www.irsloopholekit-email3.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://restoringtechnologies.com/uiygujb-09876trdfHGJJKUYFGHGF==0U9YTUYJKIUYFouituyrfgjhuiytyrdfhjgffcvbjkhgf/kilooo
Effective URL:
https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email...
Submission: On June 20 via manual (June 20th 2022, 9:28:44 am UTC) from IN — Scanned from DE

Summary HTTP 94 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 30 domains to perform 94 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.irsloopholekit-email3.com. The Cisco Umbrella rank of the primary domain is 771416.
TLS certificate: Issued by R3 on June 4th 2022. Valid for: 3 months.

This is the only time www.irsloopholekit-email3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	139.59.17.95 139.59.17.95	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	192.161.48.42 192.161.48.42	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
1 3	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
4	108.157.4.6 108.157.4.6	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:4a00:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	52.92.192.104 52.92.192.104	16509 (AMAZON-02) (AMAZON-02)
25	52.222.250.38 52.222.250.38	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.2.6 18.66.2.6	16509 (AMAZON-02) (AMAZON-02)
1	52.204.197.236 52.204.197.236	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	143.204.89.129 143.204.89.129	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.113 143.204.89.113	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	46.51.142.25 46.51.142.25	16509 (AMAZON-02) (AMAZON-02)
1	3.209.57.206 3.209.57.206	14618 (AMAZON-AES) (AMAZON-AES)
1 2	44.241.129.108 44.241.129.108	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
94	39

1 139.59.17.95 (Bengaluru, India) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

restoringtechnologies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.161.48.42 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 192.161.48.42.static.quadranet.com

www.celspuvi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.202.50 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

www.irsloopholekit-email3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0f45c382aad447eca80d744b72deadb8.pages.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.157.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-6.dus51.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:4a00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

0f45c382aad447eca80d744b72deadb8.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.192.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.222.250.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-38.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-6.txl50.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.197.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-197-236.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-129.fra50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-113.fra50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.142.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-142-25.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.57.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-57-206.compute-1.amazonaws.com

0f45c382aad447eca80d744b72deadb8.events.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.241.129.108 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-129-108.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	698 KB
11	gstatic.com fonts.gstatic.com	250 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2036 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3833 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3819 tracking.crazyegg.com — Cisco Umbrella Rank: 3678	33 KB
5	ubembed.com 0f45c382aad447eca80d744b72deadb8.js.ubembed.com — Cisco Umbrella Rank: 454597 assets.ubembed.com — Cisco Umbrella Rank: 11171 df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com — Cisco Umbrella Rank: 404438 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com — Cisco Umbrella Rank: 754111 0f45c382aad447eca80d744b72deadb8.events.ubembed.com — Cisco Umbrella Rank: 748347	56 KB
4	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 26998 track.hubspot.com — Cisco Umbrella Rank: 2521 api.hubspot.com — Cisco Umbrella Rank: 4847	22 KB
4	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 18011	73 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2102 tr.outbrain.com — Cisco Umbrella Rank: 1891	4 KB
2	alocdn.com 1 redirects p.alocdn.com — Cisco Umbrella Rank: 6882	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5111	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 9	655 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 125 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	2 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2859
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	33 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	135 KB
2	irsloopholekit-email3.com 1 redirects www.irsloopholekit-email3.com — Cisco Umbrella Rank: 771416	18 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2412	16 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5441	21 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 8247	925 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 91	408 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 554	354 B
1	t.co t.co — Cisco Umbrella Rank: 466	337 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	15 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2868	6 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 681	15 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 25044	245 B
1	amazonaws.com s3-us-west-2.amazonaws.com	29 KB
1	celspuvi.com www.celspuvi.com	573 B
1	restoringtechnologies.com 1 redirects restoringtechnologies.com	383 B
94	30

	Domain	Requested by
25	d9hhrg4mnvzow.cloudfront.net	www.irsloopholekit-email3.com 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
11	fonts.gstatic.com	fonts.googleapis.com
4	script.crazyegg.com	www.irsloopholekit-email3.com script.crazyegg.com
4	builder-assets.unbounce.com	www.irsloopholekit-email3.com 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
2	api.hubspot.com	js.usemessages.com
2	p.alocdn.com	1 redirects
2	www.google.de	www.irsloopholekit-email3.com
2	www.google.com	www.irsloopholekit-email3.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	tr.outbrain.com	amplify.outbrain.com www.irsloopholekit-email3.com
2	connect.facebook.net	www.celspuvi.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	builder-assets.unbounce.com
2	www.googletagmanager.com	www.irsloopholekit-email3.com www.googletagmanager.com
2	d34qb8suadcc4g.cloudfront.net	www.irsloopholekit-email3.com d34qb8suadcc4g.cloudfront.net
2	www.irsloopholekit-email3.com	1 redirects www.celspuvi.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	js.usemessages.com	js-na1.hs-scripts.com
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hubspot.com
1	0f45c382aad447eca80d744b72deadb8.events.ubembed.com	assets.ubembed.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	www.facebook.com	www.irsloopholekit-email3.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	analytics.twitter.com	www.irsloopholekit-email3.com
1	t.co	www.irsloopholekit-email3.com
1	0f45c382aad447eca80d744b72deadb8.pages.ubembed.com	assets.ubembed.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.pdst.fm	www.celspuvi.com
1	static.ads-twitter.com	www.celspuvi.com
1	df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	events.ub-analytics.com	www.irsloopholekit-email3.com
1	assets.ubembed.com	0f45c382aad447eca80d744b72deadb8.js.ubembed.com
1	s3-us-west-2.amazonaws.com	www.irsloopholekit-email3.com
1	js.hubspot.com	www.irsloopholekit-email3.com
1	0f45c382aad447eca80d744b72deadb8.js.ubembed.com	www.irsloopholekit-email3.com
1	www.celspuvi.com
1	restoringtechnologies.com	1 redirects
94	42

This site contains links to these domains. Also see Links.

Domain
goldco.com
submit.optout-goldco.com

Subject Issuer	Validity	Valid
www.celspuvi.com R3	`2022-05-08` - `2022-08-06`	3 months	crt.sh
www.irsloopholekit-email3.com R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
*.unbounce.com Amazon	`2022-02-08` - `2023-03-09`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
*.ub-analytics.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-29` - `2022-06-27`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2022-06-12` - `2022-09-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.pages.ubembed.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-28` - `2023-03-31`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
www.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.events.ubembed.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Frame ID: 75B1C45C3039BD0F02B009AD01C3B8EC
Requests: 79 HTTP requests in this frame

Frame: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/an.html?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune&closedAt=0
Frame ID: 6441D065DC20831900B11333E23AFB50
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Protect & Secure Your Retirement Savings Today!

Page URL History Show full URLs

http://restoringtechnologies.com/uiygujb-09876trdfHGJJKUYFGHGF==0U9YTUYJKIUYFouituyrfgjhuiytyrdfhjgffcvbjkhgf... HTTP 302
https://www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93... Page URL
https://www.irsloopholekit-email3.com/lh031522?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=M... HTTP 301
https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=... Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

94
Requests

96 %
HTTPS

46 %
IPv6

30
Domains

42
Subdomains

39
IPs

5
Countries

1453 kB
Transfer

2702 kB
Size

26
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://goldco.com/privacy-policy/?__hstc=241439197.479d83a55aed18b6ebdc3378f3d7b395.1655717318973.1655717318973.1655717318973.1&__hssc=241439197.1.1655717318974&__hsfp=2153072566
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://goldco.com/terms-and-conditions/?__hstc=241439197.479d83a55aed18b6ebdc3378f3d7b395.1655717318973.1655717318973.1655717318973.1&__hssc=241439197.1.1655717318974&__hsfp=2153072566
Title: T&C

Search URL Search Domain Scan URL

URL: http://submit.optout-goldco.com/unsub/7zE6qafxRd2XIqW3mSzrRQXx3bQCQKYFOgTICRC2R0rB13u8MSMyfumxJe2N3lcp
Title: click here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://restoringtechnologies.com/uiygujb-09876trdfHGJJKUYFGHGF==0U9YTUYJKIUYFouituyrfgjhuiytyrdfhjgffcvbjkhgf/kilooo HTTP 302
https://www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93dZ_vgzg5eg~~/goldco-01ABjune Page URL
https://www.irsloopholekit-email3.com/lh031522?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune HTTP 301
https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://restoringtechnologies.com/uiygujb-09876trdfHGJJKUYFGHGF==0U9YTUYJKIUYFouituyrfgjhuiytyrdfhjgffcvbjkhgf/kilooo HTTP 302
https://www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93dZ_vgzg5eg~~/goldco-01ABjune

Request Chain 88

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.0%2522%252C%2522guid%2522%253A%2522d3994ca5-eb2d-4f5e-bb90-a05d879ad444%2522%257D&title=Protect%20%26%20Secure%20Your%20Retirement%20Savings%20Today!&url=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&referrer=https%3A%2F%2Fwww.celspuvi.com%2F HTTP 302
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.0%2522%252C%2522guid%2522%253A%2522d3994ca5-eb2d-4f5e-bb90-a05d879ad444%2522%257D&title=Protect%20%26%20Secure%20Your%20Retirement%20Savings%20Today%21&url=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&referrer=https%3A%2F%2Fwww.celspuvi.com%2F&tdc=1

94 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

goldco-01ABjune
www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93dZ_vgzg5eg~~/
Redirect Chain

http://restoringtechnologies.com/uiygujb-09876trdfHGJJKUYFGHGF==0U9YTUYJKIUYFouituyrfgjhuiytyrdfhjgffcvbjkhgf/kilooo
https://www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93dZ_vgzg5eg~~/goldco-01ABjune

269 B
573 B

1085ms
462ms

Document
text/html

192.161.48.42
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93dZ_vgzg5eg~~/goldco-01ABjune
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.161.48.42 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 192.161.48.42.static.quadranet.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 269
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Jun 2022 09:28:37 GMT
Server: Apache

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Jun 2022 09:28:35 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93dZ_vgzg5eg~~/goldco-01ABjune
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16

GET
H/1.1

200
OK

Primary Request / Show response
www.irsloopholekit-email3.com/lh031522/
Redirect Chain

https://www.irsloopholekit-email3.com/lh031522?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco...
https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldc...

135 KB
18 KB

42ms
24ms

Document
text/html

3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Requested by: Host: www.celspuvi.com
URL: https://www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93dZ_vgzg5eg~~/goldco-01ABjune
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bca2396c678bab81687fe0ecb1ed4b44ad1e86af74fb76241411d047868a805c

Request headers

Referer: https://www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93dZ_vgzg5eg~~/goldco-01ABjune
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-location: https://www.irsloopholekit-email3.com/lh031522/
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 09:28:37 GMT
etag: "bz:aa1fed0bc1f299e1c5ad036ef5deefdb"
last-modified: Fri, 17 Jun 2022 22:17:54 GMT
link: <https://www.irsloopholekit-email3.com/lh031522/>; rel="canonical"
p3p: CP="This is not a privacy policy."
transfer-encoding: chunked
x-proxy-backend: page-server
x-unbounce-pageid: 84a45c6c-902b-4d90-87ca-7c48ce30495c
x-unbounce-variant: bz
x-unbounce-visitorid: 600fa26b-55e7-4028-be66-c58859ee3e6f

Redirect headers

connection: close
content-length: 0
date: Mon, 20 Jun 2022 09:28:37 GMT
location: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
p3p: CP="This is not a privacy policy."
x-proxy-backend: page-server

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 75ms
15ms Stylesheet
text/css 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 27 May 2022 01:08:10 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 15:25:12 GMT
server: AmazonS3
age: 2103628
etag: "8a6914b8829d3f926055f689771fe755"
x-cache: Hit from cloudfront
x-amz-version-id: KMvcis7.L0zEYzi_9UIlTjJ2K9lUXHro
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: oH1O-aYIn4NQJ5EcpMwhRZDUh62OVXWic1PqPR8lvliN0b7zVfFT5A==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 70ms
10ms Script
application/javascript 2600:9000:2156:4a00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 05 May 2022 12:14:08 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
server: AmazonS3
age: 3964470
etag: "f6420c864830b5860bfaadd47a2bb21b"
x-cache: Hit from cloudfront
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 1856
x-amz-cf-id: 7uD4i0VDE44TbJl6jO6WLcGda4KkjcMVVJvyT6Phg9eU2HEVOLGFwA==

GET
H2 200 9515.js Show response
script.crazyegg.com/pages/scripts/0111/ 5 KB
2 KB 128ms
50ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0111/9515.js
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af55d1a44d43828acadaf2a2364028b5d6c864402f49a8b492b8b9cf10caf077

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 39146
cf-polished: origSize=5359
cf-ray: 71e379b6291823c7-ZRH
ce-version: 11.1.447
last-modified: Sun, 19 Jun 2022 22:36:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 main.bundle-7a80b17.z.js Show response
builder-assets.unbounce.com/published-js/ 103 KB
33 KB 36ms
21ms Script
application/javascript 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 11 May 2022 15:50:20 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 15:25:07 GMT
server: AmazonS3
age: 3433099
etag: "115451db447a15fd94ca1eec82178c7c"
x-cache: Hit from cloudfront
x-amz-version-id: hO9WFSZalI7CFVogzNPJaI4zzDMeqqnQ
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
content-length: 33491
x-amz-cf-id: dgJOl-jRGI_9SpsJPtFZOYQYU1qawkP1Wz3rUHE_Tjq0W0VflAAr3g==

GET
H2 200 / Show response
0f45c382aad447eca80d744b72deadb8.js.ubembed.com/ 4 KB
2 KB 60ms
7ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://0f45c382aad447eca80d744b72deadb8.js.ubembed.com/
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 132d9a49021f4d50c37e70e8a73c83a39a7735dd5cfbf990d5048131a32fa2a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 2462
etag: W/15e7c35995ad4e2b669c07a0297cb025-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA56-C1
accept-ranges: none
x-amz-apigw-id: UA0WTEnZDoEFhAg=

GET
H2 200 3704751.js Show response
js.hubspot.com/analytics/ 62 KB
20 KB 278ms
216ms Script
text/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/analytics/3704751.js

Requested by

Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

437208a6d29842a249b9cefa68179c2c668f9b79604599cdded01760ead7c217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: THJB5TXPNMP00441
x-amz-server-side-encryption: AES256
cf-ray: 71e379b61a7a2397-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: zDoQGXqEW+HBrzYg2K44QkSWjHUwYKqiL01/bdZIQB64q503jetMgiH1SKcxOUOlKapKZnP7N6c=
last-modified: Tue, 14 Jun 2022 15:11:25 GMT
server: cloudflare
etag: W/"32021c9106233fdd4c557dcf96b4facb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EHw4%2Btma1U%2F0dr8%2Fko5fRSiVvxbWiNYBs%2BzXnm7yyLUj7rt2b2SKN7fXtS9hOe4LWm2RuvG6TlaCz7DP7SRQ8AhCVq2Kskz98qtkknFg8p4ok3%2BbqH%2B6lbVF3YlE5sraRgiQtDqrx4klb12"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 20 Jun 2022 09:33:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
78 KB 85ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fca5089bb553bc27e91dcb0596da66be0f7cf95e4a2083a4d7833be235a9b494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79287
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Jun 2022 09:28:38 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/storejs/a/NXGH2ZQ/ 29 KB
29 KB 674ms
179ms Script
application/javascript 52.92.192.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/storejs/a/NXGH2ZQ/ge.js
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.192.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d102cba599d4b5144fe8ebab00ec9a679e63bf25a69fee938944b52f0196d0a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 09:28:39 GMT
Last-Modified: Sun, 12 Jun 2022 02:01:47 GMT
Server: AmazonS3
x-amz-request-id: 8P47GVAG2C1PC076
ETag: "451306bea1efd79d5d3b51417f3839e1"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 29464
x-amz-id-2: PoKjp0SJPLE8DEYg/Oj8EQjzmuK7TnnuxDAndrrSmCNQEa2p7scZMcAxIiUp7cG/9n89SYbjObE=
Expires: Tue, 12 Jul 2022 02:01:46 GMT

GET
H2 200 2c5d6006-awesome-borders-1062px-wide.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 1 KB
2 KB 35ms
9ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/2c5d6006-awesome-borders-1062px-wide.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98b2edc7b076f4cff5d2a03d9bd6f3b9dc4f971ed279009ff65b7e2070dcdd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 17 May 2022 14:58:09 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 17:57:11 GMT
server: AmazonS3
age: 2917830
etag: "fb8144cbb8d80842ebfceba1d521feb6"
x-cache: Hit from cloudfront
x-amz-version-id: Nlx2p7u0IvoCW55dA7WtPxZLXPeKZVCS
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 1310
x-amz-cf-id: B4AqKY-onEXAbTKoV7a5aARnXCZW7iJeXo51Zt_pNpn1b6gJnJPYaQ==

GET
H2 200 fe7cf8de-certificate-lander-bg-v2_10000001gs0hs000001028.jpg
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 97 KB
97 KB 37ms
12ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/fe7cf8de-certificate-lander-bg-v2_10000001gs0hs000001028.jpg
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2635c7003287ae897a278d91615f4eb50d5bfe3cdd94255fbd0fde66fbc632e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 20:02:15 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 6787583
etag: "b723e35c321428a3db7bec341f9d6758"
x-cache: Hit from cloudfront
x-amz-version-id: ANKIBOggKF_QTFyzGCZWtYsk6Qwkh37M
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 99104
x-amz-cf-id: eLlGb3PQDAS7jqm4zMOxDkKcJorOE4XeU-yPbkTgv0RcUqSYk5-cQg==

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 9ms
8ms Script
application/javascript 2600:9000:2156:4a00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 23 May 2022 06:02:31 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 2431568
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: Kd-cibXgG7_BolQAM1-8XyvPNVmvc_6KXx1Kqf9ehSm77bMt673MSw==

GET
BLOB 200
OK b9a148e2-a27b-43a5-9864-a6db38a9848f
https://www.irsloopholekit-email3.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.irsloopholekit-email3.com/b9a148e2-a27b-43a5-9864-a6db38a9848f
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 62ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700,300%7COswald:regular,700,500%7COpen+Sans:regular,300%7CSource+Sans+Pro:italic%7CRoboto:700,300

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24f7328fbe92359ea42b9c7fada6e438ce8a1a8e5c4d4dc0d59ad1462fa4a3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 09:28:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Jun 2022 09:28:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Jun 2022 09:28:38 GMT

GET
H2 200 bc7980bb-2022-goldco-offer-stack-guide-video-audio-600px-wide-no-irs-loophole-inside.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 384 KB
384 KB 15ms
13ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/bc7980bb-2022-goldco-offer-stack-guide-video-audio-600px-wide-no-irs-loophole-inside.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71976b2e78d1064221be745bafdc228c1c140b31bed71f6b61e1dc250d6c982e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 20:02:16 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 6787583
etag: "209986ac7565c24efffdfd7f2d8ffc50"
x-cache: Hit from cloudfront
x-amz-version-id: jdnP3u8JBREPPSdt_qEwD2TsqksqlcTO
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 392881
x-amz-cf-id: rG_2WstMqeikDkZTY-hUy73UXjlsJa5hpMg3amlApNX_J-uOOxvMwg==

GET
H2 200 f99d2e6e-irs-loophole-inside_104l01p000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 3 KB
3 KB 17ms
10ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/f99d2e6e-irs-loophole-inside_104l01p000000000000028.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d8774474b71a7413fb36ad1710aa335cd2ef0f95b3c0df991587d600c423536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 12:01:36 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 7248423
etag: "449746cc665bf1eeb2ff2d63ea41224d"
x-cache: Hit from cloudfront
x-amz-version-id: 0hq0YEYzM1JI1GsNUHmbSSz18Stwz.AB
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 3008
x-amz-cf-id: TjZy9z3R58b-8RL2sta6kXtwoKdfa2d3arKz6h1LJu2cVl4chs2ELA==

GET
H2 200 4c2e586f-black-arrow-1_104r01j04q01j000000000.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 3 KB
3 KB 20ms
14ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/4c2e586f-black-arrow-1_104r01j04q01j000000000.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddfb7af3dc0681783ec0882a34fe788b344027e4f0a630e73f7e6238c261989a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:12:32 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 17:57:11 GMT
server: AmazonS3
age: 2855767
etag: "78ef581bf602e916378c3044713649ed"
x-cache: Hit from cloudfront
x-amz-version-id: oI14dFUJTlXsCKx8M70SVMQfcYM6uLRS
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 3142
x-amz-cf-id: n0tPm9XsyoCNp2geOsdxNLtUghNjr7CGHDoY47vY0P4vqR316Wegww==

GET
H2 200 7f04f105-hands-money-v2_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 1 KB
2 KB 41ms
34ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/7f04f105-hands-money-v2_1000000000000000000028.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae9f405dc9f3b7c5ae148b703686554e1988c55fcc70a5d9245fad9bbc1d855a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 10:55:13 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 7857206
etag: "bc02d957c8cd9278adfd2d4f88fb79d0"
x-cache: Hit from cloudfront
x-amz-version-id: 7DxKC5Tzpyi2kwWN3UIOp59Zs.f_pjzN
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 1346
x-amz-cf-id: IBGTSQev8MhB6qc35qFg57rwC48irvBSgISQImUs_YLeqh0Kw0IlRg==

GET
H2 200 4c671ebe-bag-of-money-graph.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 9 KB
10 KB 42ms
35ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/4c671ebe-bag-of-money-graph.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efff68226e0293bccadbdc780d59f0e6a15a3b3e9c3bac4a3301ce89cf4358be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 00:54:17 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 8238862
etag: "321dc7eae2dd7680bd8a0024db27d2a5"
x-cache: Hit from cloudfront
x-amz-version-id: 3qQLwF7Q4M2XCDHD_1mCrXE.QOMmN4cM
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 9622
x-amz-cf-id: pyZJCmmasa2l33ABeCnYkT8HnI-Jgg738a3Rp3OwyjnYSyG-j4JvDQ==

GET
H2 200 6f4b7f69-piggy-bank.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 8 KB
9 KB 42ms
35ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/6f4b7f69-piggy-bank.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1597c2cd9dae6addcd07decd3fd898dff98e318a6b50044d5de4ea1976849c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 20:02:16 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 6787583
etag: "c179bb3753527401d0519dc32ce7e810"
x-cache: Hit from cloudfront
x-amz-version-id: 6L5HeVTi1KfGylEHDcYTb1Vf3Hkun4jc
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 8341
x-amz-cf-id: XRf_jff-EVOfFuMEnMnj8W4dmA2djZZ-6GcXrEM45KKoBUO9MFDq5w==

GET
H2 200 50b9fcfe-bbb-carousel-125x72-1-white-text_103001q000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 3 KB
3 KB 43ms
35ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/50b9fcfe-bbb-carousel-125x72-1-white-text_103001q000000000000028.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e62064742847b540a41460c08e274b1c6346fce87ed484700f453f2e23cea57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 12:01:36 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 7248423
etag: "bb2a6a2b76d0596ea4b1f0fb55dfb9f6"
x-cache: Hit from cloudfront
x-amz-version-id: YjqjSurKvm8lNebf7JAtAT5dRMDDugab
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 2865
x-amz-cf-id: blc4_QYbAbt5pROQVzozJOHV8FwDzI-PFnpHjfhimEia_vU7wYYvwg==

GET
H2 200 ad72c83a-trust-logos-trustpilot_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 1 KB
2 KB 43ms
35ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ad72c83a-trust-logos-trustpilot_1000000000000000000028.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59142d1db1676971c5b36f8b70e4b5ba11d0010f0911da5ea13d1c9b0ed19ae7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 09 May 2022 04:58:14 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 04 May 2022 18:44:59 GMT
server: AmazonS3
age: 3645025
etag: "c7d225d6bace73c53d96d279f290db3f"
x-cache: Hit from cloudfront
x-amz-version-id: OPTZeNoL8Eog8pQj_hUoKl3ADxBY020A
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 1488
x-amz-cf-id: E_KuDTgyTIzhXgove1iMe92qYOfdAoScChADkp21PnI0wcqOgFUm8Q==

GET
H2 200 101f1927-google-reviews-white-text_102y017000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 2 KB
3 KB 39ms
35ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/101f1927-google-reviews-white-text_102y017000000000000028.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f59176608542a14a1fed8d8427fb27cd6f1a22513318a757870ce174ae05f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:03:37 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 17:57:11 GMT
server: AmazonS3
age: 2420702
etag: "84842167d06a2dbbf6eb0573b38f54dc"
x-cache: Hit from cloudfront
x-amz-version-id: zW26tehyrT941Er6TLZF3oRzXvKcLSXC
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 2279
x-amz-cf-id: nx65CPHaftSrLGESVISpML6AuA9HiTmNDZ9kIzxF1Oc8iCqjVYqAQA==

GET
H2 200 599cdcba-trust-logos-consumer-affiars_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 1 KB
2 KB 39ms
36ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/599cdcba-trust-logos-consumer-affiars_1000000000000000000028.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 310d19a1b6295c1852f097c2dacb9a0fe0760f0982108b9b12e244df6750f187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 06:05:12 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 5801007
etag: "2ef4cf02dedd157d13839c062f9161a9"
x-cache: Hit from cloudfront
x-amz-version-id: 4zdg3YBXBe9AnghgP1AfNYEp6Zyuk3oA
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 1449
x-amz-cf-id: I5H9ZUzcVajQ78DxvZEifl-UVgEDZGxJZrerGddXhMU80lgkXAq1uw==

GET
H2 200 6e0e3781-trust-logos-ethics.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 3 KB
3 KB 39ms
37ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/6e0e3781-trust-logos-ethics.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b403d379eebdd97d287aa4a7682eb6581425967371cfdd16c6ffcaaf8c264ed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 10:55:13 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 7857206
etag: "41e957b14002390c902f28069ae6ec89"
x-cache: Hit from cloudfront
x-amz-version-id: Anv19GJVgNwMYTj2f5MwvSEG.rt1upLi
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 2804
x-amz-cf-id: x1I8kU-EMbpAZBPREMiZceniixq6UyKRdd4kkVfYObr6944PfUYnUA==

GET
H2 200 9784c483-trust-logos-trustlink.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 2 KB
2 KB 43ms
41ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/9784c483-trust-logos-trustlink.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b335219efdfa3fbb1159655eef775c60af17a146d4eb5b428764965bd3cc17c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 19 May 2022 10:52:49 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 17:57:11 GMT
server: AmazonS3
age: 2759750
etag: "17b7ec180fbfadfcb078cabe2ac94712"
x-cache: Hit from cloudfront
x-amz-version-id: k5LJDhI_622OHLoIocq943jF64H90VVJ
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 1874
x-amz-cf-id: NDVps5uRxgfS7f7VS8cgWdHBRWO-geLJOWfk-id7dE0YLrCTrYXVMw==

GET
H2 200 5c1b3481-awesome-1-inc-500-v2_105k06j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 10 KB
10 KB 39ms
37ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/5c1b3481-awesome-1-inc-500-v2_105k06j000000000000028.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1f93fd4b6355b4e16be0e831066f7a8ad53bbbb3ab34e437866034085669c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 06:51:26 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 6143833
etag: "c3a55ef7f4fa114ae2d96f21c833f63f"
x-cache: Hit from cloudfront
x-amz-version-id: BnoyGc9rBTsy3xLceJ_dWSQbB8ZWnHxd
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 10089
x-amz-cf-id: F_wy7Yhk4DvXeilS52Stca33ySzSbH2W8_RcBucEzK255aQAa0lUdw==

GET
H2 200 9bb41f1f-awesome-2-company-of-the-year-v2_105k06u000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 12 KB
12 KB 40ms
38ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/9bb41f1f-awesome-2-company-of-the-year-v2_105k06u000000000000028.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66bd920aed91324ce2425e4116974ac369785432c3bb371559b87c5ec8057d24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:01:30 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Fri, 15 Apr 2022 22:13:07 GMT
server: AmazonS3
age: 5426829
etag: "854056a9fbbadceffb9059e5eed7cc7c"
x-cache: Hit from cloudfront
x-amz-version-id: _wewNxV858llaFZ.xCwbnGrSKF.2qAbn
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 12125
x-amz-cf-id: xXCDb-slafRPgaAAlFUP8XDJowvdoqKn-WEfvhK9BUDdpxV4zC1ZNg==

GET
H2 200 5deed86e-awesome-3-bbb-v2_106a05f06905f000000028.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 14 KB
14 KB 46ms
44ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/5deed86e-awesome-3-bbb-v2_106a05f06905f000000028.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12046aa6acca06539098c9c9342263f8d59960684d35cfa0c7d19bb5524366a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 20:02:32 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 6787567
etag: "25c12b1e3c4e7008e75a7dcfe3f69522"
x-cache: Hit from cloudfront
x-amz-version-id: 0dLsAYShazO_uXUgXngTQk5U54sLshRQ
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 13929
x-amz-cf-id: e01DoSOPiiTWgaGJPxPthpgj1I3qlt3bx71wasoCGEF0mA2inXIfOA==

GET
H2 200 175951cb-awesome-4-5-stars-v2_105k06u000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 12 KB
12 KB 43ms
41ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/175951cb-awesome-4-5-stars-v2_105k06u000000000000028.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38099d6c77adf1171c4fb44ce840d21d206a2b39b027b33188189d8172e31fee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 19 May 2022 06:44:55 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 17:57:11 GMT
server: AmazonS3
age: 2774624
etag: "02eab2d87fa3a9b6977515443aca1c8c"
x-cache: Hit from cloudfront
x-amz-version-id: 0DtSVNKW0Sxb9dupIB4kKtlw4CJG1VSf
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 12138
x-amz-cf-id: Fkhnb0kLIvZH1tEXs-nDEOef1LmJemRODsufiS4IGN7h7oLIPTP58w==

GET
H2 200 201a6105-awesome-5-aaa-v2_105k06j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 10 KB
10 KB 41ms
39ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/201a6105-awesome-5-aaa-v2_105k06j000000000000028.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a48f354b485e232036acb24aae4e98a7d609f02fc2c7fe5e29d424285f336264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 07:05:10 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Fri, 15 Apr 2022 22:13:06 GMT
server: AmazonS3
age: 5451809
etag: "a3247cc2ac7b38f30c447c43f6f9b58e"
x-cache: Hit from cloudfront
x-amz-version-id: UeATBpWnAalHb1QwCSc1VXFOkYRk5e7v
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 10033
x-amz-cf-id: yuTGO3q66TLVUJ-Ly5hbH5-1EvR3PEZNy_Kd1QA89ud57m9f7NuxJg==

GET
H2 200 rnyt6c-goldco-logo-white.png
d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/ 2 KB
2 KB 41ms
40ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.irsloopholekit-email3.com/lh031522/rnyt6c-goldco-logo-white.png
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a6be58d392a4592d9c6b5d3ae3e19ac663fb2af5f2819da74ea6607a39f5275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:06:04 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 01:57:44 GMT
server: AmazonS3
age: 6650555
etag: "f3cd9c2779edbdb5a3976bfeb4a00b43"
x-cache: Hit from cloudfront
x-amz-version-id: PJANl7ZGU2RlDooGv7DC8Hfd4e2lVfkb
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 1819
x-amz-cf-id: FQ8jJORZzhuZ1HJoI7KAKVYLn4YkaXPl1EKYUFXvoJC_1DMrb3HRcw==

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 102ms
27ms Script
application/javascript 18.66.2.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.js.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-6.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:45:33 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
age: 2270585
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7cf524d1fa602798b1b3fa2d471489ae.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: 1PZFDG7uVfqf7e8GdT6rMq6Ybqhy5oXmyrmgGZP4VJhHeBcYrKze3g==

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 335ms
101ms Image
image/gif 52.204.197.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1655717318180&e=pv&url=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&page=Protect%20%26%20Secure%20Your%20Retirement%20Savings%20Today!&refr=https%3A%2F%2Fwww.celspuvi.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=596cab3f-c0c4-4472-9558-9373bd9d5892&dtm=1655717318177&vp=1600x1200&ds=1600x3190&vid=1&sid=d83e3df9-3fa5-469d-93f0-d3d486ef1a95&duid=a12ea789-ab76-4323-ae86-9dfefff772fe&uid=600fa26b-55e7-4028-be66-c58859ee3e6f&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiODRhNDVjNmMtOTAyYi00ZDkwLTg3Y2EtN2M0OGNlMzA0OTVjIiwidmFyaWFudElkIjoiYnoiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.197.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-197-236.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Jun 2022 09:28:38 GMT
access-control-allow-credentials: true
server: akka-http/10.0.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 43
content-type: image/gif

GET
H2 200 9515.json Show response
script.crazyegg.com/pages/data-scripts/0111/ 17 KB
2 KB 87ms
41ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0111/9515.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0111/9515.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce121b6ff0a4571bee31334263ea7273f90f9dfc5aff3fda164406bd1b99286f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 39145
ce-version: 11.1.447
content-length: 2184
timing-allow-origin: *
last-modified: Sun, 19 Jun 2022 22:36:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 71e379b729510211-ZRH

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
13ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1429
date: Mon, 20 Jun 2022 09:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 20 Jun 2022 11:04:49 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
4 KB 88ms
21ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ba08d23bd7ad2acc24ae7981c283045b91032d02d5ff1c5c325488f374ddb87c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 09:28:38 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Jun 2022 12:55:16 GMT
Server: AkamaiNetStorage
ETag: "6b241c625d658033cd9980f425f98d95:1655643435.003148"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3359
Expires: Mon, 20 Jun 2022 09:48:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 153 KB
57 KB 27ms
24ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-964382751

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e568ddb2f35dfa32abf05b1aeb13a32817ae5688b34bb48cb5decb5d8fd6fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58151
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Jun 2022 09:28:38 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 57ms
18ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.celspuvi.com
URL: https://www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93dZ_vgzg5eg~~/goldco-01ABjune

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: MqOJDUTKhB8X2jEVfsOIFofBOLV7wiw9kDjquut6IPER9bZwHlvafxPCdXL2g8F9t2+YIW1jDJRROJmP0A3MYg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 20 Jun 2022 09:28:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com/ 489 B
566 B 50ms
24ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSFVDK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2998826d04cc5c0ad01b561ac60f9925cf0ccac763f6719e4a9f51f77e3e1966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 2460
etag: W/c8e9fb4abfbce4447cadff645cbeb56e-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: none
x-amz-apigw-id: UA0WlFnnjoEFuuQ=

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 77ms
11ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.celspuvi.com
URL: https://www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93dZ_vgzg5eg~~/goldco-01ABjune
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kjyo7100108-IAD, cache-hhn11565-HHN

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 76ms
12ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.celspuvi.com
URL: https://www.celspuvi.com/MnZ0x9AdxWmaee8SE-PSjcYVSHnumQYkyH9E-S-wd_szOZ02F7kW0jPNb1CDCb4neKJA9SqrDM93dZ_vgzg5eg~~/goldco-01ABjune
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 08:48:04 GMT
content-encoding: gzip
age: 2434
x-guploader-uploadid: ADPycdtG_yR5yzDjY7sWkzvtzPU4ihzvUyaf29g0VOVau77sGDSzDkfz9MIID5cjdz5UCg8_hryz2YvbupK3Pbc22iXEVnvqEJFD
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Mon, 20 Jun 2022 09:48:04 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 16 KB
16 KB 81ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700,300%7COswald:regular,700,500%7COpen+Sans:regular,300%7CSource+Sans+Pro:italic%7CRoboto:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.irsloopholekit-email3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 22:27:40 GMT
x-content-type-options: nosniff
age: 471658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 22:27:40 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 15 KB
15 KB 21ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700,300%7COswald:regular,700,500%7COpen+Sans:regular,300%7CSource+Sans+Pro:italic%7CRoboto:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.irsloopholekit-email3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 00:36:31 GMT
x-content-type-options: nosniff
age: 463927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14964
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 00:36:31 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v48/ 17 KB
18 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v48/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700,300%7COswald:regular,700,500%7COpen+Sans:regular,300%7CSource+Sans+Pro:italic%7CRoboto:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.irsloopholekit-email3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 18:00:58 GMT
x-content-type-options: nosniff
age: 574060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 18:00:58 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700,300%7COswald:regular,700,500%7COpen+Sans:regular,300%7CSource+Sans+Pro:italic%7CRoboto:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.irsloopholekit-email3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 594720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:16:38 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 55ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700,300%7COswald:regular,700,500%7COpen+Sans:regular,300%7CSource+Sans+Pro:italic%7CRoboto:700,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.irsloopholekit-email3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 520976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 08:45:42 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 47ms
9ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700,300%7COswald:regular,700,500%7COpen+Sans:regular,300%7CSource+Sans+Pro:italic%7CRoboto:700,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.irsloopholekit-email3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 578933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 16:39:45 GMT

GET
H2 200 11.1.447.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 86 KB
28 KB 28ms
28ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.447.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0111/9515.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9453d5483cba625a40cb6e7f305a6a71291c40d371e597deeb7b4abc09869e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Jun 2022 15:46:09 GMT
server: cloudflare
age: 325288
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 71e379b7db9d23c7-ZRH
content-length: 28128

GET
H3 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700,300%7COswald:regular,700,500%7COpen+Sans:regular,300%7CSource+Sans+Pro:italic%7CRoboto:700,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.irsloopholekit-email3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 20:15:42 GMT
x-content-type-options: nosniff
age: 393176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 20:15:42 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 45ms
20ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-964382751

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 09:28:38 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 36ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=833134067&t=pageview&_s=1&dl=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&dr=https%3A%2F%2Fwww.celspuvi.com%2F&ul=en-us&de=UTF-8&dt=Protect%20%26%20Secure%20Your%20Retirement%20Savings%20Today!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=915391649&gjid=1907607276&cid=298884519.1655717318&tid=UA-27499361-13&_gid=1494184717.1655717318&_r=1&gtm=2wg6f0NDSFVDK&z=2043434239

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irsloopholekit-email3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 09:28:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.irsloopholekit-email3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK an.html Show response
0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/ Frame 6441 24 KB
6 KB 81ms
22ms Document
text/html 3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/an.html?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune&closedAt=0
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c4a1584d2c3bae7c1d62af8e2447740b0eea35f7582bc0e54f5bbe474b22fd82

Request headers

Referer: https://www.irsloopholekit-email3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 09:28:38 GMT
etag: df94f2207b9b402fa2c840b9cdbca8c6
last-modified: Fri, 10 Jun 2022 18:32:57 GMT
p3p: CP="This is not a privacy policy."
transfer-encoding: chunked
x-proxy-backend: page-server
x-unbounce-pageid: 9013f3c9-c54f-4e5e-a039-c78c67b01673

GET
H3 200 952351091531861 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 54ms
42ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/952351091531861?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92d4ec043fc63a25e852719f677240c9e9b93ca903d64a47f1df286d9aa1bab7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload; includeSubDomains
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 6P7K94xhL4RcgHc8PJYbSGGY4X2vMj23+o4y+1hRbLxifeqo2OOLAgROLnUWb0KlE9w7qTo5VrVhMAUDPJ/CEg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 20 Jun 2022 09:28:38 GMT
vary: Accept-Encoding
x-content-cdn-origin-ts: 1655717318537
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 458ms
96ms Script
application/javascript 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e412b58f309996dfc012c5e02415627d
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: gzip
X-TraceId: fdf09b6df091c7a6216cc74f11dc8aa4
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 461ms
95ms Image
image/gif 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00e412b58f309996dfc012c5e02415627d&obApiVersion=1.0-gtm&obtpVersion=1.8.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&optOut=false&bust=0847130612510913
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 09:28:38 GMT
Cache-Control: no-cache
X-TraceId: f291fd982cd802c0687d7df35f934910
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 adsct
t.co/i/ 43 B
337 B 145ms
121ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6752aa72-7b76-4732-8304-a5bfe85cecf7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=5cf60b6f-a644-45c0-be57-fc4afac934a0&tw_document_href=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3n8j&type=javascript&version=2.4.12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 20 Jun 2022 09:28:38 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: f5b256eff315aee66163f0816182b8ece0efed7a3b6eb3ae4966631f3afaaa89
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
354 B 212ms
120ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6752aa72-7b76-4732-8304-a5bfe85cecf7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=5cf60b6f-a644-45c0-be57-fc4afac934a0&tw_document_href=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3n8j&type=javascript&version=2.4.12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 20 Jun 2022 09:28:38 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 19da7a514adc8c7cc73c3eef23147710a8153c4a2beb739c2d942a7de5b9fb65
content-length: 43

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 190ms
163ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.irsloopholekit-email3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 011fc967639c677dcdfd7491fcf301a9
function-execution-id: oo615vrucfsk
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 174ms
131ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.irsloopholekit-email3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 09:28:38 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: tikyge0o0wfm
server: Google Frontend
x-cloud-trace-context: 0b28244e9bb35efbb974d2b64a663854
x-powered-by: Express

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
452 B 78ms
30ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27499361-13&cid=298884519.1655717318&jid=915391649&gjid=1907607276&_gid=1494184717.1655717318&_u=YEBAAEAAAAAAAC~&z=1668601416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irsloopholekit-email3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 20 Jun 2022 09:28:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.irsloopholekit-email3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964382751/ 3 KB
2 KB 55ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964382751/?random=1655717318552&cv=9&fst=1655717318552&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&ref=https%3A%2F%2Fwww.celspuvi.com%2F&tiba=Protect%20%26%20Secure%20Your%20Retirement%20Savings%20Today!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf0cceb79fc5d99db9580525d36be81b0ffe4e79a876703e9a12b4e044033392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1198
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9515.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0111/ 46 B
130 B 24ms
23ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0111/9515.json?t=459921
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.447.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15c78af734fb8eec8ab315c334fb7e2edc904337be6766554fc1b9897d2b0267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 39145
ce-version: 11.1.447
content-length: 65
timing-allow-origin: *
last-modified: Sun, 19 Jun 2022 22:36:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 71e379b90ce40211-ZRH

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 42ms
12ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=952351091531861&ev=PageView&dl=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D_removed_%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522cn%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=https%3A%2F%2Fwww.celspuvi.com%2F%3F_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&if=false&ts=1655717318564&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655717318561.798731688&it=1655717318487&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 20 Jun 2022 09:28:38 GMT

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ Frame 6441 15 KB
3 KB 12ms
12ms Stylesheet
text/css 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/an.html?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 27 May 2022 01:08:10 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 15:25:12 GMT
server: AmazonS3
age: 2103629
etag: "8a6914b8829d3f926055f689771fe755"
x-cache: Hit from cloudfront
x-amz-version-id: KMvcis7.L0zEYzi_9UIlTjJ2K9lUXHro
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: qJnevXn9E4Qz3suE5BUNTkDX9W1HsOmIK7VFt_jPxZpGzuverXKv4A==

GET
H2 200 main.bundle-7a80b17.z.js Show response
builder-assets.unbounce.com/published-js/ Frame 6441 103 KB
33 KB 13ms
13ms Script
application/javascript 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/an.html?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 11 May 2022 15:50:20 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 15:25:07 GMT
server: AmazonS3
age: 3433099
etag: "115451db447a15fd94ca1eec82178c7c"
x-cache: Hit from cloudfront
x-amz-version-id: hO9WFSZalI7CFVogzNPJaI4zzDMeqqnQ
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
content-length: 33491
x-amz-cf-id: A3N-5kX6CFotiCCdW5h89QTSAtnnAoIB6VKMJl9IKiZLEqdqx4Ccnw==

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
420 B 63ms
10ms XHR
binary/octet-stream 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.447.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-129.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:11:21 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 6218238
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: oZu2mrQwcYL8-yYjWwRIrOZy5uyXZBPOgHiWq7UK7J1r9d3BxQyymA==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
420 B 60ms
7ms XHR
binary/octet-stream 143.204.89.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.447.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 13:24:28 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 15624251
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: Qtt89V5jlMoJbNWrVGw3ZDHp6wwXrRlFu15dNwWBAXHPi4v2HbnXjw==

GET
BLOB 200
OK 4157f2ec-e638-468e-837f-1bd14d7956fe
https://www.irsloopholekit-email3.com/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.irsloopholekit-email3.com/4157f2ec-e638-468e-837f-1bd14d7956fe
Requested by: Host: www.irsloopholekit-email3.com
URL: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ Frame 6441 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 /
www.google.com/pagead/1p-user-list/964382751/ 42 B
154 B 89ms
43ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964382751/?random=1655717318552&cv=9&fst=1655715600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&ref=https%3A%2F%2Fwww.celspuvi.com%2F&tiba=Protect%20%26%20Secure%20Your%20Retirement%20Savings%20Today!&async=1&fmt=3&is_vtc=1&random=2143878735&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 09:28:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/964382751/ 42 B
548 B 82ms
36ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964382751/?random=1655717318552&cv=9&fst=1655715600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&ref=https%3A%2F%2Fwww.celspuvi.com%2F&tiba=Protect%20%26%20Secure%20Your%20Retirement%20Savings%20Today!&async=1&fmt=3&is_vtc=1&random=2143878735&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 09:28:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ed93cbdc-red-bar-stars-v2_10ud00u0p000u02o00001o.jpg
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/ Frame 6441 3 KB
4 KB 18ms
12ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/ed93cbdc-red-bar-stars-v2_10ud00u0p000u02o00001o.jpg
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/an.html?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35850a0a6038486150c986233027528a6371cac0e467ee424be3fee05ff55802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 20:02:16 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 14:59:56 GMT
server: AmazonS3
age: 6787583
etag: "686294e7c2e871baa657c067b2ce523c"
x-cache: Hit from cloudfront
x-amz-version-id: tA_HnK065LuPI8V.yRMG1T.V1cCpU3V4
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 3417
x-amz-cf-id: WFFtN7LV-nDmiiVqzHbIHDf8AC_jkiHQ9_HUuumJeEK1l02cziVksQ==

GET
H2 200 37e1b699-bg-1_11980pg0p00pg0a400001o.jpg
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/ Frame 6441 15 KB
16 KB 15ms
11ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/37e1b699-bg-1_11980pg0p00pg0a400001o.jpg
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/an.html?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5a82fa1bee5332f8089ab9d91da1477e5e1ae58546e8b730549ab996ff781da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 09 May 2022 11:10:17 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Tue, 03 May 2022 19:21:40 GMT
server: AmazonS3
age: 3622702
etag: "2ca73dd5a39d040565f7f22ae16c638e"
x-cache: Hit from cloudfront
x-amz-version-id: TDd1EqawkIrh_wvlCY1JTtU1XHvoemYF
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 15587
x-amz-cf-id: 8p279e1BzmRS7JxO_1iJDVJ3jMmgDcpXz3e5gWGcI5MGQLMRglBryw==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 79ms
40ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27499361-13&cid=298884519.1655717318&jid=915391649&_u=YEBAAEAAAAAAAC~&z=387833612

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 09:28:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 74ms
37ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27499361-13&cid=298884519.1655717318&jid=915391649&_u=YEBAAEAAAAAAAC~&z=387833612

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 09:28:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 42c438d6-16c0-4112-bf90-a5ec1ec1fae6
https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/ Frame 6441 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/42c438d6-16c0-4112-bf90-a5ec1ec1fae6
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H3 200 css
fonts.googleapis.com/ Frame 6441 13 KB
1009 B 47ms
25ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:italic,700italic,300,800%7CPassion+One:regular

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ac80fd0dcb02860a3de23d5d4a67ad7a4734cc226da6300134b8ae04b79385b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 09:28:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Jun 2022 09:28:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Jun 2022 09:28:38 GMT

GET
H2 200 784ed609-hannity-edited_10880pv07l0l400c000028.png
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/ Frame 6441 45 KB
45 KB 11ms
9ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/784ed609-hannity-edited_10880pv07l0l400c000028.png
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/an.html?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3e2ec5ad40e8bdf9968585a0467c79580f33dd367c85529bf91082e6f2de81d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:12:34 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 17:28:53 GMT
server: AmazonS3
age: 2855765
etag: "441c4b71c606dbfa9bd4fb5450c3bff2"
x-cache: Hit from cloudfront
x-amz-version-id: mS5CD9_AlRJ0FomVprrzOjfmbmGB9Umd
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 45752
x-amz-cf-id: faxCIS8zMrZLAsV2UkyRiPrl9MFdf68Ml4MMxehad4WQZIjhqoiepw==

GET
H2 200 922c03ab-hannity-square_102x02w02x01800000v028.png
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/ Frame 6441 2 KB
2 KB 9ms
8ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/922c03ab-hannity-square_102x02w02x01800000v028.png
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/an.html?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b043b100b3e73ada9434d2565bedc62cb1b765aa27fa1bd65e9961685d27808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:03:44 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 17:28:53 GMT
server: AmazonS3
age: 2420694
etag: "cfcadec36ebbee61b4f26c15124721c7"
x-cache: Hit from cloudfront
x-amz-version-id: mbRF5CwgGD.h00G9RPaTN4KveGZzQSH8
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 1550
x-amz-cf-id: YJlQay4ZUJ2zIiRXo87M0b6zA-1RfpKKYt2Cw7PrXAQfSbzqijZVtA==

GET
H2 200 2041c23a-asset-5-3x_10eu031000000000000028.png
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/ Frame 6441 13 KB
13 KB 13ms
13ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/2041c23a-asset-5-3x_10eu031000000000000028.png
Requested by: Host: 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
URL: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/9013f3c9-c54f-4e5e-a039-c78c67b01673/an.html?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91a308ced0676963a3d390d05e972de2d50e2d477121714145b31b6fc94b43b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 03 May 2022 20:09:49 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Tue, 03 May 2022 19:21:40 GMT
server: AmazonS3
age: 4108730
etag: "0a54c6c2a57ff8b35d37ee032003a80e"
x-cache: Hit from cloudfront
x-amz-version-id: prYMQ1ULPKYFsEw6bOsbidU_kvGB0Aqf
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: image/png
content-length: 13081
x-amz-cf-id: tvBMlfJwdHVpcTBunh7DMCtTGQYxoQmoqo0GtmjPVsbw9_zK1vU7KQ==

GET
H2 200 clock Show response
tracking.crazyegg.com/ 26 B
133 B 172ms
41ms XHR
text/plain 46.51.142.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1655717318776
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.447.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.142.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-142-25.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 2269721436e6ba09d97a5da899f1c257c07371608ba10f4cda628e4da07b4ff4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Jun 2022 09:28:38 GMT
cache-control: no-store
server: awselb/2.0
content-length: 26
content-type: text/plain

GET
H3 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ Frame 6441 16 KB
16 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:italic,700italic,300,800%7CPassion+One:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 22:27:40 GMT
x-content-type-options: nosniff
age: 471658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 22:27:40 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 6441 44 KB
44 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:italic,700italic,300,800%7CPassion+One:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 594720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:16:38 GMT

GET
H3 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 6441 47 KB
47 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:italic,700italic,300,800%7CPassion+One:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 10:35:09 GMT
x-content-type-options: nosniff
age: 600809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47924
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 10:35:09 GMT

GET
H3 200 PbynFmL8HhTPqbjUzux3JEuR9ls.woff2
fonts.gstatic.com/s/passionone/v16/ Frame 6441 7 KB
7 KB 27ms
17ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/passionone/v16/PbynFmL8HhTPqbjUzux3JEuR9ls.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700%7COpen+Sans:italic,700italic,300,800%7CPassion+One:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb49ce211df074142d735927bb3e8b655ccf39a7cc444baf02e871bcd47986df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:49:38 GMT
x-content-type-options: nosniff
age: 567540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7540
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:37:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:49:38 GMT

GET
H2 204 embeddableActivated Show response
0f45c382aad447eca80d744b72deadb8.events.ubembed.com/ 0
112 B 368ms
102ms XHR
text/plain 3.209.57.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://0f45c382aad447eca80d744b72deadb8.events.ubembed.com/embeddableActivated?activationRuleId=7af26ac0f0b641f1aaa39f2f9b159b0a&browserTrackingId=c521d965cdc641a19f0cc13b3f2ae6f8&clientId=ffdb234e-abcb-44d5-b26f-8dd62ccf0b6c&hostPageCorrelationId=9df32554f6df4299818b7f01e5fd9ca2&hostPageReferrerUrl=https%3A%2F%2Fwww.celspuvi.com%2F&hostPageUrl=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&isFirstTime=true&requestId=33bd52866b0349389531a30ebe0b0dbd&source=universalscript-v0.179.2
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.57.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-57-206.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.irsloopholekit-email3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.irsloopholekit-email3.com
date: Mon, 20 Jun 2022 09:28:39 GMT
access-control-allow-credentials: true

GET
H2

200

p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C...
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C...

42 B
351 B

160ms
160ms

Image
image/gif

44.241.129.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.0%2522%252C%2522guid%2522%253A%2522d3994ca5-eb2d-4f5e-bb90-a05d879ad444%2522%257D&title=Protect%20%26%20Secure%20Your%20Retirement%20Savings%20Today%21&url=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&referrer=https%3A%2F%2Fwww.celspuvi.com%2F&tdc=1
Protocol: H2
Server: 44.241.129.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-129-108.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:39 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

Redirect headers

location: /c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.0%2522%252C%2522guid%2522%253A%2522d3994ca5-eb2d-4f5e-bb90-a05d879ad444%2522%257D&title=Protect%20%26%20Secure%20Your%20Retirement%20Savings%20Today%21&url=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&referrer=https%3A%2F%2Fwww.celspuvi.com%2F&tdc=1
date: Mon, 20 Jun 2022 09:28:39 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

GET
H2 200 3704751.js Show response
js-na1.hs-scripts.com/ 1 KB
925 B 208ms
151ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/3704751.js
Requested by: Host: js.hubspot.com
URL: https://js.hubspot.com/analytics/3704751.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f938aad7b58f47cb213bb3ab8d5599ef4d6675c03ac56617a2463fc57b588a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:39 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 20 Jun 2022 07:29:49 GMT
server: cloudflare
x-hubspot-correlation-id: 82f09b1f-0f57-42b1-a3b5-1ce62b412534
x-trace: 2B4F494D6D09FB0B28F3173BA2C3BA7E48AEA8AB18000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.irsloopholekit-email3.com
access-control-max-age: 3600
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 71e379bc099901eb-ZRH

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
488 B 149ms
148ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2153072566&v=1.1&a=3704751&r=https%3A%2F%2Fwww.celspuvi.com%2F&pu=https%3A%2F%2Fwww.irsloopholekit-email3.com%2Flh031522%2F%3Fsfcid%3D7014T000000Ci6Q%26ls%3D001-Email-Mad%26cn%3D855-910-8943%26utm_source%3DMad%26utm_medium%3DEmail%26utm_campaign%3D7014T000000Ci6Q%26utm_content%3D161664%26utm_term%3Dgoldco-01ABjune&t=Protect+%26+Secure+Your+Retirement+Savings+Today!&cts=1655717318979&vi=479d83a55aed18b6ebdc3378f3d7b395&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:39 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 1f7abc19-0063-445e-b21e-c9d41b748ad4
cf-ray: 71e379bbadb12397-ZRH
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpK8YQMK%2FKlgqLWR3GkFByGKKd%2BDQWjFQQ8mjrMhIzFQr8fGc1Q2LSZF7bDJPf27uVOHvfwEJdsT0c7eXM48POjuvsJ1oqqM2m9SHG5ovSnDn62wwCSrfO21IVSjwidQTD7TD0VyRs%2FO4Vvv0YNF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 72 KB
21 KB 82ms
29ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/3704751.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4e00320cfc724fde175314d7d9970ced29cc4967ec09288cc6291716e13209c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:39 GMT
via: 1.1 6f3546b6b501aaa8c1b4750231158188.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 68
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10231/bundles/project.js&cfRay=71e378133f6bcc36-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 13 Jun 2022 04:26:28 UTC
server: cloudflare
etag: W/"d0b8bb93285841cdfb13313435e2d467"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: vc1SRxdlKcOgNfVcksJ2KUyWlsnYWj5h
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 71e379bd6aa501e7-ZRH
x-amz-cf-id: B8b32XZdpdN-C0p7hu3JBTey8bIruV0R9mOKyMUAS2NmGuTv85D2oQ==
x-hs-target-asset: conversations-embed/static-1.10231/bundles/project.js

GET
H2 200 3704751.js Show response
js.hs-banner.com/ 59 KB
16 KB 201ms
150ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3704751.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/3704751.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa86213888893570723c752a9b655960ffde74879a94b8a1b803db0fd02bc921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irsloopholekit-email3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:28:39 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 6B0EYD383AV6EMMW
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: NHQ6iB6ql9B5x/EP+QYyUkrSx88JHm7BUO83WrGCWu+V13fM4uH8snGUsHwrbvICU3DFx7RQZ9s=
timing-allow-origin: *
last-modified: Fri, 27 May 2022 15:45:09 GMT
server: cloudflare
etag: W/"0ac3a2b44258bd26baafa868de518436"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: rytyHRPUnmbfVUPkPjzQwlrXLAiGXJob
access-control-allow-origin: https://www.protectingwealthkit-newsletter.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 71e379bd6e892325-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 20 Jun 2022 09:33:39 GMT

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 441 B
1 KB 183ms
156ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3704751&conversations-embed=static-1.10231&mobile=false&messagesUtk=2f7a3b0ea8bc49948f3897e864015d43&traceId=2f7a3b0ea8bc49948f3897e864015d43&referrer=https%3A%2F%2Fwww.celspuvi.com%2F

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9248eee0560926b7b926efc95ae25ee396bc94d5180953e95ccdff6a27d5b564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Referer: https://www.irsloopholekit-email3.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.irsloopholekit-email3.com/lh031522/?sfcid=7014T000000Ci6Q&ls=001-Email-Mad&cn=855-910-8943&utm_source=Mad&utm_medium=Email&utm_campaign=7014T000000Ci6Q&utm_content=161664&utm_term=goldco-01ABjune

Response headers

date: Mon, 20 Jun 2022 09:28:39 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 1b556d0b-c524-4d8b-883d-fe0e79501ea3
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 327
server: cloudflare
x-trace: 2B32723D82B434372863F97DBD1D3CE0A14514F8B9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pkd1hUi9TQogcH1x5G3hnnxwu0DHG0WoMgMawRrrZE3wcL93aVIy75D9QqQHUwxn9y5SbQR%2Fvtd8zUfhA3tMN1eRLJvJjwaNd7yvK73cdh6Y4oAeYILQXOdgocMqWowTnx24aC2uohXBeiBIPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.irsloopholekit-email3.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 71e379bf386023af-ZRH
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 213ms
170ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.irsloopholekit-email3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.irsloopholekit-email3.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71e379be082c23f7-ZRH
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 20 Jun 2022 09:28:39 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipEMtV7CPpHcy4E8ymFlYahv5ucspeG9pFnqxzjShirknEuBtlZukT3JeoiWoX9bb3oP1BIDUJE%2BL9F2YPVJbAn5qImZ%2FSSS5hG4%2B9n0Ug1OOqwn7cC8ti4s3wSuOo7%2FhcZZF6z%2BdQMLcNJXMw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 1dd8196d-c17d-4654-af27-a7cb22ca76b8
x-trace: 2BDB877FC3281577A115B4880FEBBF1F94E88988E9000000000000000000

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.irsloopholekit-email3.com/lh031522/	1970-01-20 08:20:14	Name: ubpv Value: bz%2C84a45c6c-902b-4d90-87ca-7c48ce30495c
.celspuvi.com/	1970-01-20 04:38:29	Name: uid5219 Value: 661615062-20220620052837-44d3def81b7f81f69bf8adb622ccebdf-
www.irsloopholekit-email3.com/	1970-01-20 08:14:29	Name: ubvs Value: 600fa26b-55e7-4028-be66-c58859ee3e6f
.irsloopholekit-email3.com/	1970-01-20 03:59:36	Name: ubvt Value: 600fa26b-55e7-4028-be66-c58859ee3e6f
.irsloopholekit-email3.com/	1970-01-20 06:04:53	Name: _gcl_au Value: 1.1.1246498511.1655717318
.hubspot.com/	1970-01-20 03:55:19	Name: __cf_bm Value: .ZUNeYfk721cjR35R4.pfZj.te35dyumxSp4wLMkqBQ-1655717318-0-AYbht6oINdxT1s7o2VuYR77zF4R9Qb7rsL8jCMqRh+1n2tB6h7JVaEPBcwuSAkKfgrYvJffLqq0BRM43JVRzYAo=
.irsloopholekit-email3.com/	1970-01-20 21:26:29	Name: _ga Value: GA1.2.298884519.1655717318
.irsloopholekit-email3.com/	1970-01-20 03:56:43	Name: _gid Value: GA1.2.1494184717.1655717318
.irsloopholekit-email3.com/	1970-01-20 03:55:17	Name: _gat_UA-27499361-13 Value: 1
www.irsloopholekit-email3.com/	1970-01-20 12:40:53	Name: __pdst Value: d3ead9e5facf435e8c0a9d888d48c8e7
.irsloopholekit-email3.com/	1970-01-20 06:04:53	Name: _fbp Value: fb.1.1655717318561.798731688
.irsloopholekit-email3.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.irsloopholekit-email3.com/	1970-01-20 12:40:53	Name: _ce.s Value: v~ba7ff705f0204eb615e369aeb26a93d97a4f38fd~vpv~0
.facebook.com/	1970-01-20 06:04:53	Name: fr Value: 0js5FCI942dVL6rYb..BisD3G...1.0.BisD3G.
.doubleclick.net/	1970-01-20 03:55:18	Name: test_cookie Value: CheckForPermission
.t.co/	1970-01-20 21:26:29	Name: muc_ads Value: 507cafc6-47c3-46a7-ad03-f2daf232cc67
.twitter.com/	1970-01-20 21:26:29	Name: personalization_id Value: "v1_1fkosDgMaQF+ibsAaXNd9w=="
.irsloopholekit-email3.com/	1969-12-31 23:59:59	Name: cebsp Value: 1
www.irsloopholekit-email3.com/	1970-01-20 03:55:17	Name: outbrain_cid_fetch Value: true
www.irsloopholekit-email3.com/	1970-01-20 08:14:29	Name: _geuid Value: d3994ca5-eb2d-4f5e-bb90-a05d879ad444
www.irsloopholekit-email3.com/	1970-01-20 04:38:29	Name: _geps Value: true
www.irsloopholekit-email3.com/	1970-01-20 08:14:29	Name: __hstc Value: 241439197.479d83a55aed18b6ebdc3378f3d7b395.1655717318973.1655717318973.1655717318973.1
www.irsloopholekit-email3.com/	1970-01-20 08:14:29	Name: hubspotutk Value: 479d83a55aed18b6ebdc3378f3d7b395
www.irsloopholekit-email3.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.irsloopholekit-email3.com/	1970-01-20 03:55:19	Name: __hssc Value: 241439197.1.1655717318974
.alocdn.com/	1970-01-20 12:40:53	Name: uuid Value: 7112cb55-676d-4a77-b689-00c2497f8704

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0f45c382aad447eca80d744b72deadb8.events.ubembed.com
0f45c382aad447eca80d744b72deadb8.js.ubembed.com
0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
amplify.outbrain.com
analytics.twitter.com
api.hubspot.com
assets-tracking.crazyegg.com
assets.ubembed.com
builder-assets.unbounce.com
cdn.pdst.fm
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-na1.hs-scripts.com
js.hs-banner.com
js.hubspot.com
js.usemessages.com
p.alocdn.com
pagestates-tracking.crazyegg.com
restoringtechnologies.com
s3-us-west-2.amazonaws.com
script.crazyegg.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
track.hubspot.com
tracking.crazyegg.com
us-central1-adaptive-growth.cloudfunctions.net
www.celspuvi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.irsloopholekit-email3.com
104.244.42.195
104.244.42.5
108.157.4.6
139.59.17.95
142.250.185.194
143.204.89.113
143.204.89.129
151.101.193.131
18.66.2.6
192.161.48.42
199.232.136.157
2001:4860:4802:36::36
23.35.237.86
2600:9000:2156:4a00:1d:11cf:5800:93a1
2606:4700:4400::6812:21ab
2606:4700::6811:d2cc
2606:4700::6811:efcc
2606:4700::6813:9308
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::200a
2a00:1450:400c:c08::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.202.50
3.209.57.206
35.244.142.80
44.241.129.108
46.51.142.25
52.204.197.236
52.222.250.38
52.92.192.104
70.42.32.127
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12046aa6acca06539098c9c9342263f8d59960684d35cfa0c7d19bb5524366a6
132d9a49021f4d50c37e70e8a73c83a39a7735dd5cfbf990d5048131a32fa2a5
15c78af734fb8eec8ab315c334fb7e2edc904337be6766554fc1b9897d2b0267
1a6be58d392a4592d9c6b5d3ae3e19ac663fb2af5f2819da74ea6607a39f5275
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1f59176608542a14a1fed8d8427fb27cd6f1a22513318a757870ce174ae05f84
2269721436e6ba09d97a5da899f1c257c07371608ba10f4cda628e4da07b4ff4
24f7328fbe92359ea42b9c7fada6e438ce8a1a8e5c4d4dc0d59ad1462fa4a3a0
2635c7003287ae897a278d91615f4eb50d5bfe3cdd94255fbd0fde66fbc632e8
2998826d04cc5c0ad01b561ac60f9925cf0ccac763f6719e4a9f51f77e3e1966
2b043b100b3e73ada9434d2565bedc62cb1b765aa27fa1bd65e9961685d27808
2e568ddb2f35dfa32abf05b1aeb13a32817ae5688b34bb48cb5decb5d8fd6fdd
2e62064742847b540a41460c08e274b1c6346fce87ed484700f453f2e23cea57
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
310d19a1b6295c1852f097c2dacb9a0fe0760f0982108b9b12e244df6750f187
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35850a0a6038486150c986233027528a6371cac0e467ee424be3fee05ff55802
38099d6c77adf1171c4fb44ce840d21d206a2b39b027b33188189d8172e31fee
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
437208a6d29842a249b9cefa68179c2c668f9b79604599cdded01760ead7c217
4d8774474b71a7413fb36ad1710aa335cd2ef0f95b3c0df991587d600c423536
59142d1db1676971c5b36f8b70e4b5ba11d0010f0911da5ea13d1c9b0ed19ae7
66bd920aed91324ce2425e4116974ac369785432c3bb371559b87c5ec8057d24
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
71976b2e78d1064221be745bafdc228c1c140b31bed71f6b61e1dc250d6c982e
7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
91a308ced0676963a3d390d05e972de2d50e2d477121714145b31b6fc94b43b4
9248eee0560926b7b926efc95ae25ee396bc94d5180953e95ccdff6a27d5b564
92d4ec043fc63a25e852719f677240c9e9b93ca903d64a47f1df286d9aa1bab7
98b2edc7b076f4cff5d2a03d9bd6f3b9dc4f971ed279009ff65b7e2070dcdd82
9ac80fd0dcb02860a3de23d5d4a67ad7a4734cc226da6300134b8ae04b79385b
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f93fd4b6355b4e16be0e831066f7a8ad53bbbb3ab34e437866034085669c1f
a48f354b485e232036acb24aae4e98a7d609f02fc2c7fe5e29d424285f336264
a4e00320cfc724fde175314d7d9970ced29cc4967ec09288cc6291716e13209c
a5a82fa1bee5332f8089ab9d91da1477e5e1ae58546e8b730549ab996ff781da
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a9453d5483cba625a40cb6e7f305a6a71291c40d371e597deeb7b4abc09869e5
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
aa86213888893570723c752a9b655960ffde74879a94b8a1b803db0fd02bc921
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae9f405dc9f3b7c5ae148b703686554e1988c55fcc70a5d9245fad9bbc1d855a
af55d1a44d43828acadaf2a2364028b5d6c864402f49a8b492b8b9cf10caf077
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b335219efdfa3fbb1159655eef775c60af17a146d4eb5b428764965bd3cc17c0
b3e2ec5ad40e8bdf9968585a0467c79580f33dd367c85529bf91082e6f2de81d
b403d379eebdd97d287aa4a7682eb6581425967371cfdd16c6ffcaaf8c264ed7
ba08d23bd7ad2acc24ae7981c283045b91032d02d5ff1c5c325488f374ddb87c
bca2396c678bab81687fe0ecb1ed4b44ad1e86af74fb76241411d047868a805c
bf0cceb79fc5d99db9580525d36be81b0ffe4e79a876703e9a12b4e044033392
c4a1584d2c3bae7c1d62af8e2447740b0eea35f7582bc0e54f5bbe474b22fd82
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
ce121b6ff0a4571bee31334263ea7273f90f9dfc5aff3fda164406bd1b99286f
d102cba599d4b5144fe8ebab00ec9a679e63bf25a69fee938944b52f0196d0a6
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddfb7af3dc0681783ec0882a34fe788b344027e4f0a630e73f7e6238c261989a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb49ce211df074142d735927bb3e8b655ccf39a7cc444baf02e871bcd47986df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff68226e0293bccadbdc780d59f0e6a15a3b3e9c3bac4a3301ce89cf4358be
f1597c2cd9dae6addcd07decd3fd898dff98e318a6b50044d5de4ea1976849c6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f938aad7b58f47cb213bb3ab8d5599ef4d6675c03ac56617a2463fc57b588a3f
fca5089bb553bc27e91dcb0596da66be0f7cf95e4a2083a4d7833be235a9b494

www.irsloopholekit-email3.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

96 %HTTPS

46 %IPv6

30 Domains

42 Subdomains

39 IPs

5 Countries

1453 kBTransfer

2702 kBSize

26 Cookies

3 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.irsloopholekit-email3.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

96 %
HTTPS

46 %
IPv6

30
Domains

42
Subdomains

39
IPs

5
Countries

1453 kB
Transfer

2702 kB
Size

26
Cookies

94 HTTP transactions
2 data transactions