urlscan.io logo urlscan.io
SecurityTrails logo

thespillnewsletter.com Open in urlscan Pro
54.90.128.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click1.em.investingchannel.com/oqknpstgqvjdzmrrdkmffdsmlgdvqwjwkjcjsmjtqzqwmt_glkcyytmmcdctkgckwyww.html
Effective URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=cro...
Submission: On January 26 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 29 HTTP transactions. The main IP is 54.90.128.216, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is thespillnewsletter.com.
TLS certificate: Issued by R3 on December 7th 2021. Valid for: 3 months.
This is the only time thespillnewsletter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.214.203.11 14618 (AMAZON-AES)
8 54.90.128.216 14618 (AMAZON-AES)
2 18.117.36.41 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.2.39 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 35.186.249.84 15169 (GOOGLE)
1 54.88.27.79 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
29 11
1    74.214.203.11 (United States)

ASN14618 (AMAZON-AES, US)
click1.em.investingchannel.com
8    54.90.128.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-128-216.compute-1.amazonaws.com
thespillnewsletter.com
2    18.117.36.41 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-117-36-41.us-east-2.compute.amazonaws.com
www.offerfwd.net
3    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.2.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-39.txl50.r.cloudfront.net
cdn.neverbounce.com
1    2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)
ipapi.co
6    35.186.249.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.249.186.35.bc.googleusercontent.com
dramaticdirection.com
1    54.88.27.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-27-79.compute-1.amazonaws.com
api.neverbounce.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:21f3:b600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 thespillnewsletter.com
thespillnewsletter.com
1 MB
6 dramaticdirection.com
dramaticdirection.com — Cisco Umbrella Rank: 753381
210 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
126 KB
2 gstatic.com
fonts.gstatic.com
75 KB
2 neverbounce.com
cdn.neverbounce.com — Cisco Umbrella Rank: 124528
api.neverbounce.com — Cisco Umbrella Rank: 108671
29 KB
2 offerfwd.net
www.offerfwd.net — Cisco Umbrella Rank: 452741
172 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 533
481 B
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 16617
892 B
1 investingchannel.com
click1.em.investingchannel.com
413 B
29 11
Domain Requested by
8 thespillnewsletter.com thespillnewsletter.com
6 dramaticdirection.com thespillnewsletter.com
dramaticdirection.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com thespillnewsletter.com
www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.offerfwd.net thespillnewsletter.com
www.offerfwd.net
1 fonts.googleapis.com dramaticdirection.com
1 static.adsafeprotected.com thespillnewsletter.com
1 api.neverbounce.com cdn.neverbounce.com
1 ipapi.co thespillnewsletter.com
1 cdn.neverbounce.com thespillnewsletter.com
1 click1.em.investingchannel.com 1 redirects
29 12

This site contains links to these domains. Also see Links.

Domain
investingchannel.com
getadmiral.com
Subject Issuer Validity Valid
thespillnewsletter.com
R3		 2021-12-07 -
2022-03-07		 3 months crt.sh
www.offerfwd.net
Amazon		 2021-12-13 -
2023-01-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
neverbounce.com
Amazon		 2021-03-14 -
2022-04-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-16 -
2022-06-15		 a year crt.sh
dramaticdirection.com
R3		 2021-12-23 -
2022-03-23		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Frame ID: E3F577070A0024BC55EC0C64E81AECCD
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Spilluser-signalchecklistsettings-toggle-horizontal

Page URL History Show full URLs

  1. http://click1.em.investingchannel.com/oqknpstgqvjdzmrrdkmffdsmlgdvqwjwkjcjsmjtqzqwmt_glkcyytmmcdctkgckwyww.html HTTP 302
    https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewslet... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

11
IPs

2
Countries

1998 kB
Transfer

3075 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click1.em.investingchannel.com/oqknpstgqvjdzmrrdkmffdsmlgdvqwjwkjcjsmjtqzqwmt_glkcyytmmcdctkgckwyww.html HTTP 302
    https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thespillnewsletter.com/
Redirect Chain
  • http://click1.em.investingchannel.com/oqknpstgqvjdzmrrdkmffdsmlgdvqwjwkjcjsmjtqzqwmt_glkcyytmmcdctkgckwyww.html
  • https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.90.128.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-128-216.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0594bc1747714c1c389265fbe33a74ba35ac90f1ce98d62ea4865256810c42a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 26 Jan 2022 06:36:27 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Access-Control-Allow-Origin
*
Content-Length
6758
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Server
Apache-Coyote/1.1
Connection
Keep-Alive
Keep-Alive
timeout=60
Location
https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Content-Type
text/html;charset=utf-8
Content-Length
0
Date
Wed, 26 Jan 2022 06:37:44 GMT
joi.js
www.offerfwd.net/oi/ 		172 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.offerfwd.net/oi/joi.js
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.117.36.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-117-36-41.us-east-2.compute.amazonaws.com
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1c /
Resource Hash
78ec3e2e1632db88bc54f06a38ebf0401027bd892f6a6a1f5b40b0ff5bc788d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 06:37:46 GMT
content-type
text/javascript
server
Apache/2.4.37 (centos) OpenSSL/1.1.1c
js
www.googletagmanager.com/gtag/ 		168 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P4CE685JDL
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18c631b79f0156e3f9b108405de84729bdf108fd059766b8beab14eacb6cf0ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 06:37:46 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63165
x-xss-protection
0
expires
Wed, 26 Jan 2022 06:37:46 GMT
the-spill-logo.png
thespillnewsletter.com/images/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thespillnewsletter.com/images/the-spill-logo.png
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.90.128.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-128-216.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
dab98f51e1148152c96d4c7629eadb5024b853ab828121b9b753fe3d9348a1b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 06:36:28 GMT
Last-Modified
Wed, 18 Aug 2021 07:44:34 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2229a-5c9d09b024b55"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
139930
thespillmobile.png
thespillnewsletter.com/images/ 		556 KB
557 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thespillnewsletter.com/images/thespillmobile.png
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.90.128.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-128-216.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e5c5a9832f468af6e96188bd1cc736744259e4086d398ff3400ddc585aff68f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 06:36:28 GMT
Last-Modified
Wed, 18 Aug 2021 07:44:37 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"8b156-5c9d09b2a3615"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
569686
IC_Logo.png
thespillnewsletter.com/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thespillnewsletter.com/images/IC_Logo.png
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.90.128.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-128-216.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d87c4db75dcf1ed60c29dbfef18b038893f0fd11328ed416939cefa5763af605

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 06:36:28 GMT
Last-Modified
Wed, 18 Aug 2021 07:44:36 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"48c0-5c9d09b2081b5"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
18624
NeverBounce.js
cdn.neverbounce.com/widget/dist/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.neverbounce.com/widget/dist/NeverBounce.js
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-39.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:03:31 GMT
content-encoding
gzip
last-modified
Mon, 02 Mar 2020 18:37:33 GMT
server
AmazonS3
age
12856
etag
W/"c1e06621030dfcba15b88abbcaa546eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
x-amz-cf-id
QGJEcq74VyHDCdOeb0BVZYZAvoLIzU72ZTsiY3y_aEEk8yRMV-mNAQ==
gtm.js
www.googletagmanager.com/ 		73 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TPC52NQ
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
605e397a39cce368042f3fc84af3fb65a524a68ce5a8964b0032000f9a11b1aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 06:37:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29410
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jan 2022 06:37:46 GMT
thespillbg.jpg
thespillnewsletter.com/images/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thespillnewsletter.com/images/thespillbg.jpg
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.90.128.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-128-216.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b86c09aea8f0cf54032fe790123cb9fbebc2382e1cfa22cdea0d282d7d22a771

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 06:36:28 GMT
Last-Modified
Wed, 18 Aug 2021 07:44:37 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"14ee8-5c9d09b335dd5"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
85736
Montserrat-Regular.ttf
thespillnewsletter.com/fonts/ 		240 KB
240 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thespillnewsletter.com/fonts/Montserrat-Regular.ttf
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.90.128.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-128-216.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Request headers

Referer
https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Origin
https://thespillnewsletter.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 06:36:28 GMT
Last-Modified
Wed, 18 Aug 2021 07:44:40 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3bfcc-5c9d09b574155"
Content-Type
font/ttf
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
245708
IntroBold.otf
thespillnewsletter.com/fonts/ 		80 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thespillnewsletter.com/fonts/IntroBold.otf
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.90.128.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-128-216.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
73a2d48ce93f8a70eaa5c548c14f78b8c38e2738de6b62d09ed1b8782b455e69

Request headers

Referer
https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Origin
https://thespillnewsletter.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 06:36:28 GMT
Last-Modified
Wed, 18 Aug 2021 07:44:37 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1410c-5c9d09b29a975"
Content-Type
font/ttf
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82188
Montserrat-Bold.ttf
thespillnewsletter.com/fonts/ 		239 KB
239 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thespillnewsletter.com/fonts/Montserrat-Bold.ttf
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.90.128.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-128-216.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444

Request headers

Referer
https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Origin
https://thespillnewsletter.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 06:36:28 GMT
Last-Modified
Wed, 18 Aug 2021 07:44:39 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3baf4-5c9d09b4c44d5"
Content-Type
font/ttf
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
244468
/
ipapi.co/jsonp/ 		609 B
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/jsonp/
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b28102c6add075fc09ae7b8cb4ebb00027ccdb478c8dd25a2b9012eeef4ab3dc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 06:37:47 GMT
content-encoding
br
allow
OPTIONS, HEAD, OPTIONS, POST, GET
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lu%2FGhlbnqlKzqRTahmP%2BAiRxV0Z9Zw64m6qNRmhdl1dYhmXW6b7L00WaUgw4GF47fm0SpRnSGVkrAhaJRqHqYKXpOOk6pFrhoK4kemVUSEfjNyLiL%2FzoZEHMEM1j%2FBbkzDWR094d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
6d37bc0f4e189299-FRA
v2ecz1e5Kw0EnSgyhE0QVqCTLwyCgMsMGpe6dsjPnsIN2vzDW6IQbrv57Q-VBs9OYww
dramaticdirection.com/ 		516 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dramaticdirection.com/v2ecz1e5Kw0EnSgyhE0QVqCTLwyCgMsMGpe6dsjPnsIN2vzDW6IQbrv57Q-VBs9OYww
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
7feca22718249a24234723e546e0248e3dca72b9483c2afe78440721769bc420
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"0f2d19ce82770a1215b249aab67cb15f9c35062fb5f22c4754c6b6808a4bafcb"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-b0wm
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 26 Jan 2022 06:37:47 GMT
timing-allow-origin
*
notify
api.neverbounce.com/v4/poe/ 		63 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.neverbounce.com/v4/poe/notify?key=public_f9e1c3d10d95522d764e48b72db360e0&event=form.load&callback=__neverbounce_586474
Requested by
Host: cdn.neverbounce.com
URL: https://cdn.neverbounce.com/widget/dist/NeverBounce.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.27.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-27-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9359a8f724d895d1c2cad86f6c038b3ea42043e7af01263899715d8bca3c8b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 06:37:47 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private
strict-transport-security
max-age=31536000; includeSubDomains
x-ua-compatible
IE=Edge
joi
www.offerfwd.net/oi/ 		90 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.offerfwd.net/oi/joi?PID=null&WID=thespillnewsletter.com1643179066743016234480087470526&email=&P_S=%7B%22s%22%3A%222%22%7D&ts=1643179066743
Requested by
Host: www.offerfwd.net
URL: https://www.offerfwd.net/oi/joi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.117.36.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-117-36-41.us-east-2.compute.amazonaws.com
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1c /
Resource Hash
b474bd930bfc213d1c94fc91e34fb62806bbfe9e4e1dbc0543f7363894313354

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 06:37:46 GMT
cache-control
no-cache
server
Apache/2.4.37 (centos) OpenSSL/1.1.1c
content-type
text/javascript
content-length
90
expires
0
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-206024467-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4CE685JDL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
510bf99e2d7e3590a6438d4be42ffbe241185f5476377202e832685a1724fdd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 06:37:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36055
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jan 2022 06:37:46 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-206024467-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3772
date
Wed, 26 Jan 2022 05:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 26 Jan 2022 07:34:54 GMT
collect
www.google-analytics.com/g/ 		0
175 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P4CE685JDL&gtm=2oe1o0&_p=880802149&sr=1600x1200&ul=en-us&cid=441613338.1643179067&_s=1&dl=https%3A%2F%2Fthespillnewsletter.com%2F%3Fprpid%3D31686655%26sourceid%3DTheSpillLPv1%26e%3D%26utm_source%3Dwsc%26utm_medium%3Dicnewsletter%26utm_campaign%3Dcrosspromo&dt=The%20Spill&sid=1643179066&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4CE685JDL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thespillnewsletter.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 06:37:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thespillnewsletter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=880802149&t=pageview&_s=1&dl=https%3A%2F%2Fthespillnewsletter.com%2F%3Fprpid%3D31686655%26sourceid%3DTheSpillLPv1%26e%3D%26utm_source%3Dwsc%26utm_medium%3Dicnewsletter%26utm_campaign%3Dcrosspromo&ul=en-us&de=UTF-8&dt=The%20Spill&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1339179496&gjid=532376511&cid=441613338.1643179067&tid=UA-206024467-1&_gid=60878571.1643179067&_r=1&gtm=2ou1o0&z=335842806
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thespillnewsletter.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 06:37:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thespillnewsletter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
acv.json
dramaticdirection.com/ 		210 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dramaticdirection.com/acv.json
Requested by
Host: dramaticdirection.com
URL: https://dramaticdirection.com/v2ecz1e5Kw0EnSgyhE0QVqCTLwyCgMsMGpe6dsjPnsIN2vzDW6IQbrv57Q-VBs9OYww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Tue, 25 Jan 2022 18:08:41 GMT
x-datacenter
gce-europe-west1
date
Wed, 26 Jan 2022 06:37:47 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-b0wm
content-type
application/json
access-control-allow-origin
https://thespillnewsletter.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: thespillnewsletter.com
URL: https://thespillnewsletter.com/?prpid=31686655&sourceid=TheSpillLPv1&e=&utm_source=wsc&utm_medium=icnewsletter&utm_campaign=crosspromo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
age
14912593
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
SI7-3NoLKd-DY_RKsFXbQuPu2LL65rbNgXwZfH4Iqwqy0efx6yGdSQ==
v2geqJi9yD5AOZfiLCKclCvNOgyUFOFok9n8_E8waOD6bLnld53JIiUeqtHfOuHzWSGQojNuG4w
dramaticdirection.com/ 		209 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dramaticdirection.com/v2geqJi9yD5AOZfiLCKclCvNOgyUFOFok9n8_E8waOD6bLnld53JIiUeqtHfOuHzWSGQojNuG4w
Requested by
Host: dramaticdirection.com
URL: https://dramaticdirection.com/v2ecz1e5Kw0EnSgyhE0QVqCTLwyCgMsMGpe6dsjPnsIN2vzDW6IQbrv57Q-VBs9OYww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f1ab2f2180deb17387a72b4fb456f76e277ad8b2a4038b1aa9672fd0107aba12
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://thespillnewsletter.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 26 Jan 2022 06:37:47 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thespillnewsletter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-b0wm
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Wed, 26 Jan 2022 06:37:46 GMT
v2sod6GakjeSn5Ynu82rPTIqbMTSp6DOjmVthVA0RrBVD9NY3IdKMv3okNTgIQwioeUGyfNnFAw
dramaticdirection.com/ 		383 B
418 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dramaticdirection.com/v2sod6GakjeSn5Ynu82rPTIqbMTSp6DOjmVthVA0RrBVD9NY3IdKMv3okNTgIQwioeUGyfNnFAw
Requested by
Host: dramaticdirection.com
URL: https://dramaticdirection.com/v2ecz1e5Kw0EnSgyhE0QVqCTLwyCgMsMGpe6dsjPnsIN2vzDW6IQbrv57Q-VBs9OYww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
32844e62e7c9c9de7cc91e7b94fea1bed31739581ce972f48ec77ed3a765ab78
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://thespillnewsletter.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 26 Jan 2022 06:37:47 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thespillnewsletter.com
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-b0wm
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
383
ConsentManager
dramaticdirection.com/v2bro0Tk9ixm8pJ7LXfnoRxGxCW2r7n7SlpV1zxhmXgWEcZ-tPX1W5msEvO-Htu2Bmnjp3MOE/ 		246 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dramaticdirection.com/v2bro0Tk9ixm8pJ7LXfnoRxGxCW2r7n7SlpV1zxhmXgWEcZ-tPX1W5msEvO-Htu2Bmnjp3MOE/ConsentManager
Requested by
Host: dramaticdirection.com
URL: https://dramaticdirection.com/v2ecz1e5Kw0EnSgyhE0QVqCTLwyCgMsMGpe6dsjPnsIN2vzDW6IQbrv57Q-VBs9OYww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
37b2e0d01ac55497d2b0f129c3a5200ad5e77727c51d67be228f6792610c13b3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://thespillnewsletter.com/
Origin
https://thespillnewsletter.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"69d6bdb674e316a2f8c94d293918c77ca0de563dfc21c5da65d2b82da9fbbe28"
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://thespillnewsletter.com
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-b0wm
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date
Wed, 26 Jan 2022 06:37:47 GMT
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Requested by
Host: dramaticdirection.com
URL: https://dramaticdirection.com/v2bro0Tk9ixm8pJ7LXfnoRxGxCW2r7n7SlpV1zxhmXgWEcZ-tPX1W5msEvO-Htu2Bmnjp3MOE/ConsentManager
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b35bf395eacb6c9729106a9e6a6e12856c8bab8f9109a4fae0f7704b60a22b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thespillnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 04:51:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 26 Jan 2022 06:37:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jan 2022 06:37:48 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thespillnewsletter.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:44:06 GMT
x-content-type-options
nosniff
age
575622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37780
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 17:59:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 14:44:06 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thespillnewsletter.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:44:06 GMT
x-content-type-options
nosniff
age
575622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37780
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 17:59:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 14:44:06 GMT
v2geqJi9yD5AOZfiLCKclCvNOgyUFOFok9n8_E8waOD6bLnld53JIiUeqtHfOuHzWSGQojNuG4w
dramaticdirection.com/ 		254 B
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dramaticdirection.com/v2geqJi9yD5AOZfiLCKclCvNOgyUFOFok9n8_E8waOD6bLnld53JIiUeqtHfOuHzWSGQojNuG4w
Requested by
Host: dramaticdirection.com
URL: https://dramaticdirection.com/v2ecz1e5Kw0EnSgyhE0QVqCTLwyCgMsMGpe6dsjPnsIN2vzDW6IQbrv57Q-VBs9OYww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f9d770b785540865fa1095b80862327c4fb0f9e1470cbe0e682f7674678be937
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://thespillnewsletter.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 26 Jan 2022 06:37:48 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thespillnewsletter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-b0wm
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
254
expires
Wed, 26 Jan 2022 06:37:47 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| flasherPlacementList number| flashMaxTimeout number| flashIntervalLength number| flashDoneCount object| allFlashAPIs string| ERROR object| flashResponses function| makeFlashAPICalls function| makeHttpRequest function| oiValueExists function| isJOI function| getOIProfileParameter function| unilever function| adquire function| adquire2 string| user_agent boolean| is_ie boolean| is_mozilla string| enablepersist string| collapseprevious boolean| hideCQsT boolean| cloneDataFlagT function| getElementbyClass function| contractcontent function| oi_ready function| togglecontent function| expandcontent function| collapsecontent function| revivecontent function| get_cookie function| getselectedItem function| saveswitchstate function| do_onload object| prepopCQs function| hideCQs function| isDate function| checkForAllDates function| extractPCDiv function| extractDateTag object| cloneDataMapT function| cloneData function| getTop function| getLeft object| oi_offer_body_element object| oi_offer_body_timer function| oi_show_offer_body function| oi_hide_offer_body function| _oi_hide_offer_body function| getAbsoluteLeft function| getAbsoluteTop function| checkMouseEnter function| checkMouseLeave function| containsDOM boolean| cloneDataFlag function| showToolTip function| oi_getAbsTop function| oi_getAbsLeft function| hideToolTip object| formValidationMasks object| formElementArray function| checkSpecial function| isSpecialValid function| isSpecialValidMultiSelect function| echeck function| validateInput object| cloneDataMap function| prepopulate function| validateForm function| initFormValidation function| toggleEffect function| togglePCPEffect function| getInputElements function| oi function| optIntelligence boolean| oi_joi_implementation string| txt function| execImpressionTimeout function| execOptinCallback function| get_oid function| getQueryString function| gtag object| dataLayer object| google_tag_manager function| getQueryVar object| rpId string| prpId string| sourceId string| utmSrc string| utmContent string| utmMedium string| utmCampaign string| utmTerm string| pId object| oId object| emailList number| offerSlots object| countryName function| callback object| script object| h object| _NBSettings object| SENTRY_RELEASE undefined| Raven object| _nb boolean| validMail function| admiral object| googletag function| __tcfapi function| __neverbounce_586474 string| k string| s object| notEmpty function| onYouTubeIframeAPIReady object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData function| 4dm1r11545242527 string| uniqueidn object| ccollect object| admrlWpJsonP

7 Cookies

Domain/Path Name / Value
click1.em.investingchannel.com/ Name: JSESSIONID
Value: A9CACE05CB08B126111C1330825F3485
.thespillnewsletter.com/ Name: _ga
Value: GA1.2.441613338.1643179067
.thespillnewsletter.com/ Name: _gid
Value: GA1.2.60878571.1643179067
.thespillnewsletter.com/ Name: _gat_gtag_UA_206024467_1
Value: 1
.thespillnewsletter.com/ Name: _ga_P4CE685JDL
Value: GS1.1.1643179066.1.0.1643179067.0
.thespillnewsletter.com/ Name: _awl
Value: 2.1643179068.0.5-4c45208e4aadfe38b8a48af4026bb412-6763652d6575726f70652d7765737431-0
.thespillnewsletter.com/ Name: _admrla
Value: 2.0-4c45208e-4aad-fe38-b8a4-8af4026bb412

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.neverbounce.com
cdn.neverbounce.com
click1.em.investingchannel.com
dramaticdirection.com
fonts.googleapis.com
fonts.gstatic.com
ipapi.co
static.adsafeprotected.com
thespillnewsletter.com
www.google-analytics.com
www.googletagmanager.com
www.offerfwd.net
18.117.36.41
18.66.2.39
2600:9000:21f3:b600:8:48e:53c0:93a1
2606:4700:20::681a:92c
2a00:1450:4001:800::2008
2a00:1450:4001:803::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82b::200a
35.186.249.84
54.88.27.79
54.90.128.216
74.214.203.11
0594bc1747714c1c389265fbe33a74ba35ac90f1ce98d62ea4865256810c42a2
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
18c631b79f0156e3f9b108405de84729bdf108fd059766b8beab14eacb6cf0ee
32844e62e7c9c9de7cc91e7b94fea1bed31739581ce972f48ec77ed3a765ab78
37b2e0d01ac55497d2b0f129c3a5200ad5e77727c51d67be228f6792610c13b3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
510bf99e2d7e3590a6438d4be42ffbe241185f5476377202e832685a1724fdd9
605e397a39cce368042f3fc84af3fb65a524a68ce5a8964b0032000f9a11b1aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
73a2d48ce93f8a70eaa5c548c14f78b8c38e2738de6b62d09ed1b8782b455e69
78ec3e2e1632db88bc54f06a38ebf0401027bd892f6a6a1f5b40b0ff5bc788d6
7feca22718249a24234723e546e0248e3dca72b9483c2afe78440721769bc420
9359a8f724d895d1c2cad86f6c038b3ea42043e7af01263899715d8bca3c8b42
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
b28102c6add075fc09ae7b8cb4ebb00027ccdb478c8dd25a2b9012eeef4ab3dc
b35bf395eacb6c9729106a9e6a6e12856c8bab8f9109a4fae0f7704b60a22b42
b474bd930bfc213d1c94fc91e34fb62806bbfe9e4e1dbc0543f7363894313354
b86c09aea8f0cf54032fe790123cb9fbebc2382e1cfa22cdea0d282d7d22a771
c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e
d87c4db75dcf1ed60c29dbfef18b038893f0fd11328ed416939cefa5763af605
dab98f51e1148152c96d4c7629eadb5024b853ab828121b9b753fe3d9348a1b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c5a9832f468af6e96188bd1cc736744259e4086d398ff3400ddc585aff68f2
f1ab2f2180deb17387a72b4fb456f76e277ad8b2a4038b1aa9672fd0107aba12
f9d770b785540865fa1095b80862327c4fb0f9e1470cbe0e682f7674678be937