urlscan.io logo urlscan.io
SecurityTrails logo

offers.goldalliedtrust.com Open in urlscan Pro
3.224.141.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s3.us-west-2.amazonaws.com/907882909938884/72474006#cl/30362_d/118/70270/3591/415/1268603
Effective URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Submission: On April 30 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 2 countries across 26 domains to perform 62 HTTP transactions. The main IP is 3.224.141.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is offers.goldalliedtrust.com.
TLS certificate: Issued by R3 on March 15th 2022. Valid for: 3 months.
This is the only time offers.goldalliedtrust.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.92.195.32 16509 (AMAZON-02)
1 1 5.161.103.241 213230 (HETZNER-C...)
1 1 52.7.26.155 14618 (AMAZON-AES)
1 193.163.199.234 49392 (ASBAXETN)
1 1 44.238.137.84 16509 (AMAZON-02)
1 3.224.141.128 14618 (AMAZON-AES)
2 52.85.61.29 16509 (AMAZON-02)
2 2600:9000:220... 16509 (AMAZON-02)
1 151.101.65.131 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 54.230.244.109 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 4 2600:9000:220... 16509 (AMAZON-02)
12 54.230.244.203 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 104.26.11.16 13335 (CLOUDFLAR...)
1 52.85.61.126 16509 (AMAZON-02)
1 3.213.248.16 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
11 2607:f8b0:400... 15169 (GOOGLE)
7 9 54.196.215.0 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 23.52.162.21 16625 (AKAMAI-AS)
1 69.173.151.100 26667 (RUBICONPR...)
2 2 18.234.11.64 14618 (AMAZON-AES)
1 2 3.218.90.66 14618 (AMAZON-AES)
1 64.202.112.31 23352 (SERVERCEN...)
1 104.36.115.109 62713 (AS-PUBMATIC)
1 141.226.224.48 200478 (TABOOLA-AS)
1 2 76.223.111.18 16509 (AMAZON-02)
62 27
1    52.92.195.32 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3.us-west-2.amazonaws.com
1    5.161.103.241 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.241.103.161.5.clients.your-server.de
manacht.info
1    52.7.26.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-26-155.compute-1.amazonaws.com
sbrchkr.com
1    193.163.199.234 (Hong Kong)

ASN49392 (ASBAXETN, RU)
nmychoice.com
1    44.238.137.84 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-137-84.us-west-2.compute.amazonaws.com
goldalliancecapital.leadspediatrack.com
1    3.224.141.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-141-128.compute-1.amazonaws.com
offers.goldalliedtrust.com
2    52.85.61.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-29.ewr53.r.cloudfront.net
builder-assets.unbounce.com
2    2600:9000:2209:ae00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
1    151.101.65.131 (United States)

ASN54113 (FASTLY, US)
b2d28e392c5a4d84a0046772c716ac37.js.ubembed.com
1    2606:4700:3034::ac43:9550 (United States)

ASN13335 (CLOUDFLARENET, US)
rawgit.com
6    54.230.244.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-244-109.ewr53.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net
3    2607:f8b0:4006:806::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2600:9000:2209:2000:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
12    54.230.244.203 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-244-203.ewr53.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    2607:f8b0:4006:80f::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.26.11.16 (United States)

ASN13335 (CLOUDFLARENET, US)
settings.luckyorange.net
1    52.85.61.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-126.ewr53.r.cloudfront.net
assets.ubembed.com
1    3.213.248.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-248-16.compute-1.amazonaws.com
events.ub-analytics.com
1    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
11    2607:f8b0:4006:81d::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    54.196.215.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-215-0.compute-1.amazonaws.com
d.adroll.com
1    2607:f8b0:4006:80f::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    18.234.11.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-11-64.compute-1.amazonaws.com
pixel.advertising.com
2    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    64.202.112.31 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
Apex Domain
Subdomains		 Transfer
20 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d10lpsik1i8c69.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
350 KB
13 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2338
d.adroll.com — Cisco Umbrella Rank: 1449
26 KB
11 gstatic.com
fonts.gstatic.com
301 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 333
739 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 281
589 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 394
815 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 503
2 KB
2 ubembed.com
b2d28e392c5a4d84a0046772c716ac37.js.ubembed.com
assets.ubembed.com — Cisco Umbrella Rank: 9005
48 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 15979
36 KB
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 871
221 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 796
588 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 770
477 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
798 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 71
447 B
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 22073
245 B
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 7003
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
2 KB
1 rawgit.com
rawgit.com — Cisco Umbrella Rank: 7402
20 KB
1 goldalliedtrust.com
offers.goldalliedtrust.com
18 KB
1 leadspediatrack.com
goldalliancecapital.leadspediatrack.com
317 B
1 nmychoice.com
nmychoice.com
432 B
1 sbrchkr.com
sbrchkr.com
728 B
1 manacht.info
manacht.info
354 B
1 amazonaws.com
s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 2624
503 B
62 26
Domain Requested by
12 d9hhrg4mnvzow.cloudfront.net offers.goldalliedtrust.com
11 fonts.gstatic.com fonts.googleapis.com
9 d.adroll.com 7 redirects s.adroll.com
6 d10lpsik1i8c69.cloudfront.net offers.goldalliedtrust.com
d10lpsik1i8c69.cloudfront.net
4 s.adroll.com 1 redirects offers.goldalliedtrust.com
s.adroll.com
3 www.google-analytics.com offers.goldalliedtrust.com
www.google-analytics.com
2 eb2.3lift.com 1 redirects offers.goldalliedtrust.com
2 ups.analytics.yahoo.com 1 redirects offers.goldalliedtrust.com
2 pixel.advertising.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects offers.goldalliedtrust.com
2 d34qb8suadcc4g.cloudfront.net offers.goldalliedtrust.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com offers.goldalliedtrust.com
1 sync.taboola.com offers.goldalliedtrust.com
1 image2.pubmatic.com offers.goldalliedtrust.com
1 sync.outbrain.com offers.goldalliedtrust.com
1 pixel.rubiconproject.com offers.goldalliedtrust.com
1 www.google.com offers.goldalliedtrust.com
1 stats.g.doubleclick.net www.google-analytics.com
1 events.ub-analytics.com offers.goldalliedtrust.com
1 assets.ubembed.com b2d28e392c5a4d84a0046772c716ac37.js.ubembed.com
1 settings.luckyorange.net d10lpsik1i8c69.cloudfront.net
1 fonts.googleapis.com builder-assets.unbounce.com
1 rawgit.com offers.goldalliedtrust.com
1 b2d28e392c5a4d84a0046772c716ac37.js.ubembed.com offers.goldalliedtrust.com
1 offers.goldalliedtrust.com nmychoice.com
1 goldalliancecapital.leadspediatrack.com 1 redirects
1 nmychoice.com s3.us-west-2.amazonaws.com
1 sbrchkr.com 1 redirects
1 manacht.info 1 redirects
1 s3.us-west-2.amazonaws.com
62 30

This site contains no links.

Subject Issuer Validity Valid
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
nmychoice.com
R3		 2022-03-15 -
2022-06-13		 3 months crt.sh
offers.goldalliedtrust.com
R3		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.unbounce.com
Amazon		 2022-02-08 -
2023-03-09		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2022-01-04 -
2023-02-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
assets.ubembed.com
Amazon		 2022-02-04 -
2023-03-05		 a year crt.sh
*.ub-analytics.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-10 -
2022-10-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Frame ID: E92B425565DCE3EA90DAC01676B09613
Requests: 60 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=ce8f9a1
Frame ID: 3E9A0B01904D0979C13C57BC222C0AF5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Gold Information Kit Gold Allied Trust

Page URL History Show full URLs

  1. https://s3.us-west-2.amazonaws.com/907882909938884/72474006 Page URL
  2. http://manacht.info/cl/30362_d/118/70270/3591/415/1268603 HTTP 302
    https://sbrchkr.com/?a=4&c=1324&s1=118&s2=30362_1&s3=415_1268603_70270_5655554_d HTTP 302
    https://nmychoice.com/0/0/0/7b8a7a633941445752b2f28b05f78986/4/1793128/ Page URL
  3. https://goldalliancecapital.leadspediatrack.com/?c=128&s1=350562&s2=711033114 HTTP 302
    https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ubembed\.com
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

62
Requests

82 %
HTTPS

27 %
IPv6

26
Domains

30
Subdomains

27
IPs

2
Countries

825 kB
Transfer

1563 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s3.us-west-2.amazonaws.com/907882909938884/72474006 Page URL
  2. http://manacht.info/cl/30362_d/118/70270/3591/415/1268603 HTTP 302
    https://sbrchkr.com/?a=4&c=1324&s1=118&s2=30362_1&s3=415_1268603_70270_5655554_d HTTP 302
    https://nmychoice.com/0/0/0/7b8a7a633941445752b2f28b05f78986/4/1793128/ Page URL
  3. https://goldalliancecapital.leadspediatrack.com/?c=128&s1=350562&s2=711033114 HTTP 302
    https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://manacht.info/cl/30362_d/118/70270/3591/415/1268603 HTTP 302
  • https://sbrchkr.com/?a=4&c=1324&s1=118&s2=30362_1&s3=415_1268603_70270_5655554_d HTTP 302
  • https://nmychoice.com/0/0/0/7b8a7a633941445752b2f28b05f78986/4/1793128/
Request Chain 13
  • https://s.adroll.com/j/exp/OY5U2XF66JDZRAGS5V5SIK/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 48
  • https://d.adroll.com/cm/index/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&advertisable=OY5U2XF66JDZRAGS5V5SIK HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&expiration=1682828954 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&expiration=1682828954&C=1
Request Chain 49
  • https://d.adroll.com/cm/n/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&advertisable=OY5U2XF66JDZRAGS5V5SIK HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&expires=365
Request Chain 50
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&advertisable=OY5U2XF66JDZRAGS5V5SIK HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP17317f09-c83e-11ec-be78-0e4c13160ddf HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP17317f09-c83e-11ec-be78-0e4c13160ddf&verify=true
Request Chain 51
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&advertisable=OY5U2XF66JDZRAGS5V5SIK HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU
Request Chain 52
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&advertisable=OY5U2XF66JDZRAGS5V5SIK HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 53
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&advertisable=OY5U2XF66JDZRAGS5V5SIK HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU
Request Chain 54
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&advertisable=OY5U2XF66JDZRAGS5V5SIK HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
72474006
s3.us-west-2.amazonaws.com/907882909938884/ 		147 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-2.amazonaws.com/907882909938884/72474006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.195.32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
147
Content-Type
text/html
Date
Sat, 30 Apr 2022 04:29:12 GMT
ETag
"9eed194bd9c7d1afc681bd93a631ece5"
Last-Modified
Thu, 28 Apr 2022 20:48:28 GMT
Server
AmazonS3
x-amz-id-2
LxCXNzVdkw2RqBFR5mhI/csdNXxdYlVnuhhNe9fjjcj+yqbdeDrA1e7y0zI1qQp+K1dyu7yhDu4=
x-amz-request-id
3X87YQ2GBYK58P69
/
nmychoice.com/0/0/0/7b8a7a633941445752b2f28b05f78986/4/1793128/
Redirect Chain
  • http://manacht.info/cl/30362_d/118/70270/3591/415/1268603
  • https://sbrchkr.com/?a=4&c=1324&s1=118&s2=30362_1&s3=415_1268603_70270_5655554_d
  • https://nmychoice.com/0/0/0/7b8a7a633941445752b2f28b05f78986/4/1793128/
140 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nmychoice.com/0/0/0/7b8a7a633941445752b2f28b05f78986/4/1793128/
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/907882909938884/72474006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.163.199.234 , Hong Kong, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://s3.us-west-2.amazonaws.com/907882909938884/72474006#cl/30362_d/118/70270/3591/415/1268603
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
140
content-type
text/html; charset=UTF-8
date
Sat, 30 Apr 2022 04:29:13 GMT
server
Apache

Redirect headers

Cache-Control
private
Connection
close
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 30 Apr 2022 04:29:12 GMT
Location
https://nmychoice.com/0/0/0/7b8a7a633941445752b2f28b05f78986/4/1793128/
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Primary Request /
offers.goldalliedtrust.com/offer-2/
Redirect Chain
  • https://goldalliancecapital.leadspediatrack.com/?c=128&s1=350562&s2=711033114
  • https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
128 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Requested by
Host: nmychoice.com
URL: https://nmychoice.com/0/0/0/7b8a7a633941445752b2f28b05f78986/4/1793128/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.224.141.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-141-128.compute-1.amazonaws.com
Software
/
Resource Hash
75c3641f6de8c0590fed04e7dd7487756884a9e934e29299aa2f4985fa2e0098

Request headers

Referer
https://nmychoice.com/0/0/0/7b8a7a633941445752b2f28b05f78986/4/1793128/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

connection
close
content-encoding
gzip
content-location
https://offers.goldalliedtrust.com/offer-2/
content-type
text/html; charset=UTF-8
date
Sat, 30 Apr 2022 04:29:14 GMT
etag
"ak:89282c61e8ff366f6300d654f14519cb"
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
link
<https://offers.goldalliedtrust.com/offer-2/>; rel="canonical"
p3p
CP="This is not a privacy policy."
transfer-encoding
chunked
x-proxy-backend
page-server
x-unbounce-pageid
2a421d4c-9d11-420d-89fb-6064c27288bf
x-unbounce-variant
ak
x-unbounce-visitorid
1d72b864-6825-4341-861a-544a494eae58

Redirect headers

cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 30 Apr 2022 04:29:13 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
pragma
no-cache
server
Apache/2.4.46 (Amazon) PHP/5.6.40
x-powered-by
PHP/5.6.40
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-29.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 15:40:35 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 22:28:54 GMT
server
AmazonS3
age
3502120
etag
"43729a62fb549c1f6784cd5cc32082e0"
x-cache
Hit from cloudfront
x-amz-version-id
kJDetr_gaa4mXuLbtL4sIGZNSy2Uu.RY
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
2P_MWbb5DK0o8omd80S_zkJEq8GWs_HJYw6RXFsGyQIpjHWTBHylfg==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:ae00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 15:40:35 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
3502120
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
qxB2pfHCW7j-NGVINCKcrY1kN9GcRQNYxuay63w7FoErVD9s6wpS2A==
/
b2d28e392c5a4d84a0046772c716ac37.js.ubembed.com/ 		482 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b2d28e392c5a4d84a0046772c716ac37.js.ubembed.com/
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ae691dd9114b864021e021ccceec1dde44333d68d71d784f0854210df70fe5a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 04:29:14 GMT
content-encoding
br
x-backend-region
us_east_1
age
5390
etag
W/71eff23cd9c0f22438c76122e5bc899a-v0.179.2
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
EWR53-P1
accept-ranges
none
x-amz-apigw-id
RX7h-HIEoAMFZRQ=
progressbar.js
rawgit.com/kimmobrunfeldt/progressbar.js/1.0.0/dist/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rawgit.com/kimmobrunfeldt/progressbar.js/1.0.0/dist/progressbar.js
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d04e293cbb5bc943a3fa34eeedc2bd97cd7c05833aaf863a9c8687dd9302728
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 04:29:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57
content-type
application/javascript;charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rawgit-cache-status
HIT
x-robots-tag
none
server
cloudflare
etag
W/"955abbdcf3eee4f0ce21943c429e6ef9cccca6ebfb580ece2ba49d0141b06616"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUe1v%2BT8thchw4ucAVSahNwK3H840iICo1dMFwyO0w6Cxwd1onOc0tXytlpfc0R9Lpn%2F1oDwKG12U8Yc0ElhnWunnVXoMWdp5UfRSmIpm%2BJSbo6gbM2A0ajV%2FNGkvjydJ2afH9EZxBoU"}],"group":"cf-nel","max_age":604800}
sunset
Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=3600, s-maxage=300
cf-ray
703d8902ec8c32e8-EWR
link
<https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
main.bundle-bdbf0bb.z.js
builder-assets.unbounce.com/published-js/ 		103 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-bdbf0bb.z.js
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-29.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdbf0bb9b89e4db6550fc67b627a228a48f5f43d2192fe2cdf1c00bc9758a5ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 03:59:46 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 22:28:48 GMT
server
AmazonS3
age
3889769
etag
"505f303188fc706cbb0b3682c86fbbe4"
x-cache
Hit from cloudfront
x-amz-version-id
GiOX2dKjR70mgh3_1QLMson5Dgqx_5D4
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
content-length
33486
x-amz-cf-id
U-cwX3Ml1z8D2mknRCbbkBj29INrnbHELvig2EaczSkjZHxQH78r3g==
w.js
d10lpsik1i8c69.cloudfront.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-109.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ef6b24ec78bb3ac4bdfa91d2abf4d9f2d4b543ad54c411d50e4307fc8677110

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 04:26:00 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 22:59:53 GMT
server
AmazonS3
age
195
etag
W/"eb0a40c00c97d9640177205882172295"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
x33NlwaxjoI1CL6dU0Tjn7qxFsGU5EM7YLshhx37ImF3FFVZ_q7XwA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6112
date
Sat, 30 Apr 2022 02:47:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 30 Apr 2022 04:47:22 GMT
roundtrip.js
s.adroll.com/j/OY5U2XF66JDZRAGS5V5SIK/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/OY5U2XF66JDZRAGS5V5SIK/roundtrip.js
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6216777104b966aca659d1a2593c867d9a807a75653cf5ed028dd16c91dd4660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id
QEX7vuRvEePnPan219qQKYUdfPhvzOsD
Content-Encoding
gzip
Etag
W/"66165e3c824a957130f25eda95476a27"
Age
2056
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
Last-Modified
Mon, 25 Apr 2022 12:52:23 GMT
Server
AmazonS3
Date
Sat, 30 Apr 2022 04:29:14 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
EWR53-P1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
wqbFe327r3xoS3wduDys4xmeWfVrUcCdc8t-HIrQVw-2W16WlbCF-g==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:ae00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 15:40:35 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
3502120
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
VBU3NHRkW5_jrhGN0NraYvi6uBkFXYL5BIWef9TINO91xkJpzwZUXQ==
8561d0aa-photo-1566041510394-cf7c8fe21800_10000000u00m20000bg01o.jpg
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/8561d0aa-photo-1566041510394-cf7c8fe21800_10000000u00m20000bg01o.jpg
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77b6639bc764194edbff8e617666fc4cda83f29a63c94346d21e596ee638bca6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 16:48:40 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 22 Mar 2022 14:54:28 GMT
server
AmazonS3
age
3325235
etag
"19b135899676146fbf7370e89a19562b"
x-cache
Hit from cloudfront
x-amz-version-id
Sy8kCBFBD4fVQobEDa8wJPa3mNKRJItL
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/jpeg
content-length
16929
x-amz-cf-id
QZa-nvh1YHBH4dVNsXPpdLilSM3RRABJTfEGUooVAb7sD0NYECmVeA==
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/OY5U2XF66JDZRAGS5V5SIK/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
HTTP/1.1
Server
2600:9000:2209:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id
Yo1foR6FJ6WFFBWqTYM2cazsDqVdFv1D
Via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
Age
19906
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 03 Mar 2022 22:40:46 GMT
Server
AmazonS3
Date
Fri, 29 Apr 2022 22:57:29 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
EWR53-P1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
tA6sT7uLigo534JyWCwnoivlE0A4RUR23LX4_NSimZTysbStz9Najw==

Redirect headers

Date
Fri, 29 Apr 2022 07:28:01 GMT
Via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
Age
75672
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
EWR53-P1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
5GwI1ziY8elifvXQRfuI0rA_anBFRGBeAWRTFt5BrHCfZB6ZjPKGKA==
a0a603ec-397d-4de1-ab4c-56e4f1bd4182
https://offers.goldalliedtrust.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://offers.goldalliedtrust.com/a0a603ec-397d-4de1-ab4c-56e4f1bd4182
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-bdbf0bb.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-bdbf0bb.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
14abc3f6471c6a23f6e439fa126a183a12e3347f5c33b202e0694cbee0b40ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 Apr 2022 04:29:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 30 Apr 2022 04:29:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Apr 2022 04:29:14 GMT
collect
www.google-analytics.com/j/ 		4 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1188949249&t=pageview&_s=1&dl=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&dr=https%3A%2F%2Fnmychoice.com%2F&dp=%2Foffer-2%2Fak%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&ul=en-us&de=UTF-8&dt=Free%20Gold%20Information%20Kit%20Gold%20Allied%20Trust&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=369991926&gjid=1231223091&cid=1743824833.1651292954&tid=UA-111255625-1&_gid=565416450.1651292954&_r=1&_slc=1&z=1029693274
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.goldalliedtrust.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 04:29:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offers.goldalliedtrust.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dd611516-logo-1_106r01f000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/dd611516-logo-1_106r01f000000000000028.png
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54b46cefac2e24d018fc12e986e4a8786f9a82715a8a59c7c7ed5fa577a7b9b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:19:36 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
server
AmazonS3
age
2642979
etag
"d77cbfb72ce6557856bff61186876411"
x-cache
Hit from cloudfront
x-amz-version-id
fRoKdBvcKwAY9JBP3Xn4Tzm0NBVIDK2A
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
2718
x-amz-cf-id
uytChxiTf82wzubDpL2Dgnfw1PpKtfFJykhrjbP3fl1Z2PznNjyNRA==
5dbea25c-gat-bookcover-removebg-preview_10cx0ac0cx09500000l028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/5dbea25c-gat-bookcover-removebg-preview_10cx0ac0cx09500000l028.png
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1da7efbc127aa7bf6cac628c914d0824004f4b25231b54e0689f5032a02a57aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 02:47:26 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
server
AmazonS3
age
2079709
etag
"49f9ef7c35aa63c79a1ad54c9728305e"
x-cache
Hit from cloudfront
x-amz-version-id
zg6Zv70Hkc6r3M76op1svFJ0yMHWTL.8
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
33860
x-amz-cf-id
xUdySCpnnyNrmfaeje70ojs7HNWCIK6Lu2QGOVOQL2Ys_szq1R-xMQ==
cd5b8606-9_10ke0jf0fd0fd02j02a028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/cd5b8606-9_10ke0jf0fd0fd02j02a028.png
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c0419dbcbb2388012bef7d292040f9693629ec4a8eac05178aeb4ee95808c94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 20:57:46 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
server
AmazonS3
age
2014289
etag
"a5ea678a72839f4063d0a166fb13f541"
x-cache
Hit from cloudfront
x-amz-version-id
YXCqhd10xquZ23whrhNrU048d_UAKHow
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
9622
x-amz-cf-id
9oGIcQiL37RUu5x_g_l2uUqqwwCLA46LVUlyDJy1cexCuYtpkcXVdQ==
b6d1e856-7_10gz08t03u08e000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/b6d1e856-7_10gz08t03u08e000000028.png
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e225f8f59e968e8b2589a6da89517eaed388a4b4ba0d511e46fa05e7872102e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 20:57:45 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
server
AmazonS3
age
2014289
etag
"f8a42633ef2ae4b2c41a7d8be129af38"
x-cache
Hit from cloudfront
x-amz-version-id
2yXW2SE2IqnYIlVOPrz3GCn4tMrlOBtW
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
2636
x-amz-cf-id
AqpvoVQOzdIe56bMLlGDGVoINGLoPSi5JBYvI8UKqdwn-7AlRVR1uw==
9888b78f-8_10e80b9000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/9888b78f-8_10e80b9000000000000028.png
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd1be4db44c6a60723098db16fd942aa159b70e2c05eae10aafbd469665c46e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 20:57:46 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
server
AmazonS3
age
2014289
etag
"531e0511c680ae702985fd21583c3e01"
x-cache
Hit from cloudfront
x-amz-version-id
Ay87xpfcH8UBkR4re653.1lNpt0QOt3b
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
62345
x-amz-cf-id
DvvAzbyZPL6bPFXR-oYrWkM7cjOvRCsvPPHo1iqMXP8CP9tZGPXh4Q==
32cffe27-gat-bookcover-removebg-preview-2_10ec0bh0b80bh01k000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/32cffe27-gat-bookcover-removebg-preview-2_10ec0bh0b80bh01k000028.png
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98a9197ebe177fbf1d81a816762a40296c71f622670d84f0f669082c1585ef8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 02:47:26 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
server
AmazonS3
age
2079709
etag
"8c1894e0905a2d0919d23719666d6f00"
x-cache
Hit from cloudfront
x-amz-version-id
CwaPRfysx7cMjBL_MyE5FlDXMXYARn9p
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
40385
x-amz-cf-id
6hY35FeRhnveNslrKGLb0a2AnP7FgIGZSJ7fpYjs5Hn3YirxHhcoQg==
dd611516-logo-1_109001v000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/dd611516-logo-1_109001v000000000000028.png
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9385eff39db187129234737e5fbe929c65bbf1f3b88f83acce293b2ed586fcb1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 05:46:22 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
server
AmazonS3
age
340973
etag
"39c40cccdc269eab498590918a746911"
x-cache
Hit from cloudfront
x-amz-version-id
SBD_l_g66HMmh7zyhPpudOYIunF0iVya
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
3775
x-amz-cf-id
UxOvRvMqznunPGuBNaTSOBCuMXPQXDZSKO3qEUR_G2XHEYMEIYegmA==
5a82bda6-35_10ay0gd0ay0fz00000e028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/5a82bda6-35_10ay0gd0ay0fz00000e028.png
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e75cbc6bce17b129174ca361eec5563c884443d3e0596fb7a1760c1b8ffaf864

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 02:47:26 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
server
AmazonS3
age
2079709
etag
"af038184d126a760aca09f6cda7957a9"
x-cache
Hit from cloudfront
x-amz-version-id
lKAbWRJfCUpW1D8XJmkOLU4.CsdOvWgp
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
1511
x-amz-cf-id
vagrrvyI0OxR6KNvvMiDYhuCzx5U-G4ECGVfhDGlPU0giqwoEs1J3Q==
bc349609-trust-logos-newlrg-01_10b701r000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/bc349609-trust-logos-newlrg-01_10b701r000000000000028.png
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e31f85368e1b5bf415d5edee22e45f679a8f02654cefa3af66507a06568803e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:33:11 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
server
AmazonS3
age
2012164
etag
"81adfc18f0712d04c1a3a29c6392188e"
x-cache
Hit from cloudfront
x-amz-version-id
yy_iXbO5R2m7rhlTUeCjyjDeq7F650jB
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
8939
x-amz-cf-id
gE4bCO9zP0X_sC2Jzy22OFFKLhBSpTYuCKcwaLJTFndhl7d9R6YOvA==
760e1d64-registered-member-badge_1044019000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/760e1d64-registered-member-badge_1044019000000000000028.png
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b533c5d468638190ade261fa017ddd0d8eaef480304ea581776448135bd6cfdb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 02:47:26 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
server
AmazonS3
age
2079709
etag
"ad2175cd3ec655294e3f6f9b66ec7a3d"
x-cache
Hit from cloudfront
x-amz-version-id
VzR7iwC9NM6q8M8P6hsqCb1Gutt4Bmxj
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
3072
x-amz-cf-id
7Ut6QKsxQMjivoZNUQM5N3a6G0F1TtH1Yq6UX1H2DPas1whU9VJQoA==
3a9ad2fc-guidebook-removebg-preview_10cs08y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrust.com/offer-2/3a9ad2fc-guidebook-removebg-preview_10cs08y000000000000028.png
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-203.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b7279566079052426a7ffd1f4163ace2f077d1565973c00d993495324f1804d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 02:47:26 GMT
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 16:57:09 GMT
server
AmazonS3
age
2079709
etag
"b466a0036f53e476bd89c5666ef23efc"
x-cache
Hit from cloudfront
x-amz-version-id
FzpR_jNX8mPhZGIPGYcd7Juxti6B.58y
cache-control
max-age=31557600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
32617
x-amz-cf-id
sUnX_Ltf32rYf9rEtJktpHL8jAHjWiGKWvjmXiRxrrsj9eEHUInFNQ==
/
settings.luckyorange.net/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&s=257561
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfaefb99b7d505650077d0d8794db160e454c79ce9aaba9cfaba23c6cd0fca62
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 04:29:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://offers.goldalliedtrust.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEnFGBTiO6JlBkMxP31nF2%2FOvHOYMVRXKpU7gN5g%2FX%2BL4C8%2BNJdIQIx7v%2FK6x2Ze1wC3v37mxyd8g0iAq0cdh2fR7B%2BkQtbiYlaAa%2FqYkp32mYZp3pHvkoexvYiI4LED0y00H8HygO1DPw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
703d89041e75e760-EWR
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.2/ 		174 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by
Host: b2d28e392c5a4d84a0046772c716ac37.js.ubembed.com
URL: https://b2d28e392c5a4d84a0046772c716ac37.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-126.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 17:08:16 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 16:31:05 GMT
server
AmazonS3
age
2114459
etag
W/"359008fe01078c59c66e034866170bd2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
CYx5FJcgay7elKWCk03zpqhtUn91JTQdBEH11CtihMUDuIUvQG_A4A==
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1651292954232&e=pv&url=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&page=Free%20Gold%20Information%20Kit%20Gold%20Allied%20Trust&refr=https%3A%2F%2Fnmychoice.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=c15b1e6a-5742-4cef-83e4-419ea8c94606&dtm=1651292954230&vp=1600x1200&ds=1600x2543&vid=1&sid=06089078-b0e3-4ce7-95e9-2fde8f305b48&duid=a3f5ce5d-0ea5-4025-8f79-469e1b5e611f&uid=1d72b864-6825-4341-861a-544a494eae58&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMmE0MjFkNGMtOWQxMS00MjBkLTg5ZmItNjA2NGMyNzI4OGJmIiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.248.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-248-16.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 30 Apr 2022 04:29:14 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
collect
stats.g.doubleclick.net/j/ 		2 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-111255625-1&cid=1743824833.1651292954&jid=369991926&gjid=1231223091&_gid=565416450.1651292954&_u=IEBAAEAAAAAAAC~&z=1195636784
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.goldalliedtrust.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 30 Apr 2022 04:29:14 GMT
content-type
text/plain
access-control-allow-origin
https://offers.goldalliedtrust.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 17:14:01 GMT
x-content-type-options
nosniff
age
299713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 17:14:01 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 17:15:22 GMT
x-content-type-options
nosniff
age
299632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 17:15:22 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 17:17:20 GMT
x-content-type-options
nosniff
age
299514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 17:17:20 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 17:15:50 GMT
x-content-type-options
nosniff
age
299604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24408
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:50:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 17:15:50 GMT
S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 17:15:50 GMT
x-content-type-options
nosniff
age
299604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24448
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 17:15:50 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 22:46:05 GMT
x-content-type-options
nosniff
age
279789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 22:46:05 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:31:01 GMT
x-content-type-options
nosniff
age
205093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 19:31:01 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:25:41 GMT
x-content-type-options
nosniff
age
205413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 19:25:41 GMT
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v29/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v29/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23a38ec96550f1c1cc8d6e9f83f9dc7dfeb046bd2d0d67db1590c86e7a098a70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:25:33 GMT
x-content-type-options
nosniff
age
205421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19784
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 19:25:33 GMT
8vIU7ww63mVu7gtR-kwKxNvkNOjw-jHgfY3lDQ.woff2
fonts.gstatic.com/s/cinzel/v17/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cinzel/v17/8vIU7ww63mVu7gtR-kwKxNvkNOjw-jHgfY3lDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
617303ae07cc4993600ccbea1baab6164f18a0beadeaaa53e15914168625b8b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 23:57:56 GMT
x-content-type-options
nosniff
age
102678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14288
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 23:57:56 GMT
Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,300,italic,700italic%7COpen+Sans:700,regular%7CPT+Sans:700,regular%7CPlayfair+Display:regular%7CCinzel:700%7CFjalla+One:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 22:38:20 GMT
x-content-type-options
nosniff
age
107454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16588
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:38:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 22:38:20 GMT
OY5U2XF66JDZRAGS5V5SIK
d.adroll.com/consent/check/ 		451 B
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/OY5U2XF66JDZRAGS5V5SIK?arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&_s=159fd629d434e914606dcaccdbf626ac&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/OY5U2XF66JDZRAGS5V5SIK/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.215.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-215-0.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
98b26f537e7ea40a3117f99ebdbb52c8b9861ae7ae39a493474e60fcef7827b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 04:29:14 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-type
application/javascript
content-length
451
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-111255625-1&cid=1743824833.1651292954&jid=369991926&_u=IEBAAEAAAAAAAC~&z=1030966118
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 04:29:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clickstream.js
d10lpsik1i8c69.cloudfront.net/js/ Frame 3E9A 		287 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=ce8f9a1
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-109.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92f65d433b40a4c4719b742357563d08b1c16d6396571933da9f02f9ef7424d8

Request headers

Referer
Origin
https://offers.goldalliedtrust.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 02:28:25 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
5104850
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 01 Mar 2022 22:59:52 GMT
server
AmazonS3
etag
W/"16e967413dfa0346be281513c77581b9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
_qaR1NkGt_o8p2a6Ilho8oGTpeFz9sdeOwwRFrzGEjgTR6KtfedK0w==
sendrolling.js
s.adroll.com/j/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/OY5U2XF66JDZRAGS5V5SIK/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b4fb78c5e5599a29f86d20a29d4f69e3ed0654547b1a595cf038ee0553b58d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id
ZF339xBDqZ1K9SKXIggpL0GW25oAXt0X
Content-Encoding
gzip
Etag
W/"156295addf985cb637d7863ee802fd77"
Age
15
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
Last-Modified
Mon, 11 Apr 2022 15:24:31 GMT
Server
AmazonS3
Date
Sat, 30 Apr 2022 04:29:14 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
EWR53-P1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
VyTOk-pceojkMXXzXXTyFyfWienHhqeJMB9YOHxNX249nqlf4hbtkA==
YXKWCQKH7VASZO5MBPTXLO
d.adroll.com/segment/OY5U2XF66JDZRAGS5V5SIK/ 		42 B
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/segment/OY5U2XF66JDZRAGS5V5SIK/YXKWCQKH7VASZO5MBPTXLO?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&pv=83178768834.14493&cookie=&adroll_s_ref=https%3A//nmychoice.com/&keyw=&adroll_external_data=&adroll_version=2.0
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/OY5U2XF66JDZRAGS5V5SIK/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.215.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-215-0.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-pixel-eid
YXKWCQKH7VASZO5MBPTXLO
date
Sat, 30 Apr 2022 04:29:14 GMT
x-advertisable-eid
OY5U2XF66JDZRAGS5V5SIK
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type
p
content-length
42
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.20.0
x-rule
*
x-segment-eid
XNEHQ4HXQZDGPALDEIRWAQ
content-type
image/gif
access-control-allow-origin
https://offers.goldalliedtrust.com
access-control-expose-headers
X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-request-methods
GET
x-segment-name
*
access-control-allow-headers
*
x-conversion-currency
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D71...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&expiration=1682828954
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&expiration=1682828954&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&expiration=1682828954&C=1
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 04:29:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 30 Apr 2022 04:29:14 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 04:29:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&expiration=1682828954&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Sat, 30 Apr 2022 04:29:14 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033...
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&expires=365
42 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&expires=365
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&expires=365
pragma
no-cache
date
Sat, 30 Apr 2022 04:29:14 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3...
  • https://pixel.advertising.com/ups/55980/sync?uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://pixel.advertising.com/ups/55980/sync?uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP17317f09-c83e-11ec-be78-0e...
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP17317f09-c83e-11ec-be78-0e...
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP17317f09-c83e-11ec-be78-0e4c13160ddf&verify=true
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 04:29:14 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP17317f09-c83e-11ec-be78-0e4c13160ddf&verify=true
date
Sat, 30 Apr 2022 04:29:14 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
HTTP/1.1
Server
64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 30 Apr 2022 04:29:14 GMT
Cache-Control
no-cache
X-TraceId
90acf7256489e410022323fd96251317
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU
pragma
no-cache
date
Sat, 30 Apr 2022 04:29:14 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
100
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...
42 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 04:29:14 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug003:0:399
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Sat, 30 Apr 2022 04:29:14 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
212
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 04:29:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
3346

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU
pragma
no-cache
date
Sat, 30 Apr 2022 04:29:14 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=8542781f51711ca55ed2306707e97b16-1651292954372&arrfrr=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: offers.goldalliedtrust.com
URL: https://offers.goldalliedtrust.com/offer-2/?lp_request_id=626cbb19c47ac&lp_s2=711033114&S2=711033114&s2=711033114
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 04:29:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4714&xuid=YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 30 Apr 2022 04:29:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-109.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 15:40:40 GMT
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Tue, 01 Mar 2022 22:59:52 GMT
server
AmazonS3
age
3502115
etag
"2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
1283
x-amz-cf-id
5c4pOZb63jA9CcGMzm9n42YswcvtsmLtMu2mKbXtt9Ob_hvOqDMUcw==
logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-109.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 15:40:48 GMT
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Tue, 01 Mar 2022 22:59:52 GMT
server
AmazonS3
age
3502107
etag
"35ce74c31e3ef54462a234340af702d7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
1143
x-amz-cf-id
BUM7K-X4FVe0at889IbkPa75RTtrfNC17aBoMfMRnqta2WyHt1327w==
sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		277 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-109.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 15:40:48 GMT
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Tue, 01 Mar 2022 22:59:52 GMT
server
AmazonS3
age
3502107
etag
"76f1993de0fd323f67cece8d8e63bfa2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
277
x-amz-cf-id
hxf0ULxhd4M_4o7aU3LsmG5GeFDHyfsKVMY0wXMnAcDMS_cSH2W8Ag==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1188949249&t=timing&_s=2&dl=https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114&dr=https%3A%2F%2Fnmychoice.com%2F&ul=en-us&de=UTF-8&dt=Free%20Gold%20Information%20Kit%20Gold%20Allied%20Trust&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1256&pdt=1&dns=43&rrt=401&srt=35&tcp=26&dit=626&clt=626&_gst=540&_gbt=676&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1743824833.1651292954&tid=UA-111255625-1&_gid=565416450.1651292954&z=541966116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 10:02:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66376
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
reset.css
d10lpsik1i8c69.cloudfront.net/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=ce8f9a1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-109.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offers.goldalliedtrust.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 15:40:41 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 22:59:52 GMT
server
AmazonS3
age
3502114
etag
W/"7144eaceff0b31347712515a6116074e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
Y1qUrSgdcgwwyUQJhpkCCi8vKOr1nnWQQmQ8AI7epSzjvHpT5OE-cw==
ada543f0-5ceb-45be-a754-1ffa876f1248
https://offers.goldalliedtrust.com/ Frame 3E9A 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offers.goldalliedtrust.com/ada543f0-5ceb-45be-a754-1ffa876f1248
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
0
698e1f81-c1e6-4c12-a472-6101ef7c5194
https://offers.goldalliedtrust.com/ Frame 3E9A 		30 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offers.goldalliedtrust.com/698e1f81-c1e6-4c12-a472-6101ef7c5194
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
31224

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| ub object| module number| __lo_site_id string| GoogleAnalyticsObject function| ga object| eventTracker string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll object| UnbounceSnowplowNamespace function| ubSnowplow object| ProgressBar function| fixfirstnm function| fixlastnm function| __adroll__ string| adroll_sid object| dataLayer object| __adroll object| adroll_form_fields undefined| adroll_tpc_callback function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| __lo_csr_added function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| __adroll_consent_data object| adroll_exp_list object| ube boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| __adroll_pxl_assistant_track object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid string| adroll_rule_type object| WTW_Watcher object| LO object| _loq

37 Cookies

Domain/Path Name / Value
offers.goldalliedtrust.com/offer-2/ Name: ubpv
Value: ak%2C2a421d4c-9d11-420d-89fb-6064c27288bf
.sbrchkr.com/ Name: sid
Value: Q0QnJ0cjsoD0qQCqmwKt0p8hgO7a4qkoKycAUrJ//dKBd53UAQqzmw==
.sbrchkr.com/ Name: trk
Value: 52ubbrEEkaD0qQCqmwKt0p8hgO7a4qkoKycAUrJ//dKBd53UAQqzmw==
.sbrchkr.com/ Name: c150
Value: Q0QnJ0cjsoC/ijnJzXIbap8Ue5i+ZlrO/wR0Kz2jpTs=
nmychoice.com/ Name: uid3389
Value: 711033114-20220430002913-7adf40b29e81ce5344971a793d542bb9-
goldalliancecapital.leadspediatrack.com/ Name: PHPSESSID
Value: 0d6k2c8pmlcd2ah4pb4mfrt367
offers.goldalliedtrust.com/ Name: ubvs
Value: 1d72b864-6825-4341-861a-544a494eae58
.goldalliedtrust.com/ Name: ubvt
Value: 1d72b864-6825-4341-861a-544a494eae58
.goldalliedtrust.com/ Name: _ga
Value: GA1.2.1743824833.1651292954
.goldalliedtrust.com/ Name: _gid
Value: GA1.2.565416450.1651292954
.goldalliedtrust.com/ Name: _gat
Value: 1
d.adroll.com/ Name: __adroll
Value: be1c3dcd6476a19377fb42e6248f1525-a_1651292954
.adroll.com/ Name: __adroll_shared
Value: be1c3dcd6476a19377fb42e6248f1525-a_1651292954
.offers.goldalliedtrust.com/ Name: __adroll_fpc
Value: 8542781f51711ca55ed2306707e97b16-1651292954372
.offers.goldalliedtrust.com/ Name: __ar_v4
Value: %7COY5U2XF66JDZRAGS5V5SIK%3A20220430%3A1%7CYXKWCQKH7VASZO5MBPTXLO%3A20220430%3A1
.goldalliedtrust.com/ Name: __lotr
Value: https%3A%2F%2Fnmychoice.com%2F
.outbrain.com/ Name: obuid
Value: ba5e7ea1-73bd-4929-9116-59c680af7cf2
.outbrain.com/ Name: adrl
Value: YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU
.casalemedia.com/ Name: CMID
Value: Ymy7GomyqoescfQE4Cv2mAAA
.casalemedia.com/ Name: CMPS
Value: 3794
.advertising.com/ Name: APID
Value: UP17317f09-c83e-11ec-be78-0e4c13160ddf
.taboola.com/ Name: t_gid
Value: 1853d205-bf9c-4eb2-a7b8-4618d413b69d-tuct966409a
.pubmatic.com/ Name: KRTBCOOKIE_10
Value: 22808-YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU&KRTB&22883-YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU
.pubmatic.com/ Name: PugT
Value: 1651292954
.pubmatic.com/ Name: PUBMDCID
Value: 2
.rubiconproject.com/ Name: khaos
Value: L2LD6U6G-I-39XZ
.rubiconproject.com/ Name: audit
Value: 1|X3fD8qv3rAHHGQKlZJmJ6/ZErQXwPAN9UcrlD+4U1IZGXlzst0zOc82koFORSYp7m93goXCh3x7dcuVnQi+ATTBFfKlqw0gCDs8cLh2IhY16VSCO4juTAQYhl0ce3vTMotZvc1d4L4WU/4jztLyIZKgf/jdBA5bXFIHicozVKW1MqJO5mR56FXzNDOXvdlr7DMxk72OwxoKma+WVcS1g3g==
.casalemedia.com/ Name: CMPRO
Value: 143
.casalemedia.com/ Name: CMRUM3
Value: 69626cbb1a2760YmUxYzNkY2Q2NDc2YTE5Mzc3ZmI0MmU2MjQ4ZjE1MjU
.casalemedia.com/ Name: CMST
Value: Ymy7GmJsuxoA
.yahoo.com/ Name: A3
Value: d=AQABBBq7bGICEMHtcWQw9XGcSaF8xyZUvs0FEgEBAQEMbmJ2YgAAAAAA_eMAAA&S=AQAAAlRI4dfBg2nBx-KllLnH6Ng
.analytics.yahoo.com/ Name: IDSYNC
Value: 1770~24m4
.3lift.com/ Name: tluid
Value: 1564312170200264500022
.goldalliedtrust.com/ Name: _lo_uid
Value: 257561-1651292954287-e57ca7905eccb4a5
.goldalliedtrust.com/ Name: _lorid
Value: 257561-1651292954287-3e13890b7f06743f
.goldalliedtrust.com/ Name: _lo_v
Value: 1
.goldalliedtrust.com/ Name: __lotl
Value: https%3A%2F%2Foffers.goldalliedtrust.com%2Foffer-2%2F%3Flp_request_id%3D626cbb19c47ac%26lp_s2%3D711033114%26S2%3D711033114%26s2%3D711033114

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.ubembed.com
b2d28e392c5a4d84a0046772c716ac37.js.ubembed.com
builder-assets.unbounce.com
d.adroll.com
d10lpsik1i8c69.cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
goldalliancecapital.leadspediatrack.com
image2.pubmatic.com
manacht.info
nmychoice.com
offers.goldalliedtrust.com
pixel.advertising.com
pixel.rubiconproject.com
rawgit.com
s.adroll.com
s3.us-west-2.amazonaws.com
sbrchkr.com
settings.luckyorange.net
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
104.26.11.16
104.36.115.109
141.226.224.48
151.101.65.131
18.234.11.64
193.163.199.234
23.52.162.21
2600:9000:2209:2000:6:9280:1080:93a1
2600:9000:2209:ae00:1d:11cf:5800:93a1
2606:4700:3034::ac43:9550
2607:f8b0:4004:c09::9d
2607:f8b0:4006:806::200e
2607:f8b0:4006:80f::2004
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81d::2003
3.213.248.16
3.218.90.66
3.224.141.128
44.238.137.84
5.161.103.241
52.7.26.155
52.85.61.126
52.85.61.29
52.92.195.32
54.196.215.0
54.230.244.109
54.230.244.203
64.202.112.31
69.173.151.100
76.223.111.18
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
14abc3f6471c6a23f6e439fa126a183a12e3347f5c33b202e0694cbee0b40ddd
1b7279566079052426a7ffd1f4163ace2f077d1565973c00d993495324f1804d
1da7efbc127aa7bf6cac628c914d0824004f4b25231b54e0689f5032a02a57aa
23a38ec96550f1c1cc8d6e9f83f9dc7dfeb046bd2d0d67db1590c86e7a098a70
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2ef6b24ec78bb3ac4bdfa91d2abf4d9f2d4b543ad54c411d50e4307fc8677110
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
54b46cefac2e24d018fc12e986e4a8786f9a82715a8a59c7c7ed5fa577a7b9b5
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
617303ae07cc4993600ccbea1baab6164f18a0beadeaaa53e15914168625b8b3
6216777104b966aca659d1a2593c867d9a807a75653cf5ed028dd16c91dd4660
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d04e293cbb5bc943a3fa34eeedc2bd97cd7c05833aaf863a9c8687dd9302728
75c3641f6de8c0590fed04e7dd7487756884a9e934e29299aa2f4985fa2e0098
77b6639bc764194edbff8e617666fc4cda83f29a63c94346d21e596ee638bca6
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8ae691dd9114b864021e021ccceec1dde44333d68d71d784f0854210df70fe5a
8b4fb78c5e5599a29f86d20a29d4f69e3ed0654547b1a595cf038ee0553b58d2
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92f65d433b40a4c4719b742357563d08b1c16d6396571933da9f02f9ef7424d8
9385eff39db187129234737e5fbe929c65bbf1f3b88f83acce293b2ed586fcb1
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
98a9197ebe177fbf1d81a816762a40296c71f622670d84f0f669082c1585ef8d
98b26f537e7ea40a3117f99ebdbb52c8b9861ae7ae39a493474e60fcef7827b0
9c0419dbcbb2388012bef7d292040f9693629ec4a8eac05178aeb4ee95808c94
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b533c5d468638190ade261fa017ddd0d8eaef480304ea581776448135bd6cfdb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bdbf0bb9b89e4db6550fc67b627a228a48f5f43d2192fe2cdf1c00bc9758a5ee
bfaefb99b7d505650077d0d8794db160e454c79ce9aaba9cfaba23c6cd0fca62
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e225f8f59e968e8b2589a6da89517eaed388a4b4ba0d511e46fa05e7872102e6
e31f85368e1b5bf415d5edee22e45f679a8f02654cefa3af66507a06568803e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75cbc6bce17b129174ca361eec5563c884443d3e0596fb7a1760c1b8ffaf864
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0
fd1be4db44c6a60723098db16fd942aa159b70e2c05eae10aafbd469665c46e5