urlscan.io logo urlscan.io
SecurityTrails logo

offers.goldalliedtrustpromos1.com Open in urlscan Pro
104.21.51.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/hpcore5wn/s98p214sm32s5sd4hui1jh4f7z85ttty2u5ik5j1g26/gld585d2s55ss.html
Effective URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Submission: On September 17 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 24 HTTP transactions. The main IP is 104.21.51.96, located in and belongs to CLOUDFLARENET, US. The main domain is offers.goldalliedtrustpromos1.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2021. Valid for: a year.
This is the only time offers.goldalliedtrustpromos1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.250.186.112 15169 (GOOGLE)
1 1 54.176.110.171 16509 (AMAZON-02)
1 1 13.57.253.186 16509 (AMAZON-02)
1 1 172.67.178.133 13335 (CLOUDFLAR...)
1 104.21.51.96 13335 (CLOUDFLAR...)
2 13.224.193.39 16509 (AMAZON-02)
2 13.225.78.5 16509 (AMAZON-02)
11 13.225.84.119 16509 (AMAZON-02)
1 142.250.184.234 15169 (GOOGLE)
1 44.193.101.206 14618 (AMAZON-AES)
4 142.250.186.67 15169 (GOOGLE)
24 9
1    142.250.186.112 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f16.1e100.net
storage.googleapis.com
1    54.176.110.171 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-110-171.us-west-1.compute.amazonaws.com
fieberling.com
1    13.57.253.186 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-57-253-186.us-west-1.compute.amazonaws.com
eilloc.com
1    172.67.178.133 (United States)

ASN13335 (CLOUDFLARENET, US)
offer.goldalliedtrustpromos1.com
1    104.21.51.96 (None, )

ASN13335 (CLOUDFLARENET, US)
offers.goldalliedtrustpromos1.com
2    13.224.193.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-39.fra2.r.cloudfront.net
builder-assets.unbounce.com
2    13.225.78.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-5.fra2.r.cloudfront.net
d34qb8suadcc4g.cloudfront.net
11    13.225.84.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-119.fra2.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
1    44.193.101.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-101-206.compute-1.amazonaws.com
events.ub-analytics.com
4    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
11 d9hhrg4mnvzow.cloudfront.net offers.goldalliedtrustpromos1.com
4 fonts.gstatic.com fonts.googleapis.com
2 d34qb8suadcc4g.cloudfront.net offers.goldalliedtrustpromos1.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com offers.goldalliedtrustpromos1.com
1 events.ub-analytics.com offers.goldalliedtrustpromos1.com
1 fonts.googleapis.com builder-assets.unbounce.com
1 offers.goldalliedtrustpromos1.com
1 offer.goldalliedtrustpromos1.com 1 redirects
1 eilloc.com 1 redirects
1 fieberling.com 1 redirects
1 storage.googleapis.com
24 11

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-26 -
2022-01-25		 a year crt.sh
*.unbounce.com
Amazon		 2021-03-10 -
2022-04-08		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.ub-analytics.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Frame ID: F5AC3B0D3461098729EC02513C4673E2
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://storage.googleapis.com/hpcore5wn/s98p214sm32s5sd4hui1jh4f7z85ttty2u5ik5j1g26/gld585d2s55ss.html Page URL
  2. https://fieberling.com/?E=1ji559d8YM8RsH8ynMdgxIYeZ9uj%2bKn%2b&s1=tb58852 HTTP 302
    https://eilloc.com/?E=1ji559d8YM8RsH8ynMdgxIYeZ9uj%2bKn%2b&s1=tb58852&ckmguid=69fa6382-4d7f-4fd... HTTP 302
    http://offer.goldalliedtrustpromos1.com/?c=138&s1=5599&s2=378357048&s3=tb58852&s4=GAT1 HTTP 302
    https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

9
IPs

2
Countries

897 kB
Transfer

1114 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/hpcore5wn/s98p214sm32s5sd4hui1jh4f7z85ttty2u5ik5j1g26/gld585d2s55ss.html Page URL
  2. https://fieberling.com/?E=1ji559d8YM8RsH8ynMdgxIYeZ9uj%2bKn%2b&s1=tb58852 HTTP 302
    https://eilloc.com/?E=1ji559d8YM8RsH8ynMdgxIYeZ9uj%2bKn%2b&s1=tb58852&ckmguid=69fa6382-4d7f-4fd5-9e8a-70445bc18b47 HTTP 302
    http://offer.goldalliedtrustpromos1.com/?c=138&s1=5599&s2=378357048&s3=tb58852&s4=GAT1 HTTP 302
    https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gld585d2s55ss.html
storage.googleapis.com/hpcore5wn/s98p214sm32s5sd4hui1jh4f7z85ttty2u5ik5j1g26/ 		249 B
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/hpcore5wn/s98p214sm32s5sd4hui1jh4f7z85ttty2u5ik5j1g26/gld585d2s55ss.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.112 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f16.1e100.net
Software
UploadServer /
Resource Hash
11d1419ba46558762eb603de2b1c9fc2ae9c4856451194f06320ce17e0883fa0

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/hpcore5wn/s98p214sm32s5sd4hui1jh4f7z85ttty2u5ik5j1g26/gld585d2s55ss.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdvoEU5FSLsOXB4tkMzaeMFXXWUiWxo_-RR0pBXAQyqn8DMxeOPwA7GqjI0njqmhp0ErG7xIKb1w5ee4vLFzEpk
expires
Fri, 17 Sep 2021 10:16:50 GMT
date
Fri, 17 Sep 2021 09:16:50 GMT
last-modified
Thu, 16 Sep 2021 14:29:54 GMT
etag
"a6a2225de2d71e9502b09eafbeb065a5"
x-goog-generation
1631802594872749
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
249
content-type
text/html
x-goog-hash
crc32c=xwc6vA== md5=pqIiXeLXHpUCsJ6vvrBlpQ==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
249
server
UploadServer
cache-control
public, max-age=3600
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Primary Request /
offers.goldalliedtrustpromos1.com/offer-1/
Redirect Chain
  • https://fieberling.com/?E=1ji559d8YM8RsH8ynMdgxIYeZ9uj%2bKn%2b&s1=tb58852
  • https://eilloc.com/?E=1ji559d8YM8RsH8ynMdgxIYeZ9uj%2bKn%2b&s1=tb58852&ckmguid=69fa6382-4d7f-4fd5-9e8a-70445bc18b47
  • http://offer.goldalliedtrustpromos1.com/?c=138&s1=5599&s2=378357048&s3=tb58852&s4=GAT1
  • https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
71 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.51.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eb207b41dc90917e84694953137ff523a1fe88ddc0db9d37e6343f2e7bb0f6d

Request headers

:method
GET
:authority
offers.goldalliedtrustpromos1.com
:scheme
https
:path
/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/hpcore5wn/s98p214sm32s5sd4hui1jh4f7z85ttty2u5ik5j1g26/gld585d2s55ss.html

Response headers

date
Fri, 17 Sep 2021 09:16:53 GMT
content-type
text/html; charset=UTF-8
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
421d8b9b-3c46-44c1-993b-6393b7f6eb6e
last-modified
Tue, 26 Jan 2021 23:28:49 GMT
x-unbounce-visitorid
631963b7-251f-402e-a232-09e0fd01f7d7
x-unbounce-variant
ck
content-location
https://offers.goldalliedtrustpromos1.com/offer-1/
link
<https://offers.goldalliedtrustpromos1.com/offer-1/>; rel="canonical"
set-cookie
ubpv=ck%2C421d8b9b-3c46-44c1-993b-6393b7f6eb6e; Max-Age=15897600; Expires=Sun, 20 Mar 2022 09:16:53 GMT; Path=/offer-1/; SameSite=Lax ubvs=631963b7-251f-402e-a232-09e0fd01f7d7; Max-Age=15552000; Expires=Wed, 16 Mar 2022 09:16:53 GMT; Path=/; SameSite=Lax ubvt=631963b7-251f-402e-a232-09e0fd01f7d7; Max-Age=259200; Expires=Mon, 20 Sep 2021 09:16:53 GMT; Path=/; Domain=goldalliedtrustpromos1.com; SameSite=Lax
x-proxy-backend
page-server
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DxfrZjD5w0zoGpUkMoXEFYB1NXWSGwBDpUcJuVFk%2B0xKY0eEAK0UAclw2wZiIE7%2F0T%2BAOW%2FN3an1Tga2E%2F%2FuytPHVAkv3H0XL%2F1RYNTpjyq2hzln7nSsCKsMCvA8%2BOUxl9SrLZlxatLGyg7Bz9DN54GL6k%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69013cffbe7a6937-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Fri, 17 Sep 2021 09:16:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/5.6.40
set-cookie
PHPSESSID=jr62c6i0a70m3rhhn4h8fqhh12; path=/
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache, must-revalidate
pragma
no-cache
location
https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9m%2FElJ583swf06pNyJW8soDOjJ29F2yABdkTa4vN4eL4jYRt6SuOUgVDw3L6UJsQu8yxUGSmokW%2FUx6kRlywKI8TZZxw48mj4xt6GYO6%2Br9RsVyj8rH4WXeDC7tAAC69Ntj%2B%2BH%2BvatA7lLhXBcUNc8Mg%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
69013cfc39c3c2a4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-39.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 01:12:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:15 GMT
server
AmazonS3
age
19382676
etag
"387bd017c5b4c65e427e652174ec93b6"
x-cache
Hit from cloudfront
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
qV95rhBFB9-eGcH3f1mZh1fauFVzYqDbzaXKgf7x0c0VlX-dSDxx2g==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-5.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 03 May 2021 00:38:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
11867896
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
8P6zKOFmf2vKnqtotkibEq9juu_Zkig-8RYQcZmYLHOX8xePk_bPpg==
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-39.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 22:06:03 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:10 GMT
server
AmazonS3
age
8421051
etag
"bb50eefe0cf9244bc17fe34bb55821bb"
x-cache
Hit from cloudfront
x-amz-version-id
ipR703zeXb6Y9CZFo9gIWbPXuPKHmpp3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33645
x-amz-cf-id
xzKTq2498yoMl_5mPi6aRryNXEuzqRrfZNELxy7WcQndfVC6F9JKXw==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
125950e4-96363c9337b2d1aad24323b1d9efda72_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		339 KB
339 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/125950e4-96363c9337b2d1aad24323b1d9efda72_100000000000000000001o.jpg
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cdf5a15d1aaf2bf5b2e30c1396b95c121eb8bc119e6f67c2605e583b7f81515

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 15:15:37 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1533677
etag
"1232cf4688e7691c4e15a0a72f410407"
x-cache
Hit from cloudfront
x-amz-version-id
1LKis6NQ2GP5rReAkhuj8o.Fb5y_w66D
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
346753
x-amz-cf-id
oE5bhLmwp8HQpWsvZDdHzkFkI_HgP1a_RAfwfBu5wJuV9FNqlK1HBg==
b64ebc9a-us-federal-reserve-eccles-building-1937_11hc14d00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		233 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/b64ebc9a-us-federal-reserve-eccles-building-1937_11hc14d00000000000001o.jpg
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31adfb3d3f4ca480f91d7898d0eeb6df9400cdf730e3490df1c8821d89c492ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 17:18:42 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1526292
etag
"75c08b74e67ce0a584abffbb0de66ca9"
x-cache
Hit from cloudfront
x-amz-version-id
maU8rNTAy_HNF1YJAoQBkG4D9.RrIs7l
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
238261
x-amz-cf-id
7-x8NciyuidVMMYxSnNOpDBDpPmXMW9riS9AT1t2ymnacQL_m9YAyg==
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-5.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:20:35 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
16970179
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
wkBH2PKNybSy0vh3uNOuDnxxA4aPw6puUHxTGbEVW1bZzzGCoxWVjA==
631358eb-0655-405e-8694-5b7765198ddf
https://offers.goldalliedtrustpromos1.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://offers.goldalliedtrustpromos1.com/631358eb-0655-405e-8694-5b7765198ddf
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:regular,700,italic%7CCinzel:700%7COpen+Sans:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
5ae5eace35f14c20f7690a555152ba7db6c10d221ec155a1b46646810be18ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 09:16:53 GMT
server
ESF
date
Fri, 17 Sep 2021 09:16:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Sep 2021 09:16:53 GMT
760e1d64-registered-member-badge_106101v000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/760e1d64-registered-member-badge_106101v000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
befcd7b511ab56b0fb5ecf878049325987d7b9986b54903c4fce0c573302940c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:15:20 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
417694
etag
"766a0e4d0136a067933edd237ceb17a2"
x-cache
Hit from cloudfront
x-amz-version-id
vg7zLO_ln.bhmDMMCXI1e.t2nusI_qxu
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
4567
x-amz-cf-id
P40LAbMT-8BBMl2VPTHZaPK-Ba7HuxWt1tYeSUo_h_EFZJwwDUMniA==
aa21286d-3d-guide_10bd078000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/aa21286d-3d-guide_10bd078000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f53c3f09dacbe9f55ccdf83770bdd72a7ddec202213ab53fe67e85c377afa017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:15:20 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
417694
etag
"be8b035294afb1b61a878f931122051e"
x-cache
Hit from cloudfront
x-amz-version-id
Nh9UXq.p2cCb5UewCJoTXOLnPd8VbQhE
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
14657
x-amz-cf-id
VCoWkEvAMgZpzNW38QSm_smL2J2OTx457d7mW7z6Uje_S6xFSU_5Nw==
8bab1bd0-gold-seal_104u041000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/8bab1bd0-gold-seal_104u041000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8a30f4404da024333d5ab897c1e6b2eb11eba83fadcdcdc04fc3486be4d1f01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 17:18:43 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1526291
etag
"4ac83065e541c2c6a5fc3ce80ea38ad9"
x-cache
Hit from cloudfront
x-amz-version-id
OrCFjp.rXVNRWbQOFUYDighunw.R1dOY
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
11194
x-amz-cf-id
KhRAG_G9yLvsQhAg5lpwvjDjwQ4O5_nJ8zt4l98Jp2VduMwCs2hNog==
dd611516-logo-1_108u01u000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/dd611516-logo-1_108u01u000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8b6c42d100d6d75b00eb6cd9644bb33612d05a5fc3b8e1c36ad032525f36808

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:15:21 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:49 GMT
server
AmazonS3
age
417693
etag
"27c641d6878752b6d80de1fef2a4e101"
x-cache
Hit from cloudfront
x-amz-version-id
CCqx8ZjTerK307R3TDzLV0BNYMmpqY2i
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
3878
x-amz-cf-id
qQmr-YlU9yt7VTzKtB8eXAcZXKiyxrILESOR5SrWiYVWeAoX0YgxxQ==
c1c59d34-egt-marchemails-01-1-2_10em03n000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/c1c59d34-egt-marchemails-01-1-2_10em03n000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ff43fc396eb068efcae3048235e59c3465e1d0c69ebd8956f844edea7f9f746

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 17:18:43 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:49 GMT
server
AmazonS3
age
1526291
etag
"ca1da4ebd15d79a79387db8ef530793f"
x-cache
Hit from cloudfront
x-amz-version-id
v3guqUFjzI37ha_3po0UZRnRfNNQx8Ic
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
12757
x-amz-cf-id
Qr6dE0tV619bI8BNVrS2Q-1xWEYiXBLaEv0elck7ThhaqFI5RKYMig==
36pq2g-1557857466-42814232-600x250-shutterstock-1943168_10a2047000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/36pq2g-1557857466-42814232-600x250-shutterstock-1943168_10a2047000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58d8d4f85fd186c088db79550207148cf74caa5170e378d9b057f1bb9b4f0c1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 17:18:43 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1526291
etag
"1b6f452f8dadbe7f8499cb450801ed14"
x-cache
Hit from cloudfront
x-amz-version-id
I46kXKg1vdSw1YFkzYQfXIL1RgBfaoTL
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
24904
x-amz-cf-id
pnxQebTi5gV5vQuXnWn3pGL4Tcbx27zyYGdhw7ts_-1bXBamV8dFOw==
1a4df83f-s-l400-1_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/1a4df83f-s-l400-1_1000000000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c67b4c5a3249daaa23101c082be583ef87b28b983168f1ca176bd59f14d7e2ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 15:15:37 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1533677
etag
"e54851af920307f1a08b6173689c7045"
x-cache
Hit from cloudfront
x-amz-version-id
A4Z0FQFWMKEa3Z0jF_WHGNETrW.EKKqz
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
56454
x-amz-cf-id
T0C0lLHBhRWAiGeQElfsWX-483NSZadzv_olt-W9NwyLaYMUxNvmKw==
c1c59d34-egt-marchemails-01-1-2_10cq036000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/c1c59d34-egt-marchemails-01-1-2_10cq036000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e81bdef25a50dd26d27898847e06b3fb27acfc2215c47a5e1a175eeded9a9bd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 14:30:11 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:49 GMT
server
AmazonS3
age
672403
etag
"1c2e6cc8c75cf62bb6baf433b5b96cef"
x-cache
Hit from cloudfront
x-amz-version-id
syn6sJRQAwXBejP2Jcw0dQjS4MSJbB7x
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
10684
x-amz-cf-id
v8OxFCnksTIy4yY-ov5G1eX9KjbiCfD7qDlIOWoCHnx1TGUQVJgVYA==
48d46777-188-1884205-better-business-bureau-accredited-bussiness-better-business-bureau-2_104s022000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.goldalliedtrustpromos1.com/offer-1/48d46777-188-1884205-better-business-bureau-accredited-bussiness-better-business-bureau-2_104s022000000000000028.png
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f38109a7f83195dd3f5d1ef8748fd8c15ee54ae7f57de75b6578cdc210cf615

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 17:18:43 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jan 2021 23:28:48 GMT
server
AmazonS3
age
1526291
etag
"7cafe8a99afadcc03fb58baf1e0840fb"
x-cache
Hit from cloudfront
x-amz-version-id
EQB_xqeuBmzGgoNffVOpgDf4OSoZtWCT
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
1548
x-amz-cf-id
8qMzuB8mHYwmkTPnIRHi38KUvJJVqsOVCZhZXwxR5dU6q7to_Riwqg==
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1631870213398&e=pv&url=https%3A%2F%2Foffers.goldalliedtrustpromos1.com%2Foffer-1%2F%3Flp_request_id%3D61445d04d5f54%26lp_s2%3D378357048&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=2014e75b-3ee8-42ba-bb6a-480b8e66c4c5&dtm=1631870213396&vp=1600x1200&ds=1600x1453&vid=1&sid=be6a6af8-5b48-4946-a1fe-92cb0802dffd&duid=03c55f6f-2419-48a3-b4a2-3f30d3984cdb&uid=631963b7-251f-402e-a232-09e0fd01f7d7&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNDIxZDhiOWItM2M0Ni00NGMxLTk5M2ItNjM5M2I3ZjZlYjZlIiwidmFyaWFudElkIjoiY2siLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
Requested by
Host: offers.goldalliedtrustpromos1.com
URL: https://offers.goldalliedtrustpromos1.com/offer-1/?lp_request_id=61445d04d5f54&lp_s2=378357048
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.101.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-101-206.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://offers.goldalliedtrustpromos1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Sep 2021 09:16:53 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:regular,700,italic%7CCinzel:700%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrustpromos1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 14:14:17 GMT
x-content-type-options
nosniff
age
414156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:29:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 14:14:17 GMT
8vIU7ww63mVu7gtR-kwKxNvkNOjw-jHgfY3lDQ.woff2
fonts.gstatic.com/s/cinzel/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cinzel/v11/8vIU7ww63mVu7gtR-kwKxNvkNOjw-jHgfY3lDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:regular,700,italic%7CCinzel:700%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
8a8766fb80ee5f488c37a65ab90907126206369bcc241deb9c97cc04ef0a2883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrustpromos1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 00:07:10 GMT
x-content-type-options
nosniff
age
119383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14336
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 23:14:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Sep 2022 00:07:10 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:regular,700,italic%7CCinzel:700%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrustpromos1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 14:18:31 GMT
x-content-type-options
nosniff
age
413902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 14:18:31 GMT
nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:regular,700,italic%7CCinzel:700%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
9c225d8e629ad78e5d577a4cb4f400351d2ec232da542b89be98e43a6a4c9fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.goldalliedtrustpromos1.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:13:17 GMT
x-content-type-options
nosniff
age
353016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29328
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:30:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 07:13:17 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| ub object| module object| UnbounceSnowplowNamespace function| ubSnowplow function| fixfirstnm function| fixlastnm function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow

7 Cookies

Domain/Path Name / Value
offers.goldalliedtrustpromos1.com/offer-1/ Name: ubpv
Value: ck%2C421d8b9b-3c46-44c1-993b-6393b7f6eb6e
.eilloc.com/ Name: som
Value: 0XD9ylywkKfMsobs2i0k8raKAXYBC2EbW5t5JZtRtAdP1DnCYJdGXQ==
.eilloc.com/ Name: tfl
Value: jqu30uSOx1faKr040SAKwbaKAXYBC2EbW5t5JZtRtAdP1DnCYJdGXQ==
.eilloc.com/ Name: c5945
Value: 0XD9ylywkKdHTHVvjWO9mpptBkE98L13IJ9QnWRIzi5cFDiuaCVwzg==
offer.goldalliedtrustpromos1.com/ Name: PHPSESSID
Value: jr62c6i0a70m3rhhn4h8fqhh12
offers.goldalliedtrustpromos1.com/ Name: ubvs
Value: 631963b7-251f-402e-a232-09e0fd01f7d7
.goldalliedtrustpromos1.com/ Name: ubvt
Value: 631963b7-251f-402e-a232-09e0fd01f7d7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
eilloc.com
events.ub-analytics.com
fieberling.com
fonts.googleapis.com
fonts.gstatic.com
offer.goldalliedtrustpromos1.com
offers.goldalliedtrustpromos1.com
storage.googleapis.com
104.21.51.96
13.224.193.39
13.225.78.5
13.225.84.119
13.57.253.186
142.250.184.234
142.250.186.112
142.250.186.67
172.67.178.133
44.193.101.206
54.176.110.171
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
11d1419ba46558762eb603de2b1c9fc2ae9c4856451194f06320ce17e0883fa0
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
31adfb3d3f4ca480f91d7898d0eeb6df9400cdf730e3490df1c8821d89c492ac
3ff43fc396eb068efcae3048235e59c3465e1d0c69ebd8956f844edea7f9f746
58d8d4f85fd186c088db79550207148cf74caa5170e378d9b057f1bb9b4f0c1f
5ae5eace35f14c20f7690a555152ba7db6c10d221ec155a1b46646810be18ecd
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
6eb207b41dc90917e84694953137ff523a1fe88ddc0db9d37e6343f2e7bb0f6d
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8a8766fb80ee5f488c37a65ab90907126206369bcc241deb9c97cc04ef0a2883
8f38109a7f83195dd3f5d1ef8748fd8c15ee54ae7f57de75b6578cdc210cf615
9c225d8e629ad78e5d577a4cb4f400351d2ec232da542b89be98e43a6a4c9fac
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9cdf5a15d1aaf2bf5b2e30c1396b95c121eb8bc119e6f67c2605e583b7f81515
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
b8b6c42d100d6d75b00eb6cd9644bb33612d05a5fc3b8e1c36ad032525f36808
befcd7b511ab56b0fb5ecf878049325987d7b9986b54903c4fce0c573302940c
c67b4c5a3249daaa23101c082be583ef87b28b983168f1ca176bd59f14d7e2ef
c8a30f4404da024333d5ab897c1e6b2eb11eba83fadcdcdc04fc3486be4d1f01
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
e81bdef25a50dd26d27898847e06b3fb27acfc2215c47a5e1a175eeded9a9bd3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f53c3f09dacbe9f55ccdf83770bdd72a7ddec202213ab53fe67e85c377afa017