urlscan.io logo urlscan.io
SecurityTrails logo

offers.goldalliedtrustpromos1.com Open in urlscan Pro
104.21.51.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/rgzhptzbl5xmoojx/9466e73.html
Effective URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Submission: On September 15 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 24 HTTP transactions. The main IP is 104.21.51.96, located in and belongs to CLOUDFLARENET, US. The main domain is offers.goldalliedtrustpromos1.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2021. Valid for: a year.
This is the only time offers.goldalliedtrustpromos1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.250.102.128 15169 (GOOGLE)
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 1 185.158.114.228 44812 (IPSERVER-...)
1 1 18.191.145.131 16509 (AMAZON-02)
1 1 13.57.253.186 16509 (AMAZON-02)
1 1 172.67.178.133 13335 (CLOUDFLAR...)
1 104.21.51.96 13335 (CLOUDFLAR...)
2 13.224.94.58 16509 (AMAZON-02)
2 13.224.94.74 16509 (AMAZON-02)
11 13.224.89.26 16509 (AMAZON-02)
1 142.251.36.10 15169 (GOOGLE)
1 44.193.101.206 ()
4 142.250.179.195 15169 (GOOGLE)
24 9
1    142.250.102.128 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f128.1e100.net
storage.googleapis.com
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    185.158.114.228 (Russian Federation)

ASN44812 (IPSERVER-RU-NET Fiord, RU)
PTR: task.roadslifetimes.com
placestogo.org.uk
1    18.191.145.131 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-191-145-131.us-east-2.compute.amazonaws.com
itabirik.com
1    13.57.253.186 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-57-253-186.us-west-1.compute.amazonaws.com
eilloc.com
1    172.67.178.133 (United States)

ASN13335 (CLOUDFLARENET, US)
offer.goldalliedtrustpromos1.com
1    104.21.51.96 (None, )

ASN13335 (CLOUDFLARENET, US)
offers.goldalliedtrustpromos1.com
2    13.224.94.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-58.zrh50.r.cloudfront.net
builder-assets.unbounce.com
2    13.224.94.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-74.zrh50.r.cloudfront.net
d34qb8suadcc4g.cloudfront.net
11    13.224.89.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-26.zrh50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    142.251.36.10 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s44-in-f10.1e100.net
fonts.googleapis.com
1    44.193.101.206 (None, )

ASN- ()
events.ub-analytics.com
4    142.250.179.195 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s42-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
11 d9hhrg4mnvzow.cloudfront.net offers.goldalliedtrustpromos1.com
4 fonts.gstatic.com fonts.googleapis.com
2 d34qb8suadcc4g.cloudfront.net offers.goldalliedtrustpromos1.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com offers.goldalliedtrustpromos1.com
1 events.ub-analytics.com offers.goldalliedtrustpromos1.com
1 fonts.googleapis.com builder-assets.unbounce.com
1 offers.goldalliedtrustpromos1.com
1 offer.goldalliedtrustpromos1.com 1 redirects
1 eilloc.com 1 redirects
1 itabirik.com 1 redirects
1 placestogo.org.uk 1 redirects
1 bit.ly 1 redirects
1 storage.googleapis.com
24 13

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-26 -
2022-01-25		 a year crt.sh
*.unbounce.com
Amazon		 2021-03-10 -
2022-04-08		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.ub-analytics.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Frame ID: F886D6E56BB921336B2D3F03DBE4EB0B
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://storage.googleapis.com/rgzhptzbl5xmoojx/9466e73.html Page URL
  2. https://bit.ly/3tDo7Im HTTP 301
    http://placestogo.org.uk/file.html?cbbbbcccQjglcw97ycdcCJcGcwYYKckzFcbbbbc HTTP 302
    http://itabirik.com/?E=u1Iz1B0E7iK4oyOuu5Hi6IYeZ9uj%2bKn%2b&s1=2_20002_2472931&s2=1701_6062584_2... HTTP 302
    https://eilloc.com/?E=u1Iz1B0E7iK4oyOuu5Hi6IYeZ9uj%2bKn%2b&s1=2_20002_2472931&s2=1701_6062584_2... HTTP 302
    http://offer.goldalliedtrustpromos1.com/?c=138&s1=4697&s2=377878019&s3=2_20002_2472931&s4=GAT1 HTTP 302
    https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

897 kB
Transfer

1114 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/rgzhptzbl5xmoojx/9466e73.html Page URL
  2. https://bit.ly/3tDo7Im HTTP 301
    http://placestogo.org.uk/file.html?cbbbbcccQjglcw97ycdcCJcGcwYYKckzFcbbbbc HTTP 302
    http://itabirik.com/?E=u1Iz1B0E7iK4oyOuu5Hi6IYeZ9uj%2bKn%2b&s1=2_20002_2472931&s2=1701_6062584_2528174_35&s3=1&s5=1o2owzn HTTP 302
    https://eilloc.com/?E=u1Iz1B0E7iK4oyOuu5Hi6IYeZ9uj%2bKn%2b&s1=2_20002_2472931&s2=1701_6062584_2528174_35&s3=1&s5=1o2owzn&ckmguid=4168fae3-5a15-4516-83be-9a6cb2a81851 HTTP 302
    http://offer.goldalliedtrustpromos1.com/?c=138&s1=4697&s2=377878019&s3=2_20002_2472931&s4=GAT1 HTTP 302
    https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
9466e73.html
storage.googleapis.com/rgzhptzbl5xmoojx/ 		162 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/rgzhptzbl5xmoojx/9466e73.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.128 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f128.1e100.net
Software
UploadServer /
Resource Hash
10890e60420c5f8274d819ff0fbc3e35f395b53ba72318ec31a3d4b3ceb8091d

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/rgzhptzbl5xmoojx/9466e73.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdv4yc9fagiyofKJ5Bwb-mMwlVifKp4Wh_5rF0feZkvReYwxfK9IeMHx-Tlj8lt2e1J48yDStkGGHza7VLtr0M4
expires
Wed, 15 Sep 2021 11:10:09 GMT
date
Wed, 15 Sep 2021 10:10:09 GMT
cache-control
public, max-age=3600
last-modified
Tue, 14 Sep 2021 15:38:24 GMT
etag
"531b1d04c09c5ac23f1c5eefb0e628c7"
x-goog-generation
1631633904283515
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
162
content-type
text/html
x-goog-hash
crc32c=rLU4/A== md5=UxsdBMCcWsI/HF7vsOYoxw==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
162
server
UploadServer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Primary Request /
offers.goldalliedtrustpromos1.com/offer-1/
Redirect Chain
  • https://bit.ly/3tDo7Im
  • http://placestogo.org.uk/file.html?cbbbbcccQjglcw97ycdcCJcGcwYYKckzFcbbbbc
  • http://itabirik.com/?E=u1Iz1B0E7iK4oyOuu5Hi6IYeZ9uj%2bKn%2b&s1=2_20002_2472931&s2=1701_6062584_2528174_35&s3=1&s5=1o2owzn
  • https://eilloc.com/?E=u1Iz1B0E7iK4oyOuu5Hi6IYeZ9uj%2bKn%2b&s1=2_20002_2472931&s2=1701_6062584_2528174_35&s3=1&s5=1o2owzn&ckmguid=4168fae3-5a15-4516-83be-9a6cb2a81851
  • http://offer.goldalliedtrustpromos1.com/?c=138&s1=4697&s2=377878019&s3=2_20002_2472931&s4=GAT1
  • https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
71 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.51.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b12fb88ff0a72a4d46aa17eec5b310e53bcc18db4f1b8a7c707a5c5eb0c049

Request headers

:method
GET
:authority
offers.goldalliedtrustpromos1.com
:scheme
https
:path
/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://storage.googleapis.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/rgzhptzbl5xmoojx/9466e73.html

Response headers

date
Wed, 15 Sep 2021 10:10:12 GMT
content-type
text/html; charset=UTF-8
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
421d8b9b-3c46-44c1-993b-6393b7f6eb6e
last-modified
Tue, 26 Jan 2021 23:28:49 GMT
x-unbounce-visitorid
f45ed63a-5cd7-42a7-bb39-67323d4f9e74
x-unbounce-variant
ck
content-location
https://offers.goldalliedtrustpromos1.com/offer-1/
link
<https://offers.goldalliedtrustpromos1.com/offer-1/>; rel="canonical"
set-cookie
ubpv=ck%2C421d8b9b-3c46-44c1-993b-6393b7f6eb6e; Max-Age=15897600; Expires=Fri, 18 Mar 2022 10:10:12 GMT; Path=/offer-1/; SameSite=Lax ubvs=f45ed63a-5cd7-42a7-bb39-67323d4f9e74; Max-Age=15552000; Expires=Mon, 14 Mar 2022 10:10:12 GMT; Path=/; SameSite=Lax ubvt=f45ed63a-5cd7-42a7-bb39-67323d4f9e74; Max-Age=259200; Expires=Sat, 18 Sep 2021 10:10:12 GMT; Path=/; Domain=goldalliedtrustpromos1.com; SameSite=Lax
x-proxy-backend
page-server
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLrHqYVWg8JmzRTVBtSwtM8JvcKggTCzWT6T5ngqmIdaXd4ZPA43zJPrS75ijw6uxZ%2Fr9SFf90AlfP8JkuzZrj7QkTkN0l1FRAqB7QdZK5nHTrXxWm0c%2FGM35s8rpx3yhgVNccM1MeV9vz4WILpG9fZEU6Q%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68f1105d59b40814-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Wed, 15 Sep 2021 10:10:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/5.6.40
set-cookie
PHPSESSID=i9idbmcc62ppr4efguvftssnc6; path=/
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache, must-revalidate
pragma
no-cache
location
https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6A3MdatcXUWzxEX%2BuWmaaIAfyDozJ4uSumMXN2to7JnNd0CdWxeRwCvVWqNsZZ26A%2BHg8PIvBRzFZ3pTYKmF1ARrNGnyxvOfrmTzxts5Ry0b2W235gk46b%2Fk4O0VVxazRLWUN8mL%2FqCrraFGQ9ZDfx%2FAuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
68f110598e212cbf-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-58.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 01:12:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:15 GMT
server
AmazonS3
age
19213075
etag
"387bd017c5b4c65e427e652174ec93b6"
x-cache
Hit from cloudfront
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
uj1BZVLvLrpSBJChVMKhrJt0v1rb3s-DzgS3ugfa2WsTsxrs8AdR9Q==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-74.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 03 May 2021 00:38:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
11698295
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
_Kr78C_i-a6ytgNQTdUYvlG0gnVwaoB61h-azuVJQGfU4KNQACRK2A==
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-58.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 18:29:16 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:10 GMT
server
AmazonS3
age
2648457
etag
"bb50eefe0cf9244bc17fe34bb55821bb"
x-cache
Hit from cloudfront
x-amz-version-id
ipR703zeXb6Y9CZFo9gIWbPXuPKHmpp3
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33645
x-amz-cf-id
1VwYXhvBnfzTPHiuZC5-nNs8yrMRaqO7qpCPLGBRF_ycwgdPNldvUA==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-74.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:20:35 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
16800578
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
faDDzXC4y00keQp1fFdPwcfQsCfg1HOnFhwuZwJedEmW-ZStPWYzdw==
125950e4-96363c9337b2d1aad24323b1d9efda72_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		339 KB
339 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/125950e4-96363c9337b2d1aad24323b1d9efda72_100000000000000000001o.jpg
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cdf5a15d1aaf2bf5b2e30c1396b95c121eb8bc119e6f67c2605e583b7f81515

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 15:15:37 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1364076
etag
"1232cf4688e7691c4e15a0a72f410407"
x-cache
Hit from cloudfront
x-amz-version-id
1LKis6NQ2GP5rReAkhuj8o.Fb5y_w66D
cache-control
max-age=31557600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
346753
x-amz-cf-id
C9uIc16v-o-uC6PWDX2rHcyjmw3_EBtg4MZ5obsc1p0Ri1OMes70UA==
b64ebc9a-us-federal-reserve-eccles-building-1937_11hc14d00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		233 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/b64ebc9a-us-federal-reserve-eccles-building-1937_11hc14d00000000000001o.jpg
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31adfb3d3f4ca480f91d7898d0eeb6df9400cdf730e3490df1c8821d89c492ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 17:18:42 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1356691
etag
"75c08b74e67ce0a584abffbb0de66ca9"
x-cache
Hit from cloudfront
x-amz-version-id
maU8rNTAy_HNF1YJAoQBkG4D9.RrIs7l
cache-control
max-age=31557600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
238261
x-amz-cf-id
HH1mxx_1BsAtueIZuEVo8hBRTgIBR3ARYif9jmmSZ_qhGmvj3Y22Tg==
c9a3dd1b-4458-4575-9b26-02ca60048ebe
https://offers.goldalliedtrustpromos1.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://offers.goldalliedtrustpromos1.com/c9a3dd1b-4458-4575-9b26-02ca60048ebe
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:regular,700,italic%7CCinzel:700%7COpen+Sans:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s44-in-f10.1e100.net
Software
ESF /
Resource Hash
5ae5eace35f14c20f7690a555152ba7db6c10d221ec155a1b46646810be18ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 10:10:13 GMT
server
ESF
date
Wed, 15 Sep 2021 10:10:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Sep 2021 10:10:13 GMT
760e1d64-registered-member-badge_106101v000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/760e1d64-registered-member-badge_106101v000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
befcd7b511ab56b0fb5ecf878049325987d7b9986b54903c4fce0c573302940c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:15:20 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
248093
etag
"766a0e4d0136a067933edd237ceb17a2"
x-cache
Hit from cloudfront
x-amz-version-id
vg7zLO_ln.bhmDMMCXI1e.t2nusI_qxu
cache-control
max-age=31557600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/png
content-length
4567
x-amz-cf-id
H_BJdnxiMZzt9xf15WxS8znEtfesPZzRY74pEuR1Zs9-DVTyIKrErw==
aa21286d-3d-guide_10bd078000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/aa21286d-3d-guide_10bd078000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f53c3f09dacbe9f55ccdf83770bdd72a7ddec202213ab53fe67e85c377afa017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:15:20 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
248093
etag
"be8b035294afb1b61a878f931122051e"
x-cache
Hit from cloudfront
x-amz-version-id
Nh9UXq.p2cCb5UewCJoTXOLnPd8VbQhE
cache-control
max-age=31557600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/png
content-length
14657
x-amz-cf-id
9U6rmetpWAy472zREYFWfuonu9-iyCr4i68fNkvTbTBB80yxbV3oXw==
8bab1bd0-gold-seal_104u041000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/8bab1bd0-gold-seal_104u041000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8a30f4404da024333d5ab897c1e6b2eb11eba83fadcdcdc04fc3486be4d1f01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 17:18:43 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1356690
etag
"4ac83065e541c2c6a5fc3ce80ea38ad9"
x-cache
Hit from cloudfront
x-amz-version-id
OrCFjp.rXVNRWbQOFUYDighunw.R1dOY
cache-control
max-age=31557600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/png
content-length
11194
x-amz-cf-id
-pnwmsdyhNtKJMnTEx7KEHki6z1LeYmGu0glqAUP-sgVCtEsBofE1g==
dd611516-logo-1_108u01u000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/dd611516-logo-1_108u01u000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8b6c42d100d6d75b00eb6cd9644bb33612d05a5fc3b8e1c36ad032525f36808

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:15:21 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:49 GMT
server
AmazonS3
age
248092
etag
"27c641d6878752b6d80de1fef2a4e101"
x-cache
Hit from cloudfront
x-amz-version-id
CCqx8ZjTerK307R3TDzLV0BNYMmpqY2i
cache-control
max-age=31557600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/png
content-length
3878
x-amz-cf-id
bAV-vYsnKOOsA7HBnonmvTbXKSk_Tlj5UjW0IBkPHFqAYugAgfHTdQ==
c1c59d34-egt-marchemails-01-1-2_10em03n000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/c1c59d34-egt-marchemails-01-1-2_10em03n000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ff43fc396eb068efcae3048235e59c3465e1d0c69ebd8956f844edea7f9f746

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 17:18:43 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:49 GMT
server
AmazonS3
age
1356690
etag
"ca1da4ebd15d79a79387db8ef530793f"
x-cache
Hit from cloudfront
x-amz-version-id
v3guqUFjzI37ha_3po0UZRnRfNNQx8Ic
cache-control
max-age=31557600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/png
content-length
12757
x-amz-cf-id
NrAuMNBEwvSx8KNXsKklqY6a6sbDEz5Y62OOpQfTnHJpWp2pF_j7mA==
36pq2g-1557857466-42814232-600x250-shutterstock-1943168_10a2047000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/36pq2g-1557857466-42814232-600x250-shutterstock-1943168_10a2047000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58d8d4f85fd186c088db79550207148cf74caa5170e378d9b057f1bb9b4f0c1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 17:18:43 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1356690
etag
"1b6f452f8dadbe7f8499cb450801ed14"
x-cache
Hit from cloudfront
x-amz-version-id
I46kXKg1vdSw1YFkzYQfXIL1RgBfaoTL
cache-control
max-age=31557600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/png
content-length
24904
x-amz-cf-id
9t1SiGNLrAEl910xTgUAnAWQGPH4jVoXZizqALZZuf_cz_dOAx5W7Q==
1a4df83f-s-l400-1_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/1a4df83f-s-l400-1_1000000000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c67b4c5a3249daaa23101c082be583ef87b28b983168f1ca176bd59f14d7e2ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 15:15:37 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1364076
etag
"e54851af920307f1a08b6173689c7045"
x-cache
Hit from cloudfront
x-amz-version-id
A4Z0FQFWMKEa3Z0jF_WHGNETrW.EKKqz
cache-control
max-age=31557600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/png
content-length
56454
x-amz-cf-id
SXRSj4rcRmFhh7yUCgh1SIgCA3bga3ApouBjgOJqEZfHPKMUvcFhYg==
c1c59d34-egt-marchemails-01-1-2_10cq036000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/c1c59d34-egt-marchemails-01-1-2_10cq036000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e81bdef25a50dd26d27898847e06b3fb27acfc2215c47a5e1a175eeded9a9bd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 14:30:11 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:49 GMT
server
AmazonS3
age
502802
etag
"1c2e6cc8c75cf62bb6baf433b5b96cef"
x-cache
Hit from cloudfront
x-amz-version-id
syn6sJRQAwXBejP2Jcw0dQjS4MSJbB7x
cache-control
max-age=31557600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/png
content-length
10684
x-amz-cf-id
qPCYb0pHwP6VHRPYnpW7_X_SBM6BAC3_7iaWWGs7uOk3jddJI2YWow==
48d46777-188-1884205-better-business-bureau-accredited-bussiness-better-business-bureau-2_104s022000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/48d46777-188-1884205-better-business-bureau-accredited-bussiness-better-business-bureau-2_104s022000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f38109a7f83195dd3f5d1ef8748fd8c15ee54ae7f57de75b6578cdc210cf615

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 17:18:43 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1356690
etag
"7cafe8a99afadcc03fb58baf1e0840fb"
x-cache
Hit from cloudfront
x-amz-version-id
EQB_xqeuBmzGgoNffVOpgDf4OSoZtWCT
cache-control
max-age=31557600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/png
content-length
1548
x-amz-cf-id
_CegfOrAkD9nQrzj8FIpZq-fyw5xVWAOj0AOaMfTePolLGp75YI-Dw==
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1631700612959&e=pv&url=https%3A%2F%2Foffers.goldalliedtrustpromos1.com%2Foffer-1%2F%3Flp_request_id%3D6141c68467954%26lp_s2%3D377878019&refr=https%3A%2F%2Fstorage.googleapis.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=9334eacb-a42c-4c86-a482-9438bd2bfcaf&dtm=1631700612958&vp=1600x1200&ds=1600x1453&vid=1&sid=f834a88d-06b7-4112-880b-82fbaae639ce&duid=0567c529-82f4-43e4-932a-d4d147ef271d&uid=f45ed63a-5cd7-42a7-bb39-67323d4f9e74&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNDIxZDhiOWItM2M0Ni00NGMxLTk5M2ItNjM5M2I3ZjZlYjZlIiwidmFyaWFudElkIjoiY2siLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=6141c68467954&lp_s2=377878019
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.101.206 -, , ASN (),
Reverse DNS
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Sep 2021 10:10:13 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:regular,700,italic%7CCinzel:700%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s42-in-f3.1e100.net
Software
sffe /
Resource Hash
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrustpromos1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 12:48:12 GMT
x-content-type-options
nosniff
age
163321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:29:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 12:48:12 GMT
8vIU7ww63mVu7gtR-kwKxNvkNOjw-jHgfY3lDQ.woff2
fonts.gstatic.com/s/cinzel/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cinzel/v11/8vIU7ww63mVu7gtR-kwKxNvkNOjw-jHgfY3lDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:regular,700,italic%7CCinzel:700%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s42-in-f3.1e100.net
Software
sffe /
Resource Hash
8a8766fb80ee5f488c37a65ab90907126206369bcc241deb9c97cc04ef0a2883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrustpromos1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 09:14:04 GMT
x-content-type-options
nosniff
age
262569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14336
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 23:14:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 09:14:04 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:regular,700,italic%7CCinzel:700%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s42-in-f3.1e100.net
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrustpromos1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:57:05 GMT
x-content-type-options
nosniff
age
123188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 23:57:05 GMT
nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:regular,700,italic%7CCinzel:700%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s42-in-f3.1e100.net
Software
sffe /
Resource Hash
9c225d8e629ad78e5d577a4cb4f400351d2ec232da542b89be98e43a6a4c9fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrustpromos1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 00:06:36 GMT
x-content-type-options
nosniff
age
122617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29328
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:30:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 00:06:36 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| ub object| module object| UnbounceSnowplowNamespace function| ubSnowplow function| fixfirstnm function| fixlastnm function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow

8 Cookies

Domain/Path Name / Value
offers.goldalliedtrustpromos1.com/offer-1/ Name: ubpv
Value: ck%2C421d8b9b-3c46-44c1-993b-6393b7f6eb6e
.bit.ly/ Name: _bit
Value: l8faa9-b57d117ff0d2667718-00s
.eilloc.com/ Name: sfd
Value: 0pUr/+We6Bo2jU2PaJqQbIBvOx/AGUY0ye+UWrUnDDdiQmcQRMR9JA==
.eilloc.com/ Name: ti
Value: jkYgsPjDP7TMsobs2i0k8oBvOx/AGUY0ye+UWrUnDDdiQmcQRMR9JA==
.eilloc.com/ Name: c5945
Value: 0pUr/+We6BoLuD+dFTZjRw5UTYjIYhOGv4AMu2rU+PEy3c9qSNS3VA==
offer.goldalliedtrustpromos1.com/ Name: PHPSESSID
Value: i9idbmcc62ppr4efguvftssnc6
offers.goldalliedtrustpromos1.com/ Name: ubvs
Value: f45ed63a-5cd7-42a7-bb39-67323d4f9e74
.goldalliedtrustpromos1.com/ Name: ubvt
Value: f45ed63a-5cd7-42a7-bb39-67323d4f9e74

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
eilloc.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
itabirik.com
offer.goldalliedtrustpromos1.com
offers.goldalliedtrustpromos1.com
placestogo.org.uk
storage.googleapis.com
104.21.51.96
13.224.89.26
13.224.94.58
13.224.94.74
13.57.253.186
142.250.102.128
142.250.179.195
142.251.36.10
172.67.178.133
18.191.145.131
185.158.114.228
44.193.101.206
67.199.248.11
05b12fb88ff0a72a4d46aa17eec5b310e53bcc18db4f1b8a7c707a5c5eb0c049
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
10890e60420c5f8274d819ff0fbc3e35f395b53ba72318ec31a3d4b3ceb8091d
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
31adfb3d3f4ca480f91d7898d0eeb6df9400cdf730e3490df1c8821d89c492ac
3ff43fc396eb068efcae3048235e59c3465e1d0c69ebd8956f844edea7f9f746
58d8d4f85fd186c088db79550207148cf74caa5170e378d9b057f1bb9b4f0c1f
5ae5eace35f14c20f7690a555152ba7db6c10d221ec155a1b46646810be18ecd
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8a8766fb80ee5f488c37a65ab90907126206369bcc241deb9c97cc04ef0a2883
8f38109a7f83195dd3f5d1ef8748fd8c15ee54ae7f57de75b6578cdc210cf615
9c225d8e629ad78e5d577a4cb4f400351d2ec232da542b89be98e43a6a4c9fac
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9cdf5a15d1aaf2bf5b2e30c1396b95c121eb8bc119e6f67c2605e583b7f81515
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
b8b6c42d100d6d75b00eb6cd9644bb33612d05a5fc3b8e1c36ad032525f36808
befcd7b511ab56b0fb5ecf878049325987d7b9986b54903c4fce0c573302940c
c67b4c5a3249daaa23101c082be583ef87b28b983168f1ca176bd59f14d7e2ef
c8a30f4404da024333d5ab897c1e6b2eb11eba83fadcdcdc04fc3486be4d1f01
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
e81bdef25a50dd26d27898847e06b3fb27acfc2215c47a5e1a175eeded9a9bd3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f53c3f09dacbe9f55ccdf83770bdd72a7ddec202213ab53fe67e85c377afa017