URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_conten...
Submission: On April 21 via api from CH — Scanned from DE

Summary

This website contacted 36 IPs in 6 countries across 26 domains to perform 79 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is freekit.birchgold.com.
TLS certificate: Issued by R3 on February 21st 2023. Valid for: 3 months.
This is the only time freekit.birchgold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.69.136.55 16509 (AMAZON-02)
3 18.64.79.57 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.32.118.18 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
6 52.222.250.226 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3.221.88.80 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f08... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 52.10.176.180 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 18.66.147.38 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 212.82.100.181 34010 (YAHOO-IRD)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 151.101.193.44 54113 (FASTLY)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 146.75.116.157 54113 (FASTLY)
1 2600:9000:211... 16509 (AMAZON-02)
1 3.139.175.100 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.216.127.149 14618 (AMAZON-AES)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
2 54.158.102.118 14618 (AMAZON-AES)
3 2600:9000:223... 16509 (AMAZON-02)
1 141.226.228.48 200478 (TABOOLA-AS)
79 36
Apex Domain
Subdomains
Transfer
10 cloudfront.net
d2xxq4ijfwetlm.cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
119 KB
8 google.com
google.com — Cisco Umbrella Rank: 5
www.google.com — Cisco Umbrella Rank: 16
region1.analytics.google.com — Cisco Umbrella Rank: 2930
1 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 3425
993 B
6 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
7 KB
4 truconversion.com
app.truconversion.com — Cisco Umbrella Rank: 95215
cdn.truconversion.com — Cisco Umbrella Rank: 186409
91 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
112 KB
4 equalweb.com
cdn.equalweb.com — Cisco Umbrella Rank: 21422
26 KB
3 clickguard.com
io.clickguard.com — Cisco Umbrella Rank: 53243
4 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1073
trc.taboola.com — Cisco Umbrella Rank: 839
trc-events.taboola.com — Cisco Umbrella Rank: 2128
20 KB
3 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1442
956 B
3 wickedreports.com
widget.wickedreports.com — Cisco Umbrella Rank: 45464
track.wickedreports.com — Cisco Umbrella Rank: 66826
9 KB
3 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3443
rp.liadm.com — Cisco Umbrella Rank: 2091
rp4.liadm.com — Cisco Umbrella Rank: 5523
15 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 519
13 KB
3 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 24673
39 KB
2 veritonicmetrics.com
atr.veritonicmetrics.com — Cisco Umbrella Rank: 20275
132 B
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 631
7 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
171 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
20 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 912
726 B
1 t.co
t.co — Cisco Umbrella Rank: 584
377 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 veritonic.com
cdn.veritonic.com — Cisco Umbrella Rank: 91591
2 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 964
15 KB
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 32584
282 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 607
25 KB
1 birchgold.com
freekit.birchgold.com
9 KB
79 26
Domain Requested by
6 www.google.de freekit.birchgold.com
6 d9hhrg4mnvzow.cloudfront.net freekit.birchgold.com
5 www.google.com freekit.birchgold.com
4 connect.facebook.net freekit.birchgold.com
connect.facebook.net
4 googleads.g.doubleclick.net www.googletagmanager.com
4 cdn.equalweb.com freekit.birchgold.com
cdn.equalweb.com
3 cdn.truconversion.com app.truconversion.com
cdn.truconversion.com
ajax.googleapis.com
3 io.clickguard.com freekit.birchgold.com
io.clickguard.com
3 sp.analytics.yahoo.com freekit.birchgold.com
3 bat.bing.com freekit.birchgold.com
bat.bing.com
3 builder-assets.unbounce.com freekit.birchgold.com
2 atr.veritonicmetrics.com cdn.veritonic.com
2 s.yimg.com freekit.birchgold.com
s.yimg.com
2 google.com www.googletagmanager.com
2 widget.wickedreports.com www.googletagmanager.com
widget.wickedreports.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.googletagmanager.com freekit.birchgold.com
www.googletagmanager.com
2 www.google-analytics.com freekit.birchgold.com
www.google-analytics.com
2 d34qb8suadcc4g.cloudfront.net freekit.birchgold.com
d34qb8suadcc4g.cloudfront.net
2 d2xxq4ijfwetlm.cloudfront.net freekit.birchgold.com
1 trc-events.taboola.com cdn.taboola.com
1 trc.taboola.com cdn.taboola.com
1 analytics.twitter.com freekit.birchgold.com
1 t.co freekit.birchgold.com
1 rp4.liadm.com freekit.birchgold.com
1 rp.liadm.com 1 redirects
1 www.facebook.com freekit.birchgold.com
1 region1.analytics.google.com www.googletagmanager.com
1 track.wickedreports.com widget.wickedreports.com
1 cdn.veritonic.com freekit.birchgold.com
1 static.ads-twitter.com freekit.birchgold.com
1 cdn.taboola.com freekit.birchgold.com
1 b-code.liadm.com www.googletagmanager.com
1 app.truconversion.com freekit.birchgold.com
1 events.ub-analytics.com freekit.birchgold.com
1 ajax.googleapis.com freekit.birchgold.com
1 freekit.birchgold.com
79 37

This site contains no links.

Subject Issuer Validity Valid
freekit.birchgold.com
R3
2023-02-21 -
2023-05-22
3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01
2023-02-21 -
2024-02-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-31 -
2023-05-31
a year crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01
2023-03-11 -
2024-04-08
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-28 -
2023-04-28
3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2023-02-16 -
2023-08-16
6 months crt.sh
www.truconversion.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-11 -
2023-10-14
a year crt.sh
*.liadm.com
Amazon RSA 2048 M02
2023-02-28 -
2024-01-30
a year crt.sh
widget.wickedreports.com
Amazon RSA 2048 M02
2023-02-24 -
2023-08-29
6 months crt.sh
*.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-01-03 -
2023-06-28
6 months crt.sh
www.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
www.google.de
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-04-10 -
2023-05-31
2 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-22 -
2023-08-22
a year crt.sh
cdn.veritonic.com
Amazon RSA 2048 M02
2023-02-21 -
2023-09-15
7 months crt.sh
track.wickedreports.com
Amazon RSA 2048 M02
2023-03-15 -
2024-04-12
a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
atr.veritonicmetrics.com
Amazon RSA 2048 M02
2023-04-12 -
2024-05-10
a year crt.sh
cdn.truconversion.com
Amazon RSA 2048 M02
2023-04-09 -
2024-05-07
a year crt.sh

This page contains 3 frames:

Primary Page: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Frame ID: 56EE3BBC0150F6283C1264529CE7EEBD
Requests: 76 HTTP requests in this frame

Frame: https://cdn.truconversion.com/pixel/_tcvars.html?r=https://freekit.birchgold.com
Frame ID: 783209AE5C2DB1FE3EB8E88AD94FC30A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.truconversion.com/pixel/_stcv19.html?origin=https://freekit.birchgold.com&fp=731d2ea0.cac1.e564.2467.e124a24d6700&tclid=undefined
Frame ID: 56866EDF15BB322FE73AF4A83749F5CC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Ron Paul Reveals The Next Big Financial Scam

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.equalweb\.com.*\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

97 %
HTTPS

56 %
IPv6

26
Domains

37
Subdomains

36
IPs

6
Countries

708 kB
Transfer

2035 kB
Size

37
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://rp.liadm.com/j?dtstmp=1682049833609&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzq6ggqfxt600a30scb4j7&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&wpn=lc-bundle&c=PHRpdGxlPlJvbiBQYXVsIFJldmVhbHMgVGhlIE5leHQgQmlnIEZpbmFuY2lhbCBTY2FtPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj4 HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1682049833609&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzq6ggqfxt600a30scb4j7&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&wpn=lc-bundle&c=PHRpdGxlPlJvbiBQYXVsIFJldmVhbHMgVGhlIE5leHQgQmlnIEZpbmFuY2lhbCBTY2FtPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj4&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NGU%3D&n3pc=true

79 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
freekit.birchgold.com/lf/ron-paul-hidden-strategy/
32 KB
9 KB
Document
General
Full URL
https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0f0bfe04984e0cc564dbcf5eff357acf5121bbef08913f0e5aeb1fa56d3d77e9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
7802
content-location
https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/
content-type
text/html; charset=utf-8
date
Fri, 21 Apr 2023 04:03:52 GMT
etag
"b:e719e81f706746f9b9a15ec0323abdd5"
link
<https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
b87873c0-cc5c-4e97-bc60-5c94780b82c5
x-unbounce-variant
b
x-unbounce-visitorid
e719e81f-7067-46f9-b9a1-5ec0323abdd5
main-7b78720.z.css
builder-assets.unbounce.com/published-css/
15 KB
3 KB
Stylesheet
General
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-57.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 02:28:13 GMT
content-encoding
gzip
via
1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-version-id
L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
last-modified
Mon, 04 Jul 2022 16:47:32 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P2
age
20223341
etag
"4458a4d76a70cb207bcc34d6bc6f872f"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2902
x-amz-cf-id
W_1OSV0p5m-uYV41XAGM8NGJwO83P-0CW8xQsr7yGT95knjJlaRRtA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/
70 KB
25 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 13:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Apr 2024 13:23:00 GMT
jquery.fancybox-1.3.4.css
d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/
9 KB
9 KB
Stylesheet
General
Full URL
https://d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.css
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-18.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:06:39 GMT
x-amz-version-id
null
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2011 19:35:24 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:503/gname:staff/uname:cschmidt/gid:20/mode:33261/mtime:1302547553/atime:1302547552/ctime:1302547553
x-amz-cf-pop
FRA60-P1
age
39434
etag
"4638ce99ef00cf62bfb22d230f9924b8"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
8852
x-amz-cf-id
pj4NcztMtZr17UiZ_BeaWtWhmCco_CJJ-Csx5zyLEVKqAPB2xJsXWA==
jquery.fancybox-1.3.4.js
d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/
29 KB
29 KB
Script
General
Full URL
https://d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-18.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 20 Apr 2023 20:39:30 GMT
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2011 19:35:24 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:503/gname:staff/uname:cschmidt/gid:20/mode:33261/mtime:1302547553/atime:1302547554/ctime:1302547553
x-amz-cf-pop
FRA60-P1
age
39434
etag
"e7fc2f8a70f0a9f966207c3f71130721"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
29398
x-amz-cf-id
PxwBdMivskKC07g8ARa1wm3R3Vy7LokpvJcSmpQgjs2-7iHam6YgxQ==
jquery-shims.bundle-aa41391.z.js
builder-assets.unbounce.com/published-js/
6 KB
2 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-57.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 03:20:21 GMT
content-encoding
gzip
via
1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-version-id
YbzMrEHcIFxJG2rzJbPRWr6zZoAsFy0n
last-modified
Wed, 23 Nov 2022 23:24:26 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P2
age
12617013
etag
"1d185d956eab5d25fbbc002208befebb"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1991
x-amz-cf-id
ZeNj-AuPnBTdMdNBX5noNMpR2FzcbT4MRpaQ7LTOdmiUA5WXCPmV5A==
ub.js
d34qb8suadcc4g.cloudfront.net/
5 KB
2 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:f000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 21:41:41 GMT
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
x-amz-version-id
TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified
Tue, 17 Jan 2023 21:14:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
8058133
etag
"fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1865
x-amz-cf-id
HSaOyHtB2toLgHtqt2F9BPcjW1nBwVFZBQnkpznNpB-yOP8oe4jYiA==
da4b7e8d-accessibility-icon-grey_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www2.birchgold.com/thank-you/emergency-kit/
720 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/www2.birchgold.com/thank-you/emergency-kit/da4b7e8d-accessibility-icon-grey_1000000000000000000028.png
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-226.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45a86e5f17ab675ca652ce1d577bd5fafd96d99a1195cbe71431d498cc929bae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 04:45:21 GMT
x-amz-version-id
gRO.CiQeC75niAJC6_4aUpoGvPhMy_oy
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jun 2020 20:26:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
17363913
etag
"3379d20b8b5b472e2c1ed2048b674a28"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
720
x-amz-cf-id
BBLkHAlA6KRNnvEQPmZYv6-ocYg9RMBl51UxOkkTstShGp8wynnkKg==
main.bundle-5dc4c52.z.js
builder-assets.unbounce.com/published-js/
103 KB
33 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-57.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5dc4c52ad9b22df4e2f70580e03de8ba2b2a3fc8ec48edfb0a2bb8e858975c2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 00:17:12 GMT
content-encoding
gzip
via
1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-version-id
pKHv9xoCp.Oeede.gA0bUZ9Qn6jRS9cc
last-modified
Wed, 23 Nov 2022 23:24:26 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P2
age
12800802
etag
"0bf2d86152e7e3622dcf4ab19253e64e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33506
x-amz-cf-id
48rl0lq2eQa8LNr0Wla2NIWpnv5xVRak43mUhvr7pJFdyNfG-Nw55Q==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 02:35:44 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5289
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 21 Apr 2023 04:35:44 GMT
gtm.js
www.googletagmanager.com/
275 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a52754e83a842557fc7f0b9f8d270a6e24df4141cd16a7e522872096f89e9640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:03:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91246
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Apr 2023 04:03:53 GMT
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/
98 KB
30 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:f000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Sun, 05 Mar 2023 17:27:36 GMT
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
7518234
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30399
x-amz-cf-id
wQbhCA604Im8pI2SjPGMvzpReJ1VvQ1FmbpM6wCFmcRr2bLVgBu3Fw==
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
accessibility.js
cdn.equalweb.com/core/2.0.7/
34 KB
12 KB
Script
General
Full URL
https://cdn.equalweb.com/core/2.0.7/accessibility.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
000497d098847c13d6d87e046fdabe2b78971aadb7948d46dc473eabd730f954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://freekit.birchgold.com/
Origin
https://freekit.birchgold.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:03:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
680616
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Thu, 19 Mar 2020 09:54:48 GMT
server
cloudflare
etag
W/"024f26cd4fdd51:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dwte9CAxnLHvkzv2oQVunGezf9lGRKWelfxUmV8nSlfCS4k3fSjv68knOAHPg669yRpT9bi9rn17deDmYEt3G9Zef6A3blhKo3Td5mAkBY4w%2BWw%2FYau0rCUn%2Fz3lg9%2FLdMOse7wtr7guHMPJSTQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2204800
access-control-allow-credentials
true
x-frame-options
deny
x-client-country
DE
cf-ray
7bb2bd6188ec6957-FRA
08155955-37c5-4966-9cc4-0dac6d045ed0
https://freekit.birchgold.com/
5 KB
0
Stylesheet
General
Full URL
blob:https://freekit.birchgold.com/08155955-37c5-4966-9cc4-0dac6d045ed0
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
5611
Content-Type
text/css
34338a85-new-logo_107601i000000000000028.png
d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/
5 KB
5 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/34338a85-new-logo_107601i000000000000028.png
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-226.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
305981fa61c0c69ef524ef786b3d9bb08b55cf2c67abb6414a9bdd97d50962ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 13:16:41 GMT
x-amz-version-id
gqeXxxQNO7xJ7SrPr4.6PDLLG2oql.Sw
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 19:29:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
5237233
etag
"de1d39c19c9c6cc67f4f8739591fecbb"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
4612
x-amz-cf-id
pHOdrFQ2DlG3TW4fIhOHoSjuAJFiW3Em6VI2KV9ALSzvoIufjLxGTQ==
3bea71e7-footer-logo_104c027000000000000028.png
d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/
2 KB
3 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/3bea71e7-footer-logo_104c027000000000000028.png
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-226.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca2a4fc99d09ed851fa1cd014f88b2e8cb1b2e998f0ae5f3d8a5456623fe9cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 13:16:41 GMT
x-amz-version-id
H.VgA.fv3OuWXVSkfVqT2hfQZQxb9Fce
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 19:29:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
5237233
etag
"811d403b4ae6ad16a6ad5e94d317b357"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2400
x-amz-cf-id
GEm_5iMdtW56m8vbQkKnetwuPB6raZCgV9h75FAzicuNhPoej3l_rg==
954ee051-2023infokit-mockup-2_10820ab08209j000006028.png
d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/
32 KB
33 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/954ee051-2023infokit-mockup-2_10820ab08209j000006028.png
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-226.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44fd62e26ee123b8f6b0185ee13ebba129e8b8c9ef43bfb912c1b23093476bbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 13:16:41 GMT
x-amz-version-id
Io1Yyb7yTaaTUgUmHB4Rocu4AD64aOg6
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 19:29:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
5237233
etag
"1967ca4cf8c511190349a5b825105bf3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
33027
x-amz-cf-id
O9lkolT7gufDSAwv6xipmwG9aa4oEvT4xxzDsJxRrF9TI6W5ef00Gg==
282ace1a-getfreeaccess_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/
4 KB
5 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/282ace1a-getfreeaccess_1000000000000000000028.png
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-226.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
294f37e7f8ed9b16a67883c2e65f162d5722af41cedf6e192fb7bf3c42f9374c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 16:11:03 GMT
x-amz-version-id
umOguz6nVUKxDk4avTQzcescEOw4UcCd
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 19:29:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
5053971
etag
"46a7c09bf1a7d80ce4b631369d199184"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
4594
x-amz-cf-id
jwmNubQudq6Z_ypNio21eBEqc9HkYopypVDptOHOHxxB21GFCYMcag==
d252777d-ronp-dyz_105401y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/
2 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/freekit.birchgold.com/lf/ron-paul-hidden-strategy/d252777d-ronp-dyz_105401y000000000000028.png
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-226.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9e587fa477dacc79e1da36861b075cb1a9bb0a134c7bb9b96089c6490b82f78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 13:16:41 GMT
x-amz-version-id
fY.jnYgEUzxtfBNQ4JtpGMEWt2nKKuMl
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 19:29:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
5237233
etag
"6f886dd853b2f56e1339d965af84470c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1701
x-amz-cf-id
YXZJ3rhW0rzdy8_Qmqm4Uir5mM-GlueGdWLgi62QS35G8MXTHVKSPA==
i
events.ub-analytics.com/
43 B
282 B
Image
General
Full URL
https://events.ub-analytics.com/i?stm=1682049833219&e=pv&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&page=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=51812a24-4fe3-499b-99d0-e82441e610fa&dtm=1682049833217&vp=1600x1200&ds=1600x2339&vid=1&sid=2a81662d-8ddb-4d1d-8253-bafd1bf06001&duid=4d1cef2d-bb7c-49d6-8051-d22538039cb5&uid=e719e81f-7067-46f9-b9a1-5ec0323abdd5&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiYjg3ODczYzAtY2M1Yy00ZTk3LWJjNjAtNWM5NDc4MGI4MmM1IiwidmFyaWFudElkIjoiYiIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.88.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-88-80.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:03:53 GMT
server
akka-http/10.2.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
default.css
cdn.equalweb.com/style/
11 KB
3 KB
Fetch
General
Full URL
https://cdn.equalweb.com/style/default.css
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/2.0.7/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2172be828b0fd1ba4c0f653b83993eb11881e49e3be4f0fff04e482c04a0b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:03:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31341
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 09:32:18 GMT
server
cloudflare
etag
W/"07de495d2fd91:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8DgsXh3g6lzSpteyBneFqFZ08pDdoOq5pisgSCXhSWelDO76SHG3AtCYecDihTCY3qiO9lXcTOK4gsuXXgbRN3oqH8ExXMvLQ6pKevUxFmcysELOZW745rkO3w%2F%2BgRYC02jX1Pgg8DR4dloNvc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2204800
access-control-allow-credentials
true
x-frame-options
deny
x-client-country
DE
cf-ray
7bb2bd61d92e6957-FRA
btncolor.css
cdn.equalweb.com/style/
105 B
433 B
Fetch
General
Full URL
https://cdn.equalweb.com/style/btncolor.css
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/2.0.7/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:03:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
493476
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Mon, 11 Feb 2019 11:16:31 GMT
server
cloudflare
etag
W/"3f26cd3dfbc1d41:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ay5PZipyr3PeGm3dE%2BeIVSdFbrg8iyClaiFmyXNI8%2BhlfvPOw4fHUBlCVL5hZGjNKqyPOgFNN90Oi8EyupuuZoYmKND6XE%2FDJhEmtxlCVZS%2BSocOeTZJ%2B7VyoGRlxsAvDjOUO%2F4rkspeiAJbLbs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2204800
access-control-allow-credentials
true
x-frame-options
deny
x-client-country
DE
cf-ray
7bb2bd61d9316957-FRA
locale.js
cdn.equalweb.com/assets/scripts/
29 KB
10 KB
Fetch
General
Full URL
https://cdn.equalweb.com/assets/scripts/locale.js
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/2.0.7/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:03:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
504109
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Sun, 18 Apr 2021 07:22:31 GMT
server
cloudflare
etag
W/"80d59982334d71:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wM22GulE3Ewhd%2F5iuTe3%2BRjV%2B%2F74B6FOpt8%2BqA4kQga7X9uaY%2Brix5QJOhpr8lZFUVDLEKj4868dVnye1ZAwUhXjm4ovc9Nfor10wJ9FKK2Uaa8zKVGPL3MkCN2eg3olReX6Q%2FKP9XyNzLO7btY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2204800
access-control-allow-credentials
true
x-frame-options
deny
x-client-country
DE
cf-ray
7bb2bd61d9326957-FRA
collect
www.google-analytics.com/j/
4 B
213 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=243486015&t=pageview&_s=1&dl=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&dp=%2Flf%2Fron-paul-hidden-strategy%2Fb%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&ul=en-us&de=UTF-8&dt=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=826674401&gjid=1158237941&cid=1418012905.1682049833&tid=UA-26514599-1&_gid=1164677386.1682049833&_r=1&_slc=1&cd1=rphs&cd2=16168&cd3=&cd4=&z=1696086878
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://freekit.birchgold.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freekit.birchgold.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
353 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-26514599-1&cid=1418012905.1682049833&jid=826674401&gjid=1158237941&_gid=1164677386.1682049833&_u=YEBAAAAAAAAAACAAI~&z=925894791
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://freekit.birchgold.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 21 Apr 2023 04:03:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freekit.birchgold.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1014439656/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014439656/?random=1682049833413&cv=11&fst=1682049833413&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&hn=www.googleadservices.com&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&auid=1074033757.1682049833&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6077ba94631ee0391a6c9344160e5352bfbbd12f3976053d4c87deabb0ae2fbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
107 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Apr 2023 04:03:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
eR9JZZAkTHJT0lCtOco26TBr4xjwbuo2Cb5OqQntXAduiIbXLRpqZCBtY33Nr4zSgexZkjgW4qahPgyOD5qc9g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/970024165/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970024165/?random=1682049833423&cv=11&fst=1682049833423&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&hn=www.googleadservices.com&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&auid=1074033757.1682049833&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bcbadddfad3c601f8a677b8dd3f26be1002c6798a7a90ecfc192192fd71ffe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1014439656/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014439656/?random=1682049833424&cv=11&fst=1682049833424&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&hn=www.googleadservices.com&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&auid=1074033757.1682049833&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11d32fdad29c471ff73821b22a9473c890b7fe6941e8cd63a86b69016bf4e3d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/967420539/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/967420539/?random=1682049833425&cv=11&fst=1682049833425&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&hn=www.googleadservices.com&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&auid=1074033757.1682049833&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d226099d00d761fd35466cadf7f7cff8504b686dada3093c7a5a74c119f432c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1322
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/
40 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 21 Apr 2023 04:03:52 GMT
last-modified
Thu, 20 Apr 2023 19:01:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A907B2F97A5141EC94D460223416055E Ref B: FRAEDGE1311 Ref C: 2023-04-21T04:03:53Z
etag
"808c558fba73d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12036
47297.js
app.truconversion.com/ti-js/3907/
23 KB
6 KB
Script
General
Full URL
https://app.truconversion.com/ti-js/3907/47297.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.176.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-176-180.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cdbb95614bbc703901ae9fe65090d2c97f5a433eefa0d6d53f51970198e6c842
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' *.truconversion.com http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob:; style-src 'self' 'unsafe-inline' http: https:; img-src http: https: data: blob:; connect-src wss://*.truconversion.com wss://*.intercom.io wss://*.appcues.net wss://*.wistia.com wss://*.crisp.chat http: https: data: blob:; font-src http: https: data: blob:; object-src http: https:; media-src http: https: data: blob:; form-action 'self' http://*.truconversion.com https://*.truconversion.com;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Apr 2023 04:03:54 GMT
content-encoding
gzip
content-security-policy
default-src 'self'; frame-src 'self' *.truconversion.com http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob:; style-src 'self' 'unsafe-inline' http: https:; img-src http: https: data: blob:; connect-src wss://*.truconversion.com wss://*.intercom.io wss://*.appcues.net wss://*.wistia.com wss://*.crisp.chat http: https: data: blob:; font-src http: https: data: blob:; object-src http: https:; media-src http: https: data: blob:; form-action 'self' http://*.truconversion.com https://*.truconversion.com;
last-modified
Fri, 21 Apr 2023 04:03:03 GMT
server
nginx
etag
W/"64420af7-5a9f"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
cache-control
max-age=180, public, stale-while-revalidate=10, stale-if-error=10
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-xss-protection
1; mode=block
expires
Fri, 21 Apr 2023 04:06:53 GMT
a-00rm.min.js
b-code.liadm.com/
42 KB
14 KB
Script
General
Full URL
https://b-code.liadm.com/a-00rm.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f699eed586c8d9d40c848ea77e15846a351fd5c3d57c25dd9953722b3f7871cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 09:09:51 GMT
content-encoding
gzip
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
68042
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
sO1lee3sqLmdZ_rfjsY--8fwzVaAJsb9oMNJ39Fp8mxA_SDaw7jGeQ==
wr-713cbbfc21e9433f201f18c9fd24f46f.js
widget.wickedreports.com/v2/4607/
423 B
800 B
Script
General
Full URL
https://widget.wickedreports.com/v2/4607/wr-713cbbfc21e9433f201f18c9fd24f46f.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84463f84e396707899de77178763aa92e1fc1d76a110c57baa4a62b70a09d9c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 23:08:43 GMT
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 15:46:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
17711
x-amz-server-side-encryption
AES256
etag
"4ee99f9d2fb2767c85f88be71b230668"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
423
x-amz-cf-id
CrMUSCSsAiz_fI2fkOvp5Yi-D_NZJcXrlB7_9Gb9nOBUBrII2xG8-g==
js
www.googletagmanager.com/gtag/
241 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LT00S9FL51&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3cc00bf4d700c1f796665a53ef8331e1d4e1449240f40c4b4b06eeafe4af4bfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:03:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83563
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 21 Apr 2023 04:03:53 GMT
1014439656
google.com/pagead/form-data/
0
0
Ping
General
Full URL
https://google.com/pagead/form-data/1014439656?em=tv.1&gtm=45He34j0&auid=1074033757.1682049833
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

1014439656
google.com/ccm/form-data/
0
249 B
Ping
General
Full URL
https://google.com/ccm/form-data/1014439656?em=tv.1&gtm=45He34j0&auid=1074033757.1682049833
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV8Z63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freekit.birchgold.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spp.pl
sp.analytics.yahoo.com/
43 B
245 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=1000259693124&.yp=29351&js=no
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 21 Apr 2023 04:03:53 GMT
spp.pl
sp.analytics.yahoo.com/
43 B
633 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10026813
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 21 Apr 2023 04:03:53 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-26514599-1&cid=1418012905.1682049833&jid=826674401&_u=YEBAAAAAAAAAACAAI~&z=971024023
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-26514599-1&cid=1418012905.1682049833&jid=826674401&_u=YEBAAAAAAAAAACAAI~&z=971024023
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/
64 KB
21 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.102
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Apr 2023 04:03:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
0lbDCVpdvOhkVD33YpPVktNRgTilOTFkB/FEMYGuBK2puF/rS8BOp7rNLvt7m1aykB/qQQ4IijjMr8M2ca/2DA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
409099025899147
connect.facebook.net/signals/config/
150 KB
42 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/409099025899147?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d161094f46106545027f6881c9009cbe8cf6f4ad9cea6db82dbd904230604057
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Apr 2023 04:03:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
z22A4ibnJVB4/18pDuq4tAvsCR9MxatjWzVr1K2AgmMYTpFCSNd+/4G9SzGkBsLaX/XOfHf9mjcY0TJLc0jR0w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
widget.js
widget.wickedreports.com/
25 KB
8 KB
Script
General
Full URL
https://widget.wickedreports.com/widget.js
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/v2/4607/wr-713cbbfc21e9433f201f18c9fd24f46f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
144d8e97e6c7cf0fb2b2d6191c48d19aa5c161d157319b81368b98e44ca68524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 10:55:18 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 13:51:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
61716
etag
W/"98c4523724acf65082b7b3a28bcc3d2a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
y58RoVvhWLFsrwvCHuZNssEspHIsAi1sW7QEJUBBcQAsJ13VVTeH7w==
tfa.js
cdn.taboola.com/libtrc/unip/1079334/
58 KB
18 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1079334/tfa.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9649f6e09b20e057679635f6c95c97d984f6d77f15e373c177a0737a6d0ccf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
rg4Q27AXdgwW1bbUCcbG.TpQ1GalyESG
content-encoding
gzip
via
1.1 varnish
date
Fri, 21 Apr 2023 04:03:53 GMT
x-amz-request-id
HZCAQ9BQ5VYQE6H3
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
18201
x-amz-id-2
02wGYKvLKdOr+TaRXr+bU8f7loskNFpwKbPunomImc8ictcJUl/m3j+1xgtqSaOHIPHXyk6n5c0=
x-served-by
cache-fra-eddf8230109-FRA
last-modified
Sun, 16 Apr 2023 11:14:37 GMT
server
AmazonS3
x-timer
S1682049834.589798,VS0,VE236
etag
"b0cad9acdcf91300d9dd917f7a0b4297"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
22
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
ytc.js
s.yimg.com/wi/
16 KB
6 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:03:05 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
MTP8BCM11EQ6M8BW
age
49
x-amz-server-side-encryption
AES256
x-amz-id-2
6jRmL5CdRQiLJvkR5f3CF6IW9mDAXKPb8tT393eQ6xaT8hSlsbqYEj5nt+rip1I/ZSIhnoY3hAU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
MzDJGv9j
io.clickguard.com/s/cHJvdGVjdG9y/
8 KB
3 KB
Script
General
Full URL
https://io.clickguard.com/s/cHJvdGVjdG9y/MzDJGv9j
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4d1c9bdb92b780a390ce02250bd87c32156cf63a0393a01d92a401e4af9a0695

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 04:03:53 GMT
via
1.1 google
Content-Encoding
br
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
x-powered-by
Express
etag
W/"1eb0-iM0y+6o+M3IIermKXbfC3SwlJ8Y"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xfta2pQF%2BAIfHc90It%2FzNLfQVaok14NnGTE9Abi%2BEiAqOhFupZa1an5J3StnhdHmop9GWBYJxY%2BUmU21YSk1TlZjOEdn5GbAeozXPMbCNR%2FcTN%2BDH1xpIqUEzNz4VAVJ3tm1mfq6En0AexvJAVKe"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
7bb2bd641e6e362b-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:03:53 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230096-FRA
vpr.min.js
cdn.veritonic.com/static/
4 KB
2 KB
Script
General
Full URL
https://cdn.veritonic.com/static/vpr.min.js
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c800:1e:549f:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
561c37dd8e1b8a9bc6d9b5d9e620fa080452bf68ae4cf31ad2588697f82a88f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
lpM9pHakfw6gqKkC2wOrxLlrGh49F.Zh
content-encoding
gzip
via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
date
Thu, 20 Apr 2023 17:54:37 GMT
last-modified
Wed, 21 Sep 2022 16:23:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
36569
x-amz-server-side-encryption
AES256
etag
W/"2ad48ac6e466c6833db7b2a2a6f52c40"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ulmiAfaS9nuWOFrHhQfGKDZ04bI9eSwuH8SRqAlbZzIWLHiIphKuIw==
index.php
track.wickedreports.com/
118 B
342 B
XHR
General
Full URL
https://track.wickedreports.com/index.php?WickedClientID=4607&WickedEmail=&WickedTrackingDate=1682049833495&WickedURL=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&WickedReferrerURL=
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.175.100 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-175-100.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.3.27
Resource Hash
224817aa67fe338aa836adb286691aca0ddd72347359454da75f93f6506ecd98

Request headers

Referer
https://freekit.birchgold.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 04:03:53 GMT
server
nginx
x-powered-by
PHP/7.3.27
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
*
4021378.js
bat.bing.com/p/action/
0
117 B
Script
General
Full URL
https://bat.bing.com/p/action/4021378.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 21 Apr 2023 04:03:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1888C74C0DFD4818A5AC676FD5B2A6F3 Ref B: FRAEDGE1311 Ref C: 2023-04-21T04:03:53Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
284 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=4021378&Ver=2&mid=61a0addf-6426-4474-a79a-a0561df003f2&sid=87b59e10dff911edb3549b50dc737782&vid=87b5d670dff911edb8100d1502ee55b8&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&p=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&r=&lt=336&evt=pageLoad&sv=1&rn=394210
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 04:03:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 076A9943E6524A35A9F5525A01450264 Ref B: FRAEDGE1311 Ref C: 2023-04-21T04:03:53Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
258 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-LT00S9FL51&gtm=45je34j0&_p=243486015&_gaz=1&cid=1418012905.1682049833&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682049833&sct=1&seg=0&dl=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&dt=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LT00S9FL51&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freekit.birchgold.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LT00S9FL51&cid=1418012905.1682049833&gtm=45je34j0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LT00S9FL51&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freekit.birchgold.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LT00S9FL51&cid=1418012905.1682049833&gtm=45je34j0&aip=1&z=55207850
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredevents.js
connect.facebook.net/signals/plugins/
72 KB
22 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Apr 2023 04:03:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21972
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
3w89SALXRIZRAk9Br0JgB9Xwsv7sr2unFeOnpTI8PQuDgmRONGeJKoPF6qqPuxjVw1a2G5+V2OOxG1oFAcPjlw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=409099025899147&ev=PageView&dl=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&rl=&if=false&ts=1682049833564&sw=1600&sh=1200&ud[ph]=45569da57f4b7bf472d7a864ef4781451cae6383fee9fb0ae40c59aa1ce475b7&ud[fn]=4cfdde69bde68452d2921db3186d45b8bc825df51e16b94b9517471589eb4f6f&ud[ln]=55b5c51f8670181b0454a698c930ee641890c5c80b1e7da87e39a768aa8231ac&v=2.9.102&r=stable&ec=0&o=60&cs_est=true&fbp=fb.1.1682049833563.1499750024&it=1682049833460&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 21 Apr 2023 04:03:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/1014439656/
42 B
154 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1014439656/?random=1682049833413&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=1238816569&rmt_tld=0&ipr=y
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014439656/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1014439656/?random=1682049833413&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=1238816569&rmt_tld=1&ipr=y
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/970024165/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/970024165/?random=1682049833423&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=2619974259&rmt_tld=0&ipr=y
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/970024165/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/970024165/?random=1682049833423&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=2619974259&rmt_tld=1&ipr=y
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1014439656/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1014439656/?random=1682049833424&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=381880876&rmt_tld=0&ipr=y
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014439656/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1014439656/?random=1682049833424&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=381880876&rmt_tld=1&ipr=y
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/967420539/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/967420539/?random=1682049833425&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=540710221&rmt_tld=0&ipr=y
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/967420539/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/967420539/?random=1682049833425&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&frm=0&tiba=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&fmt=3&is_vtc=1&random=540710221&rmt_tld=1&ipr=y
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1682049833609&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzq6ggqfxt600a30scb4j7&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Fut...
  • https://rp4.liadm.com/j?dtstmp=1682049833609&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzq6ggqfxt600a30scb4j7&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Fu...
13 B
552 B
XHR
General
Full URL
https://rp4.liadm.com/j?dtstmp=1682049833609&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzq6ggqfxt600a30scb4j7&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&wpn=lc-bundle&c=PHRpdGxlPlJvbiBQYXVsIFJldmVhbHMgVGhlIE5leHQgQmlnIEZpbmFuY2lhbCBTY2FtPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj4&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NGU%3D&n3pc=true
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Server
3.216.127.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-127-149.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:03:54 GMT
x-pixel-event-id
614bb1e5-3f8b-4ec5-a67d-6b707b20d50e
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
5146a56617570e02
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Fri, 21 Apr 2023 04:03:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1682049833609&aid=a-00rm&se=e30&duid=d0b47f1b938f--01gygzq6ggqfxt600a30scb4j7&tna=v2.7.1&pu=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&wpn=lc-bundle&c=PHRpdGxlPlJvbiBQYXVsIFJldmVhbHMgVGhlIE5leHQgQmlnIEZpbmFuY2lhbCBTY2FtPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj4&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NGU%3D&n3pc=true
access-control-allow-origin
https://freekit.birchgold.com
request-time
0
access-control-allow-credentials
true
trace-id
32d892f04e295408
content-length
0
x-xss-protection
1; mode=block
adsct
t.co/1/i/
43 B
377 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=9d343e1e-cdad-41e0-8132-63c91d4e3b13&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9a98ef2f-69c0-42a5-9532-18ef1c9a6017&tw_document_href=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&tw_iframe_status=0&txn_id=o9xdj&type=javascript&version=2.3.29
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
112
date
Fri, 21 Apr 2023 04:03:53 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
0e5ff6b87d631375
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
e749ea695abc0b70d72cdbcbf6755c41caa43e626ae032c7df02c40bb3800132
content-length
43
adsct
analytics.twitter.com/1/i/
43 B
726 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=9d343e1e-cdad-41e0-8132-63c91d4e3b13&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9a98ef2f-69c0-42a5-9532-18ef1c9a6017&tw_document_href=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&tw_iframe_status=0&txn_id=o9xdj&type=javascript&version=2.3.29
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
111
date
Fri, 21 Apr 2023 04:03:53 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
0f33f411258b553a
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
cd66e83a992f3a135dff0572eaa0852c886d4f5deb0436b9d8ea60efb10add10
content-length
43
10026813.json
s.yimg.com/wi/config/
46 B
680 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10026813.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
08f8ce625caeebebe308d998c51f3ef4591ab01e762aa93260d8d063067ac65a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 11:29:22 GMT
x-amz-version-id
KPKMOX45MSqhGG74bjKNiQSxK.hf5hP6
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
XZW9YXNTHNBMJ14M
age
59672
x-amz-server-side-encryption
AES256
content-length
46
x-amz-id-2
cA2vyW6g/1HdOVCyLOjbr0kT69JKOoduF0nTbbql2ywqxI0853u1W1dT4vcrYDjnLzyxkL1YSb8=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 27 Sep 2022 22:00:05 GMT
server
ATS
etag
"ff1a19ec5f1fc72aaf53519db0ea74d2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
sp.pl
sp.analytics.yahoo.com/
43 B
78 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2021%20Apr%202023%2004%3A03%3A53%20GMT&n=0&b=Ron%20Paul%20Reveals%20The%20Next%20Big%20Financial%20Scam&.yp=10026813&f=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: freekit.birchgold.com
URL: https://freekit.birchgold.com/lf/ron-paul-hidden-strategy/?utm_medium=push&utm_campaign=nm&utm_source=nm&msid=16168&utm_content=rphs_v01d_041923&placement=rphs&cid=bgg_ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 04:03:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 21 Apr 2023 04:03:53 GMT
/
atr.veritonicmetrics.com/ Frame
0
0
Preflight
General
Full URL
https://atr.veritonicmetrics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.102.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-102-118.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://freekit.birchgold.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,OPTIONS,POST
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
DtaungE-IAMES_A=
content-length
43
content-type
image/gif
date
Fri, 21 Apr 2023 04:03:54 GMT
/
atr.veritonicmetrics.com/
13 B
132 B
XHR
General
Full URL
https://atr.veritonicmetrics.com/
Requested by
Host: cdn.veritonic.com
URL: https://cdn.veritonic.com/static/vpr.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.102.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-102-118.compute-1.amazonaws.com
Software
/
Resource Hash
b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9

Request headers

Referer
https://freekit.birchgold.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 21 Apr 2023 04:03:54 GMT
content-length
13
apigw-requestid
DtauogFDoAMES_A=
content-type
application/json
MzDJGv9j
io.clickguard.com/r/cHJvdGVjdG9y/ Frame
0
0
Preflight
General
Full URL
https://io.clickguard.com/r/cHJvdGVjdG9y/MzDJGv9j
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://freekit.birchgold.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7bb2bd651907918f-FRA
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Apr 2023 04:03:53 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tD0EGxMZOUgwBdDesDu59mEHequR6T%2Brq57EQErXY2Hr%2FHRAYLuZwlM3shpmn8c3D%2F%2F2I9Dn0gcIFtoacA%2BSvqxgrd9RojZOBLkWFiSSleNGZQ4CsBNnxYyuPWThGKLxCKvW76gq0fHZFDNibgCI"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST
via
1.1 google
x-powered-by
Express
MzDJGv9j
io.clickguard.com/r/cHJvdGVjdG9y/
0
664 B
XHR
General
Full URL
https://io.clickguard.com/r/cHJvdGVjdG9y/MzDJGv9j
Requested by
Host: io.clickguard.com
URL: https://io.clickguard.com/s/cHJvdGVjdG9y/MzDJGv9j
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://freekit.birchgold.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Fri, 21 Apr 2023 04:03:54 GMT
via
1.1 google
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
x-powered-by
Express
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlRbMGcszLJEZPQnth%2B8p0EFpraY%2FzsK0gtthhD2v4zJnBJB7TTcXE5we1rNPdZzWqufdQNIlHhpivviWNCUGmr7TlBOXlQiTTKS9Dz3lyF7UMAnns8nojFwlhxJEfrrP%2FMSzq7Be706GtxidlxZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
7bb2bd65e9b1918f-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
json
trc.taboola.com/1079334/trc/3/
3 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1079334/trc/3/json?tim=1682049833871&data=%7B%22id%22%3A958%2C%22ii%22%3A%22%2Flf%2Fron-paul-hidden-strategy%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1682049833849%2C%22cv%22%3A%2220230416-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-birchgold-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1682049833869%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1079334/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94bf3f600ac9af5023bea5dc6211252ed81ead31fa116418c6d0144816ec6bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Fri, 21 Apr 2023 04:03:53 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230109-FRA
server
nginx
x-timer
S1682049834.890045,VS0,VE19
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
tc-app-v442.js
cdn.truconversion.com/
292 KB
83 KB
Script
General
Full URL
https://cdn.truconversion.com/tc-app-v442.js
Requested by
Host: app.truconversion.com
URL: https://app.truconversion.com/ti-js/3907/47297.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:0:e:8cfd:cf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bf2232e8f0591fce417af3c4a2f07a3d7caff19e6d58d9ed5a194ef9164c4dc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 07:57:44 GMT
content-encoding
gzip
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1022770
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Mon, 05 Sep 2022 10:32:56 GMT
server
nginx/1.18.0
etag
W/"6315d058-491b0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, immutable
x-amz-cf-id
A95lRZW4KhI3q6ErFjvSZ5XRq93DE32-l0JieKslmm2lEUXAsxPetw==
expires
Mon, 08 Apr 2024 07:57:44 GMT
_tcvars.html
cdn.truconversion.com/pixel/ Frame 7832
1006 B
821 B
Document
General
Full URL
https://cdn.truconversion.com/pixel/_tcvars.html?r=https://freekit.birchgold.com
Requested by
Host: cdn.truconversion.com
URL: https://cdn.truconversion.com/tc-app-v442.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:0:e:8cfd:cf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6c6266b24d55ff81b02e8d33386804506d04029ab872280fc4991fb716eaaea4

Request headers

Referer
https://freekit.birchgold.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1022772
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000 public, immutable
content-encoding
br
content-type
text/html
date
Sun, 09 Apr 2023 07:57:42 GMT
etag
W/"60af7ee8-3ee"
expires
Mon, 08 Apr 2024 07:57:42 GMT
last-modified
Thu, 27 May 2021 11:13:44 GMT
pragma
public
server
nginx/1.18.0
vary
Accept-Encoding
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-id
AKW4rWG1MXrmWlCpAvniCsSm2elRObfnXmNd1YluWsFqKQ6sE44xsA==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
_stcv19.html
cdn.truconversion.com/pixel/ Frame 5686
3 KB
1 KB
Document
General
Full URL
https://cdn.truconversion.com/pixel/_stcv19.html?origin=https://freekit.birchgold.com&fp=731d2ea0.cac1.e564.2467.e124a24d6700&tclid=undefined
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:0:e:8cfd:cf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7655d08638dde85b3d2a5a72ea8ba722088520e1bdace042803818511c362b1b

Request headers

Referer
https://freekit.birchgold.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1022771
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000 public, immutable
content-encoding
br
content-type
text/html
date
Sun, 09 Apr 2023 07:57:43 GMT
etag
W/"5d106c3f-c3a"
expires
Mon, 08 Apr 2024 07:57:43 GMT
last-modified
Mon, 24 Jun 2019 06:22:55 GMT
pragma
public
server
nginx/1.18.0
vary
Accept-Encoding
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-id
sPQcTLh9M-mUDxVohCuIk9-aaaYmPxhZEY7Ql5mhGqff0ThRk2LZNA==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
unip
trc-events.taboola.com/1079334/log/3/
0
251 B
XHR
General
Full URL
https://trc-events.taboola.com/1079334/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1682049833861&ver=36&isls=true&src=i&invt=1500&msa=1139&rv=1&tim=1682049835420&vi=1682049833849&ri=cb1ba716e13d1a0dd3e28623bd3e3b2c&ref=null&cv=20230416-8-RELEASE&item-url=https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1079334/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freekit.birchgold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://freekit.birchgold.com
pragma
no-cache
date
Fri, 21 Apr 2023 04:03:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| $ function| jQuery object| lp object| ub function| getParameterByName function| readCookie function| getUnbouncePageVariant string| params string| placement string| msid string| split string| send_date string| GoogleAnalyticsObject function| ga function| getCookie undefined| email object| dataLayer object| UnbounceSnowplowNamespace function| ubSnowplow object| interdeal function| setCookie function| checkCookie function| getUrlParameter function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe object| google_tag_manager_external object| GooglebQhCsO function| fbq function| _fbq object| uetq object| _tip object| wrWidgetSettings function| loadWR object| LI object| __li__evt_bus object| liQ object| liQ_instances object| _tfa object| dotq function| cg_convert function| twq function| vpr function| _wr function| UET function| UET_init function| UET_push object| ueto_e5805eab2a function| onYouTubeIframeAPIReady object| regeneratorRuntime object| twttr object| YAHOO object| tracker function| SimpleTracker object| _0xf102 function| _0x20fb object| CG function| _cg_convert object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| _tcBootstrap function| tcjs function| domainNameParser object| tcConfigs function| hmd5 object| tcBase64 function| tiInit function| ratePlugin object| ua object| bt number| _tcMaxPVCount number| _tcMinPVCount number| _tcPVTimeCount boolean| _tiInitCalled number| _tcSessTimeOut number| ioErrorCounter object| sockConfigs function| _tcBootCookie function| _tcJSONStringer function| _tcMakeJSONString function| _tcJSONParser function| _tcResolveDependency function| ip2long function| _euIPProtection function| _tcIPProtection function| _tcLocationProtection function| _tcApplyPolicy function| _tcLinkFingerPrint function| _tcBoot object| socket function| _$ undefined| jq string| _dmn string| _tcProviderName string| _ver string| bots object| botReges boolean| isBot object| _tcConsole function| _connectTC function| _tcRemoteVars function| UAParser object| markdown function| io object| sessInfo number| cDate function| asyncInit string| appName object| sockData number| longIp boolean| isIPExclude function| stringify function| makeJSON function| parseJSON function| trim function| closest function| _tcObfuscation function| _tcPageContent function| _getStyledRules function| _tcGetBaseUrl function| _tcPageStyleSheet function| _t_gchref function| _t_gcdt undefined| _t_lchp undefined| _t_lchrp function| _t_sbt undefined| _t_bro undefined| _t_clsr undefined| _t_dnsr function| _t_gcv function| _t_stcok function| _t_referralAsLocationObject function| _t_getSearchEngine function| _t_getParameterByName function| _t_isPageIncluded function| _t_getUTCTime function| _t_convetToTimeString function| _t_dateGenerator function| _t_uidhash function| _t_mkuidh function| _t_escapeHtml function| _tcEventCB function| tcHmEvents function| tcEvents function| _tcIdentifier function| _tcRunTools function| _reRunTools function| sniff undefined| locationSniffer function| getTcLid boolean| _tcUKPIdRecieved function| _t_pjsonpr function| _t_gtipvars function| _t_puprc function| _t_uprc function| _t_ppdts function| _t_pdtper function| _t_poe function| _t_ctae function| _t_valem function| _t_valph function| _t_plgctae function| _t_npse function| _t_ofpkdisp function| _t_raev function| _t_cbev function| _t_bev function| _t_clsepke function| _t_ldpkeqm function| _t_feev function| _t_ddset function| _t_aopkdisp function| _t_sgdd function| _t_sgmd function| _t_gdpd function| _t_mkdes function| _t_ppqs function| _t_pplgs function| _t_ppms function| _t_hidemscr function| _t_ppmqs function| _t_lnps function| _t_gmpc function| _t_gpct function| _t_phc function| _t_pbc function| _t_psc function| _t_gdpr function| _t_pfc function| _t_gqma function| _t_gqsa function| _t_gqsl function| _t_gqml function| _t_dtrm function| _t_dtrd function| _t_dtry function| _t_gqdt function| _t_gqna function| _t_gqra function| _t_pglgobt function| _t_pgqabt function| _t_hlsw function| _t_evsl function| _t_revsl function| _t_exiso function| _t_revmol function| _t_evmol function| _t_shpkob function| _t_idbuc function| _t_pktb function| _t_cifrv function| _t_exspb function| _t_idftv function| _t_vaope function| _t_idfwb function| _t_wspkdisp function| _t_svcok function| _t_spvcok function| rhex function| s2blmd5 function| add function| rol function| cmn function| ff function| gg function| hh function| ii number| nblk object| blks object| x number| a number| b number| c number| d number| olda number| oldb number| oldc number| oldd number| j undefined| _t_crp number| hmDataLen undefined| _t_hmTakeScreenShot function| _t_fu_beforeunload undefined| tcanalytics function| _tcjs undefined| _handleTriggeredEvents undefined| _tcCaptureAssets

37 Cookies

Domain/Path Name / Value
freekit.birchgold.com/lf/ron-paul-hidden-strategy/ Name: ubpv
Value: b%2Cb87873c0-cc5c-4e97-bc60-5c94780b82c5
freekit.birchgold.com/lf/ron-paul-hidden-strategy Name: trcksesh
Value: d5e04b2f-a6da-4e43-8bfd-ae2746f6049b
freekit.birchgold.com/ Name: ubvs
Value: e719e81f-7067-46f9-b9a1-5ec0323abdd5
.birchgold.com/ Name: ubvt
Value: v2%7Ce719e81f-7067-46f9-b9a1-5ec0323abdd5%7Cb87873c0-cc5c-4e97-bc60-5c94780b82c5%3Ab%3Asingle
.birchgold.com/ Name: placement
Value: rphs
.birchgold.com/ Name: utm_content
Value: rphs_v01d_041923
.birchgold.com/ Name: msid
Value: 16168
.birchgold.com/ Name: utm_medium
Value: push
.birchgold.com/ Name: utm_campaign
Value: nm
.birchgold.com/ Name: utm_source
Value: nm
.birchgold.com/ Name: cid
Value: bgg_ad
.birchgold.com/ Name: _gid
Value: GA1.2.1164677386.1682049833
.birchgold.com/ Name: _gat
Value: 1
.birchgold.com/ Name: _gcl_au
Value: 1.1.1074033757.1682049833
.birchgold.com/ Name: _li_dcdm_c
Value: .birchgold.com
.birchgold.com/ Name: _lc2_fpi
Value: d0b47f1b938f--01gygzq6ggqfxt600a30scb4j7
.birchgold.com/ Name: wickedfu
Value: %7B%22url%22%3A%22https%3A%2F%2Ffreekit.birchgold.com%2Flf%2Fron-paul-hidden-strategy%2F%3Futm_medium%3Dpush%26utm_campaign%3Dnm%26utm_source%3Dnm%26msid%3D16168%26utm_content%3Drphs_v01d_041923%26placement%3Drphs%26cid%3Dbgg_ad%22%2C%22time%22%3A1682049833495%2C%22c%22%3A4607%7D
.birchgold.com/ Name: _uetsid
Value: 87b59e10dff911edb3549b50dc737782
.birchgold.com/ Name: _uetvid
Value: 87b5d670dff911edb8100d1502ee55b8
.birchgold.com/ Name: _ga_LT00S9FL51
Value: GS1.1.1682049833.1.0.1682049833.60.0.0
.birchgold.com/ Name: _ga
Value: GA1.1.1418012905.1682049833
.bing.com/ Name: MUID
Value: 021789B128906AD827749B4B29426B6D
.birchgold.com/ Name: _fbp
Value: fb.1.1682049833563.1499750024
.yahoo.com/ Name: A3
Value: d=AQABBCkLQmQCEKc6QqEANbocv6BdCRQ1qWAFEgEBAQFcQ2RLZAAAAAAA_eMAAA&S=AQAAAsXyNgtUJxdGErWsc_mKgTc
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.t.co/ Name: muc_ads
Value: 2b4f4237-8c75-4fda-8e3e-110983bdcfe6
.twitter.com/ Name: guest_id_marketing
Value: v1%3A168204983374651175
.twitter.com/ Name: guest_id_ads
Value: v1%3A168204983374651175
.twitter.com/ Name: personalization_id
Value: "v1_YHmQOLoWGg77NlKnPOdwZQ=="
.twitter.com/ Name: guest_id
Value: v1%3A168204983374651175
.liadm.com/ Name: lidid
Value: 14d18330-a54d-4952-85c7-a5c75025cb8a
.freekit.birchgold.com/ Name: _tcSessInfo
Value: {"timestamp":1682049834084,"pageView":1}
.freekit.birchgold.com/ Name: _tcSecSess
Value: {"sess":"a81c8840500acd4b8b4a3475b19","device_type":"desktop","ip":"185.213.155.x","tcvfp":"731d2ea0-cac1-e564-2467-e124a24d6700","locale":"en_US","country":"DE","city":"Frankfurt am Main","region":"HE","timestamp":1682049834925}
.freekit.birchgold.com/ Name: _tcfpup
Value: 1682049834950
.freekit.birchgold.com/ Name: ti_ukp
Value: 731d2ea0.cac1.e564.2467.e124a24d6700
.freekit.birchgold.com/ Name: _tisfrv
Value: uu:bb0082e4b77664545aadde00eb7abe33|v:1|sts:1682049834952|cst:1682049834952
.freekit.birchgold.com/ Name: _tiupvc
Value: ["cc2fa91423ada21a37f47cc274a86255"]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
app.truconversion.com
atr.veritonicmetrics.com
b-code.liadm.com
bat.bing.com
builder-assets.unbounce.com
cdn.equalweb.com
cdn.taboola.com
cdn.truconversion.com
cdn.veritonic.com
connect.facebook.net
d2xxq4ijfwetlm.cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
freekit.birchgold.com
google.com
googleads.g.doubleclick.net
io.clickguard.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
s.yimg.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
track.wickedreports.com
trc-events.taboola.com
trc.taboola.com
widget.wickedreports.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.244.42.131
104.244.42.133
13.32.118.18
141.226.228.48
146.75.116.157
151.101.193.44
18.64.79.57
18.66.147.38
2001:4860:4802:32::36
212.82.100.181
2600:1f18:730:b120:ab75:64db:b6e2:17e3
2600:9000:211e:c800:1e:549f:95c0:93a1
2600:9000:223c:0:e:8cfd:cf40:93a1
2600:9000:223c:3800:8:8845:1500:93a1
2600:9000:2250:f000:1d:11cf:5800:93a1
2606:4700:20::681a:c5f
2606:4700:20::ac43:44c4
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:802::200a
2a00:1450:4001:806::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.139.175.100
3.216.127.149
3.221.88.80
3.69.136.55
52.10.176.180
52.222.250.226
54.158.102.118
000497d098847c13d6d87e046fdabe2b78971aadb7948d46dc473eabd730f954
08f8ce625caeebebe308d998c51f3ef4591ab01e762aa93260d8d063067ac65a
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f0bfe04984e0cc564dbcf5eff357acf5121bbef08913f0e5aeb1fa56d3d77e9
11d32fdad29c471ff73821b22a9473c890b7fe6941e8cd63a86b69016bf4e3d6
144d8e97e6c7cf0fb2b2d6191c48d19aa5c161d157319b81368b98e44ca68524
224817aa67fe338aa836adb286691aca0ddd72347359454da75f93f6506ecd98
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
294f37e7f8ed9b16a67883c2e65f162d5722af41cedf6e192fb7bf3c42f9374c
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
305981fa61c0c69ef524ef786b3d9bb08b55cf2c67abb6414a9bdd97d50962ba
3cc00bf4d700c1f796665a53ef8331e1d4e1449240f40c4b4b06eeafe4af4bfe
44fd62e26ee123b8f6b0185ee13ebba129e8b8c9ef43bfb912c1b23093476bbc
45a86e5f17ab675ca652ce1d577bd5fafd96d99a1195cbe71431d498cc929bae
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
4d1c9bdb92b780a390ce02250bd87c32156cf63a0393a01d92a401e4af9a0695
550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281
561c37dd8e1b8a9bc6d9b5d9e620fa080452bf68ae4cf31ad2588697f82a88f6
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5dc4c52ad9b22df4e2f70580e03de8ba2b2a3fc8ec48edfb0a2bb8e858975c2c
6077ba94631ee0391a6c9344160e5352bfbbd12f3976053d4c87deabb0ae2fbf
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
6c6266b24d55ff81b02e8d33386804506d04029ab872280fc4991fb716eaaea4
7655d08638dde85b3d2a5a72ea8ba722088520e1bdace042803818511c362b1b
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7d226099d00d761fd35466cadf7f7cff8504b686dada3093c7a5a74c119f432c
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
84463f84e396707899de77178763aa92e1fc1d76a110c57baa4a62b70a09d9c4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bcbadddfad3c601f8a677b8dd3f26be1002c6798a7a90ecfc192192fd71ffe7
94bf3f600ac9af5023bea5dc6211252ed81ead31fa116418c6d0144816ec6bd7
9649f6e09b20e057679635f6c95c97d984f6d77f15e373c177a0737a6d0ccf9d
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
a52754e83a842557fc7f0b9f8d270a6e24df4141cd16a7e522872096f89e9640
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9
b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
bf2232e8f0591fce417af3c4a2f07a3d7caff19e6d58d9ed5a194ef9164c4dc9
ca2a4fc99d09ed851fa1cd014f88b2e8cb1b2e998f0ae5f3d8a5456623fe9cf0
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cdbb95614bbc703901ae9fe65090d2c97f5a433eefa0d6d53f51970198e6c842
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d161094f46106545027f6881c9009cbe8cf6f4ad9cea6db82dbd904230604057
e2172be828b0fd1ba4c0f653b83993eb11881e49e3be4f0fff04e482c04a0b42
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e587fa477dacc79e1da36861b075cb1a9bb0a134c7bb9b96089c6490b82f78
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f699eed586c8d9d40c848ea77e15846a351fd5c3d57c25dd9953722b3f7871cc