"d9c3b4e6294be01504727852c68ea03d"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-browser-version: 101
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-content-type-options: nosniff
x-download-options: noopen
x-ecma-v: modern
x-permitted-cross-domain-policies: none
x-request-id: 5c5a8205074d779acd9214afe03886ee
x-runtime: 0.077101
x-served-by: cache-iad-kcgs7200100-IAD, cache-hhn4035-HHN
x-timer: S1653494694.334341,VS0,VE1

GET
H3 200 668246423725853 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 24ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/668246423725853?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76f9c920313d573b70eefe995e902a4f5fe38098666555067056960664a672dc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88785
x-xss-protection: 0
pragma: public
x-fb-debug: bdGSufqyYdARkZ3Z1Fs+0GdP0YTIf7rfmmlrJk4miP43IMKdgUZ3oa1GAZS+9iXdrMB0rLAx92ar6I2MoA6Zqg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
19ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=380237935810224&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494694262&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:54 GMT

GET
H3 200 231043257988858 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 24ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/231043257988858?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3febc917267518688440906bbbbbb3a9b32e21497d21494daaefbeb5222e4a23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10565
x-xss-protection: 0
pragma: public
x-fb-debug: /pvha+XoiHnkBU8z+dUNKEcXij6Eilq8FuP8I6o9oboc1y/NNWj4rcUVzByjTmhrcHPTXJcy2B/0rLUewhDALA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 21ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=668246423725853&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494694358&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:54 GMT

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 9A73 45 KB
12 KB 22ms
22ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0a13b8882d2d4d3cffc50f0c95dff5efddb0ccf063d81178334653e77978ab8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:54 GMT
content-encoding: br
vary: Accept-Encoding
age: 575
x-cache: HIT, HIT
content-length: 12070
x-served-by: cache-iad-kiad7000095-IAD, cache-hhn4035-HHN
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494694.386982,VS0,VE0
etag: "628d4087-2f26"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 15

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame 9A73 602 KB
111 KB 25ms
17ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

29f4170b29c87ec1c550d9fb550d79a4969ad85243d7829f8c608eda5813221d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:54 GMT
content-encoding: br
vary: Accept-Encoding
age: 575
x-cache: HIT, HIT
content-length: 113695
x-served-by: cache-iad-kcgs7200102-IAD, cache-hhn4035-HHN
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494694.394858,VS0,VE0
etag: "628d4087-1bc1f"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 34

GET
H3 200 336157786980095 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/336157786980095?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f023322a1b4270e46c6c60927e78a4da3e7d76469c35d0d5357a413a4635ee6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10520
x-xss-protection: 0
pragma: public
x-fb-debug: uVz/EcRZkwQqrSHS1PBfqYZ9tO7npOI9qwFfLXeAVRFEQA4k3k5XZM8l/k+T6XceYDqzfKCX3GY5obMhyKu6dg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 27ms
25ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=231043257988858&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494694399&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:54 GMT

GET
H3 200 2337243036594698 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2337243036594698?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14ff520fea7566ada0ac63f9fb35a124c665f40bade753efd74910b459cec16e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10698
x-xss-protection: 0
pragma: public
x-fb-debug: xow/1EswQVwtLdHKZagwv+SNCf5MbQ+fGJyHAEmgYn2HucZH7bKmQOAr2sQDxSToADdA5AFDe3V6kb7rWsYtyg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 16:04:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 31ms
31ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=336157786980095&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494694509&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:54 GMT

GET
H2 200 wistia-mux.js Show response
fast.wistia.net/assets/external/ Frame 9A73 128 KB
32 KB 49ms
22ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

634fa75dd2959d7a115a567fb9db372e47934d19fb867fd05502cab7793cb06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:54 GMT
content-encoding: br
vary: Accept-Encoding
age: 576
x-cache: HIT, HIT
content-length: 32732
x-served-by: cache-iad-kcgs7200146-IAD, cache-hhn4035-HHN
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494695.752236,VS0,VE0
etag: "628d4087-7fdc"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 19

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2337243036594698&ev=PageView&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494694752&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:55 GMT

GET
H2 200 i.gif Show response
e-10348.adzerk.net/ 43 B
512 B 112ms
111ms XHR
image/gif 3.223.156.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://e-10348.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjozNjgzLCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA4NTEwLCJkaSI6IjA2MTYzZTI2YTYxMTQzM2ZiNDlmMDA4OWFhZGNlZjYzIiwiZGoiOjAsImlpIjoiYzI1MzNjNjcxNmYzNDJmN2JjZmE2MWE1NGQyMmI2MmQiLCJkbSI6MywiZmMiOjE3MDA0NDgyMCwiZmwiOjE2MTkxMzE2OCwiaXAiOiIyMTcuMTE0LjIxNS4xMzMiLCJudyI6MTAzNDgsInBjIjo1MCwib3AiOjUwLCJlYyI6MTIuMDU0LCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wNDQzZmUxNDIzODMwMzY1MyIsInNwIjo1OTM2NjgsInN0IjoxMTI4MDcyLCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtOTk1NTg4NzNkMWY3NGUyNjk1MDY1YzlhYmIxNmNiN2EiLCJ6biI6MjUzNDIzLCJ0cyI6MTY1MzQ5NDY5NDY2OCwicG4iOiJhcUlZek9XeGpsamFIQldxeHhWaSIsImdjIjpmYWxzZSwiZ0MiOmZhbHNlLCJnaSI6dHJ1ZSwiZ3MiOiJub25lIiwicnIiOjEsImJpIjoxLCJ0eiI6IlVUQyIsImZxIjowfQ&s=qJc3MJn07V1HwIaxtq0dYEAW5nU
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.156.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-156-232.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept: */*
Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://wealthyretirement.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1e-i-05ca573c36fe23a36

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
27ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1938487643&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&ul=en-us&de=UTF-8&dt=A%20Brutal%20Lesson%20in%20Valuation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adzerk&ea=Success&el=image&_u=aEDAAAABAAAAAC~&jid=1700080754&gjid=600619624&cid=962181550.1653494693&tid=UA-344672-10&_gid=1692037614.1653494693&_r=1&gtm=2wg5n0WF7VQJT&z=1570487684

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wealthyretirement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.gif Show response
e-10348.adzerk.net/ 43 B
512 B 121ms
110ms XHR
image/gif 3.223.156.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://e-10348.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo4MzI5NzAsImF0IjoxMDI5LCJidCI6MCwiY20iOjYyMTE5NDQ1LCJjaCI6NDIxODEsImNrIjp7fSwiY3IiOjc4MDA3MTQzLCJkaSI6IjliYmExZWEwODc5ZjRkZjZhYzcwZDI4MWJjYjE1MDZkIiwiZGoiOjAsImlpIjoiMmZmNzlkZmE1NmE0NDkyM2E0NDMzOGI3YTY2NWVmYjgiLCJkbSI6MywiZmMiOjE3MDAzMzQ5NCwiZmwiOjE2MTg5NjU2MiwiaXAiOiIyMTcuMTE0LjIxNS4xMzMiLCJudyI6MTAzNDgsInBjIjo1MCwib3AiOjUwLCJlYyI6MjkuMTI0LCJnbSI6MCwiZXAiOm51bGwsInByIjoxNzU5ODksInJ0Ijo1LCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wNDQzZmUxNDIzODMwMzY1MyIsInNwIjo1OTM2NjgsInN0IjoxMTI4MDcyLCJ0ciI6dHJ1ZSwidWsiOiJ1ZTEtOTk1NTg4NzNkMWY3NGUyNjk1MDY1YzlhYmIxNmNiN2EiLCJ6biI6MjUzNDE2LCJ0cyI6MTY1MzQ5NDY5NDY3MCwicG4iOiJ2cHZPeXhKd1JmdFR0WUpIaEN2QyIsImdjIjpmYWxzZSwiZ0MiOmZhbHNlLCJnaSI6dHJ1ZSwiZ3MiOiJub25lIiwiYmkiOjEsInR6IjoiVVRDIiwiYmEiOjUsImZxIjowfQ&s=KKRRVxlloJMNfnv4jzlXJkC1bK8
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.156.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-156-232.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept: */*
Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://wealthyretirement.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1e-i-05ca573c36fe23a36

GET
H2 200 62e1021587ca4d2497ff6d10c9e5df5b.jpg
s.zkcdn.net/Advertisers/ 26 KB
26 KB 209ms
20ms Image
image/jpeg 143.204.98.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zkcdn.net/Advertisers/62e1021587ca4d2497ff6d10c9e5df5b.jpg
Requested by: Host: wealthyretirement.com
URL: https://wealthyretirement.com/webview/buyers-of-rivian-are-caught-in-a-bloodbath/?src=email&bsft_aaid=ba611593-2123-403a-9286-2afa6fa671c2&bsft_eid=97633ca0-dbd1-4e89-8008-abc922a44b56&utm_campaign=20220524_wr_nonoxf&utm_source=wealthre&utm_medium=email&utm_content=20220524_wr_nonoxf&bsft_clkid=158d472b-df7c-47bf-9251-4af5fc1779f0&bsft_uid=5ebec341-8e79-4078-ad86-82f483c1ad30&bsft_mid=1b5c0329-9905-4c08-94ad-35d3ba07586c&bsft_utid=5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE&bsft_mime_type=html&bsft_ek=2022-05-24T20%3A30%3A42Z&bsft_lx=7&bsft_tv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-118.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7387652e29ef06dda63deea87108e29e38f91b02ac452db4304264fc2cecd9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:55:16 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
last-modified: Thu, 17 Mar 2022 19:16:05 GMT
server: AmazonS3
age: 76180
etag: "b85258042e264073ab1876f63c84db6e"
x-cache: Hit from cloudfront
x-amz-version-id: fs0Y_01lM8yqzhAzH2_7ITYDR0MMFXBA
cache-control: max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 26505
x-amz-cf-id: jtRdPHCBO-L76U9EarBflGvZw5WvumrDpDgWzn9Qe6xGf4c_iZOnvA==
expires: Wed, 17 Mar 2032 19:16:04 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
23ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1938487643&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&ul=en-us&de=UTF-8&dt=A%20Brutal%20Lesson%20in%20Valuation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adzerk&ea=Success&el=basic_html&_u=aEDAAAABAAAAAC~&jid=&gjid=&cid=962181550.1653494693&tid=UA-344672-10&_gid=1692037614.1653494693&gtm=2wg5n0WF7VQJT&z=1767528710

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 04:25:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41970
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 captions.js Show response
fast.wistia.net/assets/external/ Frame 9A73 144 KB
31 KB 27ms
26ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/captions.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7fb68a0b1a6c3d4c413a6183ffeb1bcede894171ddfb9a5fa0b2c768253badaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
content-encoding: br
vary: Accept-Encoding
age: 576
x-cache: HIT, HIT
content-length: 31425
x-served-by: cache-iad-kiad7000073-IAD, cache-hhn4035-HHN
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494695.221462,VS0,VE0
etag: "628d4087-7ac1"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 7

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F915 0
15 B 96ms
44ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7F4D 0
15 B 59ms
34ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B967 0
15 B 59ms
33ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6ACE 0
15 B 49ms
25ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E01E 0
15 B 53ms
29ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5372 0
15 B 54ms
29ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 90DA 0
15 B 54ms
29ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F14D 0
15 B 54ms
28ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8DFA 0
15 B 54ms
28ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4F7C 0
15 B 56ms
29ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wealthyretirement.com
Referer: https://wealthyretirement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wealthyretirement.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 16:04:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 portrait
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/ 35 B
338 B 187ms
135ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait?adzerk_uid=ue1-99558873d1f74e2695065c9abb16cb7a&_ts=1653494695108&_nmob=t&_device=desktop&url=wealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&_uid=70b5d251-00ac-4d69-9b9c-08acff390341&optimizelyid=oeu1653494692558r0.3167723171454848&_v=3.0.27&_uido=70b5d251-00ac-4d69-9b9c-08acff390341

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXPbP1O3AtHLz665yb%2BJQ%2FThtawz13FhdBsWwV2h2aFZUTINOe9%2BxzI5nkxlpLMdKb22Y6YYZ127x7Xiyw6OW1w07X%2BotALYUnQOEFj1vES0ln4O3hBekNaWxtZIYbbQ6Z%2FmfGuqWYCk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 710f827609a4698b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 88ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-344672-10&cid=962181550.1653494693&jid=1700080754&gjid=600619624&_gid=1692037614.1653494693&_u=aEDAAAABAAAAAC~&z=40438666

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 16:04:55 GMT
content-type: text/plain
access-control-allow-origin: https://wealthyretirement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 9A73 58 KB
16 KB 28ms
23ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0e7c8895f8f743ec014f264c9090b8797cf7798bd4de1df1d9f06eced941f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
content-encoding: br
vary: Accept-Encoding
age: 576
x-cache: HIT, HIT
content-length: 15815
x-served-by: cache-iad-kjyo7100035-IAD, cache-hhn4035-HHN
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494695.484534,VS0,VE0
etag: "628d4087-3dc7"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 17

GET
H2 200 vusn89uzxr.json Show response
fast.wistia.net/embed/captions/ Frame 9A73 1 KB
1 KB 114ms
108ms Script
text/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/captions/vusn89uzxr.json?callback=wistiajson1

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/captions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

52ada88a3283f8f7e92824680aa1193016922892c8d46b728e9edc225b3e3996

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 16
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 731
x-request-id: 0f87d7de44ac9a56de03d1c54a9941f0
x-served-by: cache-iad-kiad7000029-IAD, cache-hhn4035-HHN
x-runtime: 0.012766
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1653494695.487550,VS0,VE90
etag: W/"52ada88a3283f8f7e92824680aa11930"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 101
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=154661765322510&ev=Microdata&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494695607&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22A%20Brutal%20Lesson%20in%20Valuation%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=2&o=30&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:55 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 45ms
44ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-344672-10&cid=962181550.1653494693&jid=1700080754&_u=aEDAAAABAAAAAC~&z=347245930

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-344672-10&cid=962181550.1653494693&jid=1700080754&_u=aEDAAAABAAAAAC~&z=347245930

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame 9A73 415 KB
97 KB 20ms
20ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1bad1d265b00ba31bf8d294835b87b346f81c15db195b07cdf4f2cdeab9c93c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
content-encoding: br
vary: Accept-Encoding
age: 577
x-cache: HIT, HIT
content-length: 99059
x-served-by: cache-iad-kjyo7100123-IAD, cache-hhn4035-HHN
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494696.703294,VS0,VE0
etag: "628d4087-182f3"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 12

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4AEC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tc4rTJI_HhgNKmbLESu3t9vcnQQd3MtWr1Yqiw&google_cm&google_hm=ay10YzRyVEpJX0hoZ05LbWJMRVN1M3Q5dmNuUVFkM010V...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tc4rTJI_HhgNKmbLESu3t9vcnQQd3MtWr1Yqiw&google_gid=CAESEJBhh1ZRGGRBAisznHn2j5A&google_cver=1&google_ula=913071,0

43 B
370 B

122ms
33ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tc4rTJI_HhgNKmbLESu3t9vcnQQd3MtWr1Yqiw&google_gid=CAESEJBhh1ZRGGRBAisznHn2j5A&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 923808
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tc4rTJI_HhgNKmbLESu3t9vcnQQd3MtWr1Yqiw&google_gid=CAESEJBhh1ZRGGRBAisznHn2j5A&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame 4AEC
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=N72YpFSNjhtXo9pj1XEiEur8y3UIAkBB

0
42 B

30ms
29ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=N72YpFSNjhtXo9pj1XEiEur8y3UIAkBB
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=N72YpFSNjhtXo9pj1XEiEur8y3UIAkBB
date: Wed, 25 May 2022 16:04:55 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3156
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame 4AEC 0
232 B 223ms
47ms Image
text/html 3.251.15.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-tc4rTJI_HhgNKmbLESu3t9vcnQQd3MtWr1Yqiw&custom=&tag_format=img&tag_action=sync&custom=&cb=a204c3ff-d86c-47c8-a55d-f932201ade5d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.15.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-15-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 451 362338.gif
idsync.rlcdn.com/ Frame 4AEC 0
98 B 123ms
32ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-tc4rTJI_HhgNKmbLESu3t9vcnQQd3MtWr1Yqiw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 aacxc.php
c.aaxads.com/ Frame 4AEC 234 B
234 B 111ms
20ms Image
text/html 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/aacxc.php?fv=3&wbsh=crx&ryvlg=k-tc4rTJI_HhgNKmbLESu3t9vcnQQd3MtWr1Yqiw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=604800
cache-control: max-age=1898230
server: Apache
date: Wed, 25 May 2022 16:04:55 GMT
content-length: 234
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 4AEC 43 B
292 B 69ms
63ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 25 May 2022 16:04:55 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 4AEC 0
47 B 39ms
33ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 4AEC 0
398 B 116ms
24ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y9Y_85I_HhgNKmbLESu3t9vcnQSnyCkvZLHs3A

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 4AEC 0
476 B 426ms
101ms Image
text/plain 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-gLgCGZI_HhgNKmbLESu3t9vcnQTefRPLPib6ag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:56 GMT
Cache-Control: no-cache
X-TraceId: db848e1758da06df5f457a12edb152e4
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 4AEC 0
428 B 566ms
198ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-W-z545I_HhgNKmbLESu3t9vcnQT4M2043a7Gcw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:56 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 25 May 2022 16:04:56 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 4AEC 0
239 B 125ms
20ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-W-z545I_HhgNKmbLESu3t9vcnQT4M2043a7Gcw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 4AEC
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-7rVXNpI_HhgNKmbLESu3t9vcnQQ4pTSjf22fcA&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-7rVXNpI_HhgNKmbLESu3t9vcnQQ4pTSjf22fcA%26seg%3D95287

43 B
1 KB

80ms
78ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-7rVXNpI_HhgNKmbLESu3t9vcnQQ4pTSjf22fcA%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:55 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 58248df2-294d-4583-be2b-c995cf69175e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:55 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 77987afc-7c81-469e-b18f-7fd07c1878fd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-7rVXNpI_HhgNKmbLESu3t9vcnQQ4pTSjf22fcA%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4AEC
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8470024256000949395

43 B
370 B

36ms
34ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8470024256000949395

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2053145
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:55 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5d6b82c9-9ce7-4abb-9ccf-4ea685980b59
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8470024256000949395
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 4AEC 42 B
581 B 217ms
25ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-JZrvtpI_HhgNKmbLESu3t9vcnQSil3_QjnCEuA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 xuid
eb2.3lift.com/ Frame 4AEC 37 B
140 B 125ms
22ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-fhPxLpI_HhgNKmbLESu3t9vcnQQyk5Xc6Pv1-Q&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame 4AEC 45 B
785 B 161ms
106ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Z6llY5I_HhgNKmbLESu3t9vcnQSpOSzHOAWj4Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Wed, 25 May 2022 16:04:56 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 25 May 2022 16:04:56 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 4AEC
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-01SfY5I_HhgNKmbLESu3t9vcnQRjB4Jaw_QtAA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-01SfY5I_HhgNKmbLESu3t9vcnQRjB4Jaw_QtAA&C=1

43 B
1 KB

73ms
71ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-01SfY5I_HhgNKmbLESu3t9vcnQRjB4Jaw_QtAA&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 16:04:56 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-01SfY5I_HhgNKmbLESu3t9vcnQRjB4Jaw_QtAA&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Wed, 25 May 2022 16:04:56 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 4AEC 0
240 B 99ms
48ms Image
text/plain 2600:9000:2156:ea00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2wUmDpI_HhgNKmbLESu3t9vcnQRosP74N9CfMg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oxLr32FLRBlK4n2dDbXkij648kLW8eqS-j3OOOzdawxJ1IqO9lgNyA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 4AEC
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-zyYm0pI_HhgNKmbLESu3t9vcnQTMTGQsXsHiMQ&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-zyYm0pI_HhgNKmbLESu3t9vcnQTMTGQsXsHiMQ&expires=30&user_group=5

43 B
495 B

23ms
22ms

Image
image/gif

3.122.58.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-zyYm0pI_HhgNKmbLESu3t9vcnQTMTGQsXsHiMQ&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 3.122.58.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-58-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-zyYm0pI_HhgNKmbLESu3t9vcnQTMTGQsXsHiMQ&expires=30&user_group=5
Date: Wed, 25 May 2022 16:04:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 4AEC 35 B
337 B 142ms
45ms Image
image/gif 54.229.101.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-nCl2uZI_HhgNKmbLESu3t9vcnQQdDjb1ScDmwg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.101.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-101-204.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 4AEC 23 B
172 B 150ms
45ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k--4j-PpI_HhgNKmbLESu3t9vcnQQAHWUvd5hmKg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:56 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 25 May 2022 16:04:56 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4AEC 0
99 B 167ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Dh0ydpI_HhgNKmbLESu3t9vcnQTVJOmboG7nTw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25608

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 4AEC 43 B
163 B 116ms
30ms Image
image/gif 185.86.139.57
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-HIVm7ZI_HhgNKmbLESu3t9vcnQQJJOMQhOxinQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 4AEC 68 B
262 B 103ms
18ms Image
image/png 52.28.128.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-vapNE5I_HhgNKmbLESu3t9vcnQThZBeonCR_cQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.128.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-128-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 4AEC
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-zPDAqZI_HhgNKmbLESu3t9vcnQQtXihv9FiuQQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-zPDAqZI_HhgNKmbLESu3t9vcnQQtXihv9FiuQQ

43 B
446 B

45ms
44ms

Image
image/gif

54.155.65.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-zPDAqZI_HhgNKmbLESu3t9vcnQQtXihv9FiuQQ
Protocol: H2
Server: 54.155.65.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-65-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 16:04:56 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-zPDAqZI_HhgNKmbLESu3t9vcnQQtXihv9FiuQQ
date: Wed, 25 May 2022 16:04:56 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 4AEC
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-WxmEVJI_HhgNKmbLESu3t9vcnQR-hlJDlN8XLw
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-WxmEVJI_HhgNKmbLESu3t9vcnQR-hlJDlN8XLw&_li_chk=true&previous_uuid=21887cd16c004407a76c4a445e87a4fa
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-WxmEVJI_HhgNKmbLESu3t9vcnQR-hlJDlN8XLw

43 B
419 B

497ms
108ms

Image
image/gif

2600:1f18:444a:4602:66c0:1498:bf97:ef60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-WxmEVJI_HhgNKmbLESu3t9vcnQR-hlJDlN8XLw

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:66c0:1498:bf97:ef60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:57 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-WxmEVJI_HhgNKmbLESu3t9vcnQR-hlJDlN8XLw
Date: Wed, 25 May 2022 16:04:56 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 4AEC 43 B
428 B 533ms
170ms Image
image/gif 52.9.57.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-3ZjKJZI_HhgNKmbLESu3t9vcnQRr6N-iK3PTcw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.57.1 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-57-1.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:56 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 4AEC 43 B
183 B 337ms
108ms Image
image/gif 2600:1f18:612b:4264:35be:ace0:b22e:18d9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-ZPakqZI_HhgNKmbLESu3t9vcnQTb1MzvcUrgng
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:35be:ace0:b22e:18d9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 vusn89uzxr.m3u8 Show response
fast.wistia.com/embed/medias/ Frame 9A73 1 KB
2 KB 173ms
118ms XHR
application/x-mpegurl 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/vusn89uzxr.m3u8

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aee924d2e41f5f1e234067817e237dece3306e48aa08cd6230bd1806d0863980

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 1123
x-request-id: 9e90f6b782e42885262b9a0c91139dc6
x-served-by: cache-iad-kcgs7200150-IAD, cache-hhn4033-HHN
x-runtime: 0.037144
referrer-policy: strict-origin-when-cross-origin
x-timer: S1653494696.908995,VS0,VE94
etag: W/"aee924d2e41f5f1e234067817e237dec"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 101
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame 9A73 1 KB
1 KB 20ms
19ms Image
image/gif 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 576
x-cache: HIT, HIT
x-cache-hits: 1, 23
content-length: 1214
x-served-by: cache-iad-kcgs7200151-IAD, cache-hhn4035-HHN
x-browser-version: 101
last-modified: Wed, 25 May 2022 15:53:09 GMT
x-timer: S1653494696.855102,VS0,VE0
etag: "628e50e5-4be"
strict-transport-security: max-age=0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vusn89uzxr.vtt
fast.wistia.net/embed/captions/ Frame 9A73 1 KB
2 KB 114ms
112ms TextTrack
text/vtt 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/captions/vusn89uzxr.vtt?language=eng

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9b70d6dc0d9eebb8a7a0bb4bcaf40f7f5ce562403293c4505110c3b817a31d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:55 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 16
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 1223
x-request-id: f16d98bd7064284cf6a1caa43a5af69d
x-served-by: cache-iad-kjyo7100035-IAD, cache-hhn4035-HHN
x-runtime: 0.010440
referrer-policy: strict-origin-when-cross-origin
x-timer: S1653494696.871152,VS0,VE91
etag: W/"9b70d6dc0d9eebb8a7a0bb4bcaf40f7f"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/vtt; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 101
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 4AEC
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/PN20c95jpt2dKtY_uVycYgF-NrAoT2ch/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4140357701486752859

43 B
370 B

52ms
51ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4140357701486752859

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2372780
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4140357701486752859
pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4AEC
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8470024256000949395

43 B
370 B

34ms
34ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8470024256000949395

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 16:04:55 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1599942
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 16:04:56 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9abe2aef-d67c-412c-a281-12cbd181f5c1
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8470024256000949395
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK v2 Show response
embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/ Frame 9A73 1 KB
2 KB 92ms
23ms XHR
application/vnd.apple.mpegurl 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1dd4213778e92d448fe07cf0d91d1e8caced383c1d7b8de3d01e28b82d2dc020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:56 GMT
Access-Control-Request-Method: *
surrogate-key: c01aac15f58fa447d2f90d0db957e2b0fe103cd1-hls-segment purge-experiment-d1
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31531658
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1231
Expires: Thu, 25 May 2023 14:52:34 GMT

GET
H/1.1 200
OK v2 Show response
embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/ Frame 9A73 1 KB
2 KB 99ms
22ms XHR
application/vnd.apple.mpegurl 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1dd4213778e92d448fe07cf0d91d1e8caced383c1d7b8de3d01e28b82d2dc020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:04:56 GMT
Access-Control-Request-Method: *
surrogate-key: c01aac15f58fa447d2f90d0db957e2b0fe103cd1-hls-segment purge-experiment-d1
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31531593
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1231
Expires: Thu, 25 May 2023 14:51:29 GMT

POST
H2 204 x Show response
distillery.wistia.com/ Frame 9A73 0
96 B 341ms
110ms XHR
text/plain 18.205.143.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-143-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 16:04:56 GMT
cache-control: max-age=0, private, must-revalidate

GET
H3-Q050 200 seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2/ Frame 9A73 379 KB
380 KB 166ms
53ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 99062d7c1575e18ee54fc893bd3f8fca32fd2fc6e3199d9b83fa9be7a00e3a9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
access-control-request-method: *
surrogate-key: c01aac15f58fa447d2f90d0db957e2b0fe103cd1-hls-segment purge-experiment-d1
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31331973
expires: Tue, 23 May 2023 07:24:29 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 388408
quic-version: Q050

GET
H3-Q050 200 seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2/ Frame 9A73 379 KB
379 KB 164ms
57ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/c01aac15f58fa447d2f90d0db957e2b0fe103cd1.m3u8/v2/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 99062d7c1575e18ee54fc893bd3f8fca32fd2fc6e3199d9b83fa9be7a00e3a9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
access-control-request-method: *
surrogate-key: c01aac15f58fa447d2f90d0db957e2b0fe103cd1-hls-segment purge-experiment-d1
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31331973
expires: Tue, 23 May 2023 07:24:29 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 388408
quic-version: Q050

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 21ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=668246423725853&ev=Microdata&dl=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6&rl=&if=false&ts=1653494696242&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22A%20Brutal%20Lesson%20in%20Valuation%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=2&o=30&fbp=fb.1.1653494693053.1561952641&it=1653494692727&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wealthyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 16:04:56 GMT

GET
H3-Q050 200 v2 Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/ Frame 9A73 1 KB
1 KB 57ms
56ms XHR
application/vnd.apple.mpegurl 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4a8192adab342bc70a40ed0b25bc563deb361afd2fdbdb2dedc1ce26bb0c4aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30941800
expires: Thu, 18 May 2023 19:01:36 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1231
quic-version: Q050

GET
BLOB 200
OK 64b0a37d-2307-44c5-8bfb-fb7e76c55846
https://fast.wistia.net/ Frame 9A73 86 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fast.wistia.net/64b0a37d-2307-44c5-8bfb-fb7e76c55846
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e76eaa2ca64511cf4b805040f38f1c9181b19a5463a6f00ccd931483b388ae07

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length: 88294
Content-Type: text/javascript

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 9A73 2 B
136 B 334ms
107ms XHR
text/plain 52.54.116.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.116.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-116-217.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 16:04:56 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H3-Q050 200 seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 614 KB
614 KB 65ms
55ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f27782c652bc608717ddc8d7989a6654abe0bd23d4826298feb66eddb53d015e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30514433
expires: Sat, 13 May 2023 20:18:49 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 629048
quic-version: Q050

GET
H3-Q050 200 seg-2-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 247 KB
247 KB 35ms
28ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f1e7f4aec0ef790fc7568dd497d278a2cb6488d8961792f7d6421b83b83ccf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31379309
expires: Tue, 23 May 2023 20:33:25 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 253048
quic-version: Q050

GET
DATA 200
OK truncated
/ Frame 9A73 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 interFontFace.js Show response
fast.wistia.net/assets/external/ Frame 9A73 39 KB
16 KB 47ms
37ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/interFontFace.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

780cbfb3b7c4ce8e8a4b456166d0d713c73007acee33acd0cc8e6481110c229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
content-encoding: br
vary: Accept-Encoding
age: 577
x-cache: HIT, HIT
content-length: 16491
x-served-by: cache-iad-kiad7000068-IAD, cache-hhn4035-HHN
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494697.700657,VS0,VE0
etag: "628d4087-406b"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 4

GET
H3-Q050 200 seg-3-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 224 KB
224 KB 39ms
35ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65a20c69e67c35a92602f8caefd13afeee999ee6267c87a78e212ef431d51b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30613470
expires: Sun, 14 May 2023 23:49:26 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 228984
quic-version: Q050

GET
H2 200 allIntegrations.js Show response
fast.wistia.net/assets/external/ Frame 9A73 25 KB
7 KB 41ms
37ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bbebd127ca8ad09b1db472eb7d740de3927601e3acc0dc78723168c48636369a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/vusn89uzxr?silentAutoPlay=true&autoPlay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
content-encoding: br
vary: Accept-Encoding
age: 577
x-cache: HIT, HIT
content-length: 7139
x-served-by: cache-iad-kcgs7200144-IAD, cache-hhn4035-HHN
access-control-allow-origin: *
x-browser-version: 101
last-modified: Tue, 24 May 2022 20:31:03 GMT
x-timer: S1653494697.700627,VS0,VE0
etag: "628d4087-1be3"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 11

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
233 B 196ms
194ms XHR
image/gif 54.188.140.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1653494697&e=pageload&r=&z=132003&x=d02bedf323815b3e88b644f5e9687371&k=f609b3e8-b2ae-9ed3-c158-1ea96167ab0a&u=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.188.140.173 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-188-140-173.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://wealthyretirement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-Api-Key: d02bedf323815b3e88b644f5e9687371

Response headers

access-control-allow-origin: https://wealthyretirement.com
date: Wed, 25 May 2022 16:04:57 GMT
content-type: image/gif
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: etag

OPTIONS
H2 200 unity.gif
api.getblueshift.com/ Frame 0
0 576ms
190ms Preflight 54.188.140.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1653494697&e=pageload&r=&z=132003&x=d02bedf323815b3e88b644f5e9687371&k=f609b3e8-b2ae-9ed3-c158-1ea96167ab0a&u=https%3A%2F%2Fwealthyretirement.com%2Fwebview%2Fbuyers-of-rivian-are-caught-in-a-bloodbath%2F%3Fsrc%3Demail%26bsft_aaid%3Dba611593-2123-403a-9286-2afa6fa671c2%26bsft_eid%3D97633ca0-dbd1-4e89-8008-abc922a44b56%26utm_campaign%3D20220524_wr_nonoxf%26utm_source%3Dwealthre%26utm_medium%3Demail%26utm_content%3D20220524_wr_nonoxf%26bsft_clkid%3D158d472b-df7c-47bf-9251-4af5fc1779f0%26bsft_uid%3D5ebec341-8e79-4078-ad86-82f483c1ad30%26bsft_mid%3D1b5c0329-9905-4c08-94ad-35d3ba07586c%26bsft_utid%3D5ebec341-8e79-4078-ad86-82f483c1ad30-WEALTHRE%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-05-24T20%253A30%253A42Z%26bsft_lx%3D7%26bsft_tv%3D6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.188.140.173 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-188-140-173.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://wealthyretirement.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: x-api-key, if-none-match, x-requested-with, if-modified-since, content-type
access-control-allow-methods: POST, GET, PUT, HEAD, OPTIONS, DELETE, PATCH
access-control-allow-origin: https://wealthyretirement.com
access-control-max-age: 86400
content-length: 0
date: Wed, 25 May 2022 16:04:57 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3-Q050 200 seg-4-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 294 KB
294 KB 30ms
30ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-4-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c85d1db883c4b08296fcd7e9f258fcd647d725aca193a2dc51a4f1753ecda00c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30514529
expires: Sat, 13 May 2023 20:20:25 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 301176
quic-version: Q050

GET
H3-Q050 200 seg-5-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 294 KB
294 KB 39ms
39ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-5-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0f2ffc2a01a717d97125724a3347b0b35eb3ef050b9c3c1b7906ad80d8a4ba61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30469523
expires: Sat, 13 May 2023 07:50:19 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 301176
quic-version: Q050

GET
H3-Q050 200 seg-6-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 350 KB
350 KB 27ms
26ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-6-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 45e16c099f70d0a28b59ef206ca26fc1770ca1dc75b9139ffb03fbccf1eb4a9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:56 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31535962
expires: Thu, 25 May 2023 16:04:18 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 358328
quic-version: Q050

POST
H2 204 x Show response
distillery.wistia.com/ Frame 9A73 0
95 B 113ms
111ms XHR
text/plain 18.205.143.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-143-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 16:04:57 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 9A73 2 B
135 B 115ms
111ms XHR
text/plain 52.54.116.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.116.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-116-217.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 16:04:57 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H3-Q050 200 seg-7-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 467 KB
468 KB 31ms
27ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-7-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55aecb1f1ef9bc1194c8c9226a1ebffe6b1e5dc0906e02e9da110930bb684e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:57 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30339753
expires: Thu, 11 May 2023 19:47:30 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 478648
quic-version: Q050

GET
H3-Q050 200 seg-8-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 203 KB
203 KB 28ms
23ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-8-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 937bec9cb281be602f0cee942df7c076b247a2139d171cf6bba92de6e2dea48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:57 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31379306
expires: Tue, 23 May 2023 20:33:23 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 207928
quic-version: Q050

GET
H3-Q050 200 seg-9-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 456 KB
456 KB 79ms
78ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-9-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88a9252da7c1ef7ef3071dc8bb05a9153d322558b8194721a258494a781501ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:57 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31188406
expires: Sun, 21 May 2023 15:31:43 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 466616
quic-version: Q050

GET
H3-Q050 200 seg-10-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 185 KB
185 KB 33ms
33ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-10-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ab583e1e1c81587c0efb344e14ae7f0b60e855bd12c3e22f30258d43f96f9bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:57 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31420253
expires: Wed, 24 May 2023 07:55:50 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 189880
quic-version: Q050

GET
H3-Q050 200 seg-11-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 83 KB
83 KB 32ms
31ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-11-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0dd7294f8dea6522592417618be6658cea6907e8c12d4751567f5e10c3344059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:57 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31535992
expires: Thu, 25 May 2023 16:04:49 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 84600
quic-version: Q050

GET
H3-Q050 200 seg-12-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/ Frame 9A73 56 KB
56 KB 29ms
29ms XHR
video/mp2t 23.216.77.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/680d41181e6904b256ad0ee93bb38363aee49c17.m3u8/v2/seg-12-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.216.77.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c4f2068d91add4ccb80c76ec35eb938db206281684194bb65a8f6fa83c4ff59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:57 GMT
access-control-request-method: *
surrogate-key: 680d41181e6904b256ad0ee93bb38363aee49c17-hls-segment purge-experiment-17
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=30446791
expires: Sat, 13 May 2023 01:31:28 GMT
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 57528
quic-version: Q050

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 04:01:26	Name: _li_ss Value: MgkI_____wcQrxI
.wealthyretirement.com/	1970-01-20 03:18:16	Name: seerses Value: e
.wealthyretirement.com/	1970-01-23 18:54:14	Name: seerid Value: 70b5d251-00ac-4d69-9b9c-08acff390341
.lytics.io/	1970-01-21 00:54:14	Name: seerid Value: 70b5d251-00ac-4d69-9b9c-08acff390341
.bing.com/	1970-01-20 12:39:50	Name: MUID Value: 08F520BF8FCD66683E1E31108E1F67D3
.wealthyretirement.com/	1970-01-20 03:19:41	Name: _uetsid Value: 692ab120dc4411ecaae48bfb94fbcc17
.wealthyretirement.com/	1970-01-20 12:39:50	Name: _uetvid Value: 692d8bf0dc4411ec992a195bcd4f5610
.wealthyretirement.com/	1970-01-20 07:37:26	Name: optimizelyEndUserId Value: oeu1653494692558r0.3167723171454848
.wealthyretirement.com/	1970-01-20 07:37:26	Name: optimizelySegments Value: %7B%22301652738%22%3A%22campaign%22%2C%22301739447%22%3A%22gc%22%2C%22301835208%22%3A%22false%22%7D
.wealthyretirement.com/	1970-01-20 07:37:26	Name: optimizelyBuckets Value: %7B%7D
.wealthyretirement.com/	1970-01-20 03:18:14	Name: optimizelyPendingLogEvents Value: %5B%5D
.linkedin.com/	1970-01-20 04:01:26	Name: UserMatchHistory Value: AQKq83k8mySbtQAAAYD79rugV_0mExxDgTxVvCHPvnU1FSmYRpLLDKr2jHzD34EkuZc1CqSG0MLq2Q
.linkedin.com/	1970-01-20 04:01:26	Name: AnalyticsSyncHistory Value: AQIy1TDBPXuxEgAAAYD79rugaSSGsOTK_gj7Byqf2pVCLJbjH5nSwrlAJa_qQEoaVTlA-r4GjZrOxTQemAoLeQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:50:08	Name: bcookie Value: "v=2&8f2e909f-910d-4cfe-8f20-8ae0453e78ce"
.linkedin.com/	1970-01-20 03:19:41	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2355:u=1:x=1:i=1653494692:t=1653581092:v=2:sig=AQE50atoTckp65jHMWwpzvr96XlOZIHz"
.wealthyretirement.com/	1970-01-20 20:49:26	Name: _ga Value: GA1.2.962181550.1653494693
.wealthyretirement.com/	1970-01-20 03:19:41	Name: _gid Value: GA1.2.1692037614.1653494693
.wealthyretirement.com/	1970-01-20 03:18:14	Name: _gat_secondary Value: 1
.wealthyretirement.com/	1970-01-20 05:27:50	Name: _fbp Value: fb.1.1653494693053.1561952641
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 20:50:08	Name: bscookie Value: "v=1&2022052516045369cdafbe-2f10-4ee9-81f0-eb9b5132f88bAQHVHVedIKB25Yu_CDo6TwNjx2b6oUT8"
.linkedin.com/	1970-01-20 20:46:55	Name: li_gc Value: MTswOzE2NTM0OTQ2OTM7MjswMjEmIrfPiPUMlJDy9Vv2zTEh0Ud350Sbzq0BSKk+CsIgOw==
.criteo.com/	1970-01-20 12:39:50	Name: uid Value: edfaa385-a0a3-4d26-b0d2-82378a694529
.yahoo.com/	1970-01-20 12:04:12	Name: A3 Value: d=AQABBKVTjmICEJWRwKxLQAUA3gACclemUSoFEgEBAQGlj2KYYgAAAAAA_eMAAA&S=AQAAAtM1NxekhUPydXiFsjpE6hs
wealthyretirement.com/	1970-01-20 03:18:14	Name: outbrain_cid_fetch Value: true
.wealthyretirement.com/	1970-01-20 12:03:50	Name: _hjSessionUser_478755 Value: eyJpZCI6IjU3MDhhYzc3LTMyZDAtNWMzMi05Nzg5LTdjMzA1YTlkNzg1ZSIsImNyZWF0ZWQiOjE2NTM0OTQ2OTMyNzYsImV4aXN0aW5nIjpmYWxzZX0=
.wealthyretirement.com/	1970-01-20 03:18:16	Name: _hjFirstSeen Value: 1
wealthyretirement.com/	1970-01-20 03:18:14	Name: _hjIncludedInSessionSample Value: 1
.wealthyretirement.com/	1970-01-20 03:18:16	Name: _hjSession_478755 Value: eyJpZCI6IjYzNDYyMjVhLTJhOWEtNDA4My05NDc5LTczMTI4MTkxYmMzMyIsImNyZWF0ZWQiOjE2NTM0OTQ2OTM1MjIsImluU2FtcGxlIjp0cnVlfQ==
wealthyretirement.com/	1970-01-20 03:18:14	Name: _hjIncludedInPageviewSample Value: 1
.wealthyretirement.com/	1970-01-20 03:18:16	Name: _hjAbsoluteSessionInProgress Value: 0
.wealthyretirement.com/	1970-01-20 12:47:38	Name: cto_bundle Value: wUBTJV9mUlRjVm1BY3I4NGFLQWZGU1NsNXJKY294OWt0VXZTQkl5MkZoek5YRnBjSk52bTk3WHk1OTNZcnh5ZEFYV0daZFIlMkZwbWRtT0dlNGpFUWpHdW1aNlJLNWNyeUhCNlM4ciUyRjN4cnBmRlJiJTJCU1NuJTJGUXFaMFZpa3d4R29TcUdPMThVSzMlMkZvclQ1VVEwZWlGSUQwNHJlazZnazVvdDVDN3FQZjU2JTJGS3pTdTdmbE0lM0Q
.wealthyretirement.com/	1970-01-20 03:18:14	Name: _gat_UA-344672-10 Value: 1
.analytics.yahoo.com/	1970-01-20 12:03:50	Name: IDSYNC Value: 18zh~2534
.doubleclick.net/	1970-01-20 12:39:50	Name: IDE Value: AHWqTUk7g7RzlhPcEvKZcxnTmr1d9LFWvXN_uboHRZFk3Bm0L9GxO64DsvSn2x1X72c
.adnxs.com/	1970-01-20 05:27:50	Name: uuid2 Value: 8470024256000949395
.turn.com/	1970-01-20 07:37:26	Name: uid Value: 4140357701486752859
.media.net/	1970-01-20 12:03:50	Name: visitor-id Value: 2964962958214901000V10
.media.net/	1970-01-20 04:01:26	Name: data-c-ts Value: 1653494695
.media.net/	1970-01-20 04:01:26	Name: data-c Value: k-Z6llY5I_HhgNKmbLESu3t9vcnQSpOSzHOAWj4Q~~3
.pubmatic.com/	1970-01-20 04:01:26	Name: KRTBCOOKIE_97 Value: 3385-uid:k-JZrvtpI_HhgNKmbLESu3t9vcnQSil3_QjnCEuA&KRTB&23144-uid:k-JZrvtpI_HhgNKmbLESu3t9vcnQSil3_QjnCEuA&KRTB&23286-uid:k-JZrvtpI_HhgNKmbLESu3t9vcnQSil3_QjnCEuA&KRTB&23287-uid:k-JZrvtpI_HhgNKmbLESu3t9vcnQSil3_QjnCEuA
.pubmatic.com/	1970-01-20 04:01:26	Name: PugT Value: 1653494694
.casalemedia.com/	1970-01-20 12:03:50	Name: CMID Value: Yo5TqMiIEwd3nhSo8BcnSAAA
.casalemedia.com/	1970-01-20 05:27:50	Name: CMPS Value: 3194
.bidswitch.net/	1970-01-20 12:03:50	Name: tuuid Value: e1b9c23b-a74a-4639-b854-41fee9bdbe30
.bidswitch.net/	1970-01-20 12:03:50	Name: c Value: 1653494696
.bidswitch.net/	1970-01-20 12:03:50	Name: tuuid_lu Value: 1653494696
.revcontent.com/	1970-02-07 09:18:14	Name: __ID Value: b1ca919b36344df891b4edfdcd71ff06
.revcontent.com/	1970-01-20 04:01:26	Name: v1_151 Value: 1
.casalemedia.com/	1970-01-20 05:27:50	Name: CMPRO Value: 1187
.casalemedia.com/	1970-01-20 03:19:41	Name: CMST Value: Yo5TqGKOU6gA
.casalemedia.com/	1970-01-20 12:03:50	Name: CMRUM3 Value: 14628e53a82760k-01SfY5I_HhgNKmbLESu3t9vcnQRjB4Jaw_QtAA
.outbrain.com/	1970-01-20 05:27:50	Name: obuid Value: 66469b9a-31d9-4443-8704-c0560e8bf1d7
.outbrain.com/	1970-01-20 03:47:02	Name: criteo Value: k-gLgCGZI_HhgNKmbLESu3t9vcnQTefRPLPib6ag
.sharethrough.com/	1970-01-20 04:01:26	Name: stx_user_id Value: e94461a3-0e38-43e9-9861-82948a71e8c5
.adnxs.com/	1970-01-20 05:27:50	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E?klsyqP!_..y#MUTSo5i@?nrTu!5*t?us47!ju[/t#tCP+%IAJR]3!Ux$h6p'?13u:-<n(7u=9Q#Sc6t+]5D8-@P)[Q]P)j.g_0AAu
.360yield.com/	1970-01-20 05:27:50	Name: tuuid Value: b3ccabe3-3feb-4d7b-b7b7-2a7db4c8106d
.360yield.com/	1970-01-20 05:27:50	Name: tuuid_lu Value: 1653494696
.360yield.com/	1970-01-20 05:27:50	Name: um Value: !38,3RMwJukcMqvk3W-toz960w3YC.DXbhosy4WwPZvc08drpS1zFY4hn7Ocjzv1T4eUU1CYzD-A,1661270696
.360yield.com/	1970-01-20 05:27:50	Name: umeh Value: !38,0,1715702696,-1
.addthis.com/	1970-01-20 12:39:50	Name: ouid Value: 628e53a800017fd7a2ebfb6ebfa60ebcd7b55db093798c6e299e
.addthis.com/	1970-01-20 12:39:50	Name: uid Value: 628e53a888f3dd55
.addthis.com/	1970-01-20 12:39:50	Name: na_id Value: 2022052516045622400050431728
.postrelease.com/	1970-01-20 12:03:50	Name: opt_out Value: 1
.wealthyretirement.com/	1970-01-20 12:03:50	Name: _bs Value: f609b3e8-b2ae-9ed3-c158-1ea96167ab0a
.liadm.com/	1970-01-20 20:49:26	Name: lidid Value: 21887cd1-6c00-4407-a76c-4a445e87a4fa

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://static.criteo.net/js/ld/ld.js Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-tc4rTJI_HhgNKmbLESu3t9vcnQQd3MtWr1Yqiw Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=N72YpFSNjhtXo9pj1XEiEur8y3UIAkBB Message: Failed to load resource: the server responded with a status of 451 ()
worker	info	URL: blob:https://fast.wistia.net/64b0a37d-2307-44c5-8bfb-fb7e76c55846 Message: [log] >

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessibilityserver.org
ad.360yield.com
ads.yahoo.com
amplify.outbrain.com
api.getblueshift.com
api.userway.org
bat.bing.com
c.aaxads.com
c.lytics.io
cdn.getblueshift.com
cdn.jsdelivr.net
cdn.optimizely.com
cdn.userway.org
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d.turn.com
dis.criteo.com
distillery.wistia.com
dnzkifeab6.execute-api.us-east-1.amazonaws.com
e-10348.adzerk.net
eb2.3lift.com
embedwistia-a.akamaihd.net
events-b.mb.wealthyretirement.com
fast.wistia.com
fast.wistia.net
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
jadserve.postrelease.com
match.sharethrough.com
mug.criteo.com
partner.mediawallahscript.com
pipedream.wistia.com
pixel.rubiconproject.com
portrait-tracker.s3.amazonaws.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.yimg.com
s.zkcdn.net
s3.amazonaws.com
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
sync-t1.taboola.com
sync.outbrain.com
tr.outbrain.com
trc.taboola.com
trends.revcontent.com
ups.analytics.yahoo.com
vars.hotjar.com
wealthyretirement.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
104.111.242.245
104.75.88.126
108.157.4.114
13.107.42.14
141.226.228.48
143.204.225.52
143.204.98.102
143.204.98.118
143.204.98.41
143.204.98.76
172.217.16.130
178.250.0.163
178.250.2.146
178.250.2.151
18.205.143.103
18.233.27.104
18.66.248.61
185.33.221.14
185.33.221.53
185.64.189.110
185.86.139.57
2.20.157.165
2.20.157.55
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::13
212.82.100.181
216.58.212.130
23.205.241.117
23.216.77.195
23.35.228.23
2600:1f18:444a:4602:66c0:1498:bf97:ef60
2600:1f18:612b:4264:35be:ace0:b22e:18d9
2600:9000:2156:ea00:1b:5138:8a40:93a1
2606:4700:20::681a:316
2606:4700::6810:5814
2606:4700::6810:cf3f
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:400c:c0c::9a
2a00:1450:4014:80a::2010
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:3500:7::17d8:4dd9
2a02:26f0:3500:88e::13b8
2a02:6ea0:c700::11
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::300
2a04:4e42:600::622
2a04:4e42::622
3.122.58.191
3.126.56.137
3.223.156.232
3.251.15.4
35.153.58.122
35.244.174.68
52.216.133.197
52.216.147.19
52.28.128.138
52.54.116.217
52.9.57.1
54.155.65.255
54.171.126.73
54.188.140.173
54.229.101.204
54.69.16.109
69.173.144.165
70.42.32.95
74.119.119.150
76.223.111.18
0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6
0a13b8882d2d4d3cffc50f0c95dff5efddb0ccf063d81178334653e77978ab8e
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
0c4f2068d91add4ccb80c76ec35eb938db206281684194bb65a8f6fa83c4ff59
0c5d8571bd69f7af0d24f50179fa83683c6a655145cf263792ccfeb81458b2da
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0dd7294f8dea6522592417618be6658cea6907e8c12d4751567f5e10c3344059
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06
0f2ffc2a01a717d97125724a3347b0b35eb3ef050b9c3c1b7906ad80d8a4ba61
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
14ff520fea7566ada0ac63f9fb35a124c665f40bade753efd74910b459cec16e
15236ecf56f44fb5f69468c0a4b02f2fd9aa8e905bae13aff6278d2b2980645d
1bad1d265b00ba31bf8d294835b87b346f81c15db195b07cdf4f2cdeab9c93c8
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1dd4213778e92d448fe07cf0d91d1e8caced383c1d7b8de3d01e28b82d2dc020
1ddc9e19ccefc0d2de33245f132ea603775fb0785df813df05fe47c0edad63ba
1f4f5fdffaf00193968ce7061b79f50ecb891aa19d6303cfca92ee57ef0d5fb7
207b577bfae8a787e31f4a32ac4332232351f9db3a3bf44de19c97cc8bbc29f0
229d6077e7d50edc21b4fbde98ddd834327691ca0c12f91e99a38ae42e1a9116
24c5079e28db5d92e175e582545a2b5e42e044643628f3665851e4f0d83ac2cd
25294875032f9525d068cd8a2f5764cf60ac8a5927fee1c4e0cb8f560363c3a5
26a74aa295ceeba34b3ced6606085d0d0ddb1f2120ab099e6aa5aba3620750de
29f4170b29c87ec1c550d9fb550d79a4969ad85243d7829f8c608eda5813221d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3b741712c686178db485287c4f7f7ee1f077a6b01a7552fe699c7255ded7c28b
3d31cc9941618450823acf5ef28d2afffda7632bb1dd58be0518d66616a18c49
3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738
3febc917267518688440906bbbbbb3a9b32e21497d21494daaefbeb5222e4a23
415422ec9a8645bc4a15ba4a860e5a7cb133038c69b28d7a23f3febfc40f9242
439d1ae467f77cad2ab326aed33c02d521022f57e334cabe4d7a0c657f814b5f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e16c099f70d0a28b59ef206ca26fc1770ca1dc75b9139ffb03fbccf1eb4a9e
462b8889124912fffcc6336098a7f756d3df4d4015f978a6fdc8670d67bd1c8a
496557104c2e1af9f01a86beb5253966b252281c68d53b67631bafc15e890f1a
4a8192adab342bc70a40ed0b25bc563deb361afd2fdbdb2dedc1ce26bb0c4aee
4a82ae3c77edece9c05d244708bbb5640c6a7bc69efaca4278c1c560e55f710f
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b4344e91454590284aaeef5fcbe09d3fa3e321bebcd4b23730249e1d7c34704
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce7b1638fe4091d69bcda3b62681023ef97d3fc9bcf890d767d1c7097efaec0
4deada37c1f7b4f0c30d01839b5b200027d7f25c4931d16ddc0495bfc04a95dc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc
52ada88a3283f8f7e92824680aa1193016922892c8d46b728e9edc225b3e3996
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55aecb1f1ef9bc1194c8c9226a1ebffe6b1e5dc0906e02e9da110930bb684e49
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a41d57891295c41db15219348cd6ea25b905786b4485bef3ba4a692c0af7655
5f023322a1b4270e46c6c60927e78a4da3e7d76469c35d0d5357a413a4635ee6
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
62a884595f9dd8d5a5901309331b9660f53684e41da937f9cc01bbe505a04926
634fa75dd2959d7a115a567fb9db372e47934d19fb867fd05502cab7793cb06f
65a20c69e67c35a92602f8caefd13afeee999ee6267c87a78e212ef431d51b69
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
6a5ae454547b6b662283dce0b3f137e93c7471f2e5336a3494e4dc15ac400e61
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7150e7676d30c0a1323ee90f76fe773054556ca3e335306dc3929edb3149ef65
7387652e29ef06dda63deea87108e29e38f91b02ac452db4304264fc2cecd9e1
76f9c920313d573b70eefe995e902a4f5fe38098666555067056960664a672dc
780cbfb3b7c4ce8e8a4b456166d0d713c73007acee33acd0cc8e6481110c229f
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
7fb68a0b1a6c3d4c413a6183ffeb1bcede894171ddfb9a5fa0b2c768253badaa
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85c3d51d7eb47ac25de5f4043fba14177f6d131e1ca88ce545744bdfbf77a328
88a9252da7c1ef7ef3071dc8bb05a9153d322558b8194721a258494a781501ba
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a7ffcb1785815a28350d7287b28369ea2fb8e74d6df43aaea7bf6c03adf508d
937bec9cb281be602f0cee942df7c076b247a2139d171cf6bba92de6e2dea48a
94fe0bf34718ae3d0c48f2314a22e190e8189a15b536828b4b5c93c8b32ca36a
9685618bbebea19059c3969aa28d2939f1c6345d6411674aecae0ce2101cb182
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
99057633502cc1a3b43932c7ac6827806fff1f091b3e8a07e15f09cfdfd394bb
99062d7c1575e18ee54fc893bd3f8fca32fd2fc6e3199d9b83fa9be7a00e3a9b
9a5b44a9e02eada7b38800af4d5278d2e1ef259df860ed3aea7ac57e02a909f6
9a6c04db2fbee1e318276e445f8076f8f522a1d5f7a5ad0d2d2773f71fa30e0a
9b6554e3dbe9e11702720eb95ef8808b4e1e307bbec908ab5e6d0e1da2294470
9b70d6dc0d9eebb8a7a0bb4bcaf40f7f5ce562403293c4505110c3b817a31d04
9c2249f3e727e08575d9577decd7c4e95dcaafdb814b8493e4490ee65e4db28c
9ca4065e16a157acfc5160a6698ce60cb2911f90210d5df131cbd528e39448e6
9de232e3a21b070afd01c7828a9ec1416ece3476c7905446869fdb56fa26d496
9f1e7f4aec0ef790fc7568dd497d278a2cb6488d8961792f7d6421b83b83ccf7
9f72ed2dfeef063e009cb45581ae6df3d43bd0cf04c299cbde9ed456ae594f8b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ab583e1e1c81587c0efb344e14ae7f0b60e855bd12c3e22f30258d43f96f9bc8
aee924d2e41f5f1e234067817e237dece3306e48aa08cd6230bd1806d0863980
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9b215bbdb26978ced9af85ac38f07275fee2a8488b2849e0731373f922a3aa4
ba84736079d69a538e14183da5837f9ea30566945ff57c5f5e151fd149feecfa
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9d2e9db7611ec45ec27b7bfbf174b6b26c18215b64502b8756711ac3b1c767
bbebd127ca8ad09b1db472eb7d740de3927601e3acc0dc78723168c48636369a
bdef145a212b1c018c220387d182435d6f69b4a653dbc806fbe3414667d1c70f
bf437c94b6f8b4f367e0b8d54e3256f093051d0f27a7eccb092dadf0b173a88c
c0e7c8895f8f743ec014f264c9090b8797cf7798bd4de1df1d9f06eced941f2b
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c5432314c2215a1052479602186328ab543c20b15f35dafd0946137f9d7a54cd
c85d1db883c4b08296fcd7e9f258fcd647d725aca193a2dc51a4f1753ecda00c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d9c3b4e6294be01504727852c68ea03d3864aa1cbbcfa5c2292ebcdd4f0850a1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76eaa2ca64511cf4b805040f38f1c9181b19a5463a6f00ccd931483b388ae07
e850af6dc7699719c75bc5d6ea2a272359ff8782727c342ab215a0f0de19e479
ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f155b4555f250e1524df719787be037245690fba6218bb64b0e111f7ccab840b
f225f6d3130aa78e6a67757e19f126e729010b2b2148642d8691cdb21caaa645
f27782c652bc608717ddc8d7989a6654abe0bd23d4826298feb66eddb53d015e
f9240b41c0d2ef1fbeb4ac4a4fec7f6f019a96a6878a8c14761b9359e572a692
f9725593c0dcf38e3f7b70342a00f50ad485c69d6101f69c9fd0fc712abb1b49
fd4ef08b1c3a7bfa060d2913a55356d8791b686973e35e5a8a6839cb5984f438
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

wealthyretirement.com Open in urlscan Pro 18.233.27.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

191 Requests

93 %HTTPS

37 %IPv6

54 Domains

79 Subdomains

70 IPs

8 Countries

5938 kBTransfer

9099 kBSize

67 Cookies

4 Outgoing links

Page URL History

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wealthyretirement.com Open in urlscan Pro
18.233.27.104 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

93 %
HTTPS

37 %
IPv6

54
Domains

79
Subdomains

70
IPs

8
Countries

5938 kB
Transfer

9099 kB
Size

67
Cookies

191 HTTP transactions
1 data transactions