click1.em.investingchannel.com Open in urlscan Pro
74.214.203.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click1.em.investingchannel.com/ViewMessage.do?m=hscvnqhbs&r=dgrrcmtdcm&s=mppvjmcgpkyqsbbtswwmsdgkpnyntyzymsy&q=1675711800&a=view
Effective URL:
http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Submission: On February 06 via api (February 6th 2023, 11:50:52 pm UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 28 HTTP transactions. The main IP is 74.214.203.11, located in United States and belongs to AMAZON-AES, US. The main domain is click1.em.investingchannel.com. The Cisco Umbrella rank of the primary domain is 757242.

This is the only time click1.em.investingchannel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
10	34.239.29.224 34.239.29.224	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.58.159 162.19.58.159	16276 (OVH) (OVH)
5	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1	96.46.128.252 96.46.128.252	14618 (AMAZON-AES) (AMAZON-AES)
28	10

2 74.214.203.11 (United States)

ASN14618 (AMAZON-AES, US)

click1.em.investingchannel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.239.29.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-29-224.compute-1.amazonaws.com

iclnd.investingchannel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.58.159 (France)

ASN16276 (OVH, FR)
PTR: ns3096667.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.128.252 (United States)

ASN14618 (AMAZON-AES, US)
PTR: www.efeedbacktrk.com

f29147.efeedbacktrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	investingchannel.com click1.em.investingchannel.com — Cisco Umbrella Rank: 757242 iclnd.investingchannel.com — Cisco Umbrella Rank: 147870 stgiclnd.investingchannel.com Failed eas.investingchannel.com Failed	454 KB
6	googleusercontent.com lh6.googleusercontent.com — Cisco Umbrella Rank: 372 lh4.googleusercontent.com — Cisco Umbrella Rank: 375 lh3.googleusercontent.com — Cisco Umbrella Rank: 64	463 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	177 KB
1	efeedbacktrk.com f29147.efeedbacktrk.com	466 B
1	gstatic.com fonts.gstatic.com	31 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 13440	63 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	971 B
28	7

	Domain	Requested by
10	iclnd.investingchannel.com	click1.em.investingchannel.com
4	connect.facebook.net	click1.em.investingchannel.com connect.facebook.net
3	lh3.googleusercontent.com	click1.em.investingchannel.com
2	lh6.googleusercontent.com	click1.em.investingchannel.com
2	click1.em.investingchannel.com
1	f29147.efeedbacktrk.com	click1.em.investingchannel.com
1	fonts.gstatic.com	fonts.googleapis.com
1	lh4.googleusercontent.com	click1.em.investingchannel.com
1	i.ibb.co	click1.em.investingchannel.com
1	fonts.googleapis.com	click1.em.investingchannel.com
0	eas.investingchannel.com Failed	click1.em.investingchannel.com
0	stgiclnd.investingchannel.com Failed	click1.em.investingchannel.com
28	12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com
iclnd.investingchannel.com
investingchannel.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-16` - `2023-02-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
ibb.co R3	`2023-02-06` - `2023-05-07`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.investingchannel.com Go Daddy Secure Certificate Authority - G2	`2022-05-11` - `2023-06-12`	a year	crt.sh
*.efeedbacktrk.com Go Daddy Secure Certificate Authority - G2	`2022-04-28` - `2023-04-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Frame ID: 1040EB7C3F99E590AFFE8A75A5848E21
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Has the Meta Ship Sailed? Has the Meta Ship Sailed?<

Page URL History Show full URLs

http://click1.em.investingchannel.com/ViewMessage.do?m=hscvnqhbs&r=dgrrcmtdcm&s=mppvjmcgpkyqsbbtswwmsdgkpnyntyzyms... Page URL
http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

28
Requests

75 %
HTTPS

56 %
IPv6

7
Domains

12
Subdomains

10
IPs

4
Countries

1190 kB
Transfer

1631 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/InvestingChannel/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/investing-channel

Search URL Search Domain Scan URL

URL: https://twitter.com/InvestChannel

Search URL Search Domain Scan URL

URL: https://www.instagram.com/investingchannelinc/

Search URL Search Domain Scan URL

URL: https://iclnd.investingchannel.com/nl_forms/src/allowlist?campaignname=The%20Cleanse&email=TheCleanse@em.investingchannel.com
Title: allow us on your list

Search URL Search Domain Scan URL

URL: https://iclnd.investingchannel.com/unsubscribeme/?email=c2hhdWNoYS5sb3BlekBhbWVyaWNhbmZpZGVsaXR5LmNvbQ&listid=177
Title: here

Search URL Search Domain Scan URL

URL: https://iclnd.investingchannel.com/preference-center/?ref_id=c2hhdWNoYS5sb3BlekBhbWVyaWNhbmZpZGVsaXR5LmNvbQ&list_id=177&mailing_id=102734
Title: preference center

Search URL Search Domain Scan URL

URL: https://investingchannel.com/policy
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click1.em.investingchannel.com/ViewMessage.do?m=hscvnqhbs&r=dgrrcmtdcm&s=mppvjmcgpkyqsbbtswwmsdgkpnyntyzymsy&q=1675711800&a=view Page URL
http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 3

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK ViewMessage.do Show response
click1.em.investingchannel.com/ 3 KB
3 KB 203ms
101ms Document
text/html 74.214.203.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.em.investingchannel.com/ViewMessage.do?m=hscvnqhbs&r=dgrrcmtdcm&s=mppvjmcgpkyqsbbtswwmsdgkpnyntyzymsy&q=1675711800&a=view
Protocol: HTTP/1.1
Server: 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: aa5e1ee6b8bb6f22e5d5208a4eb9ac26b7f95d43c0b3aaae26179be015a0484d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Feb 2023 23:50:46 GMT
Keep-Alive: timeout=60
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

48ms
16ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do?m=hscvnqhbs&r=dgrrcmtdcm&s=mppvjmcgpkyqsbbtswwmsdgkpnyntyzymsy&q=1675711800&a=view

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98b9fea9433ec7e65c4434a8b2b9c51270e2588af26cd8362a5edc2c742b8761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 23:50:47 GMT
content-md5: hRF48taEenAYg6KTvLRC/g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: nQVgra4hY10QZOvRBf7PFqXNQ0hFSVaWpuYacHghL+g37v9W41wlALI4Dss3zREpab3qv/SQMkMaIlvnAgGgmA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: ad868743113b937924d670fac0c94671
cross-origin-opener-policy: same-origin-allow-popups
etag: "397d33c21e9275bf4c4de1702896356f"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 06 Feb 2023 23:50:56 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 all.js
connect.facebook.net/en_US/ 308 KB
86 KB 34ms
16ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=46da5ea8ba1daa9d5be75cc741f486f4

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://click1.em.investingchannel.com/
Origin: http://click1.em.investingchannel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 23:50:47 GMT
content-md5: Gn459RnigcbTeYRxDXkYYQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88316
x-fb-rlafr: 0
x-fb-debug: UpSDX/d300gBkobnju6O3uBRczaX2rOnQ2CNsMu7Q3oTyBv9N4+c7qm7Z6GFN46mbiLWHC0CwLCpzmQYeLrE0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: cbf1f988a4622955840e5f4ae5585d54
cross-origin-opener-policy: same-origin-allow-popups
etag: "702e17fa8603988f4b885d37858cba37"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 06 Feb 2024 22:19:33 GMT

POST
H/1.1 200
OK Primary Request ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F Show response
click1.em.investingchannel.com/ 40 KB
40 KB 165ms
164ms Document
text/html 74.214.203.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: HTTP/1.1
Server: 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 51457e3d25a2c1456a8505abf0c5b089161f181d6621a41044175785a31fbdd2

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: http://click1.em.investingchannel.com
Referer: http://click1.em.investingchannel.com/ViewMessage.do?m=hscvnqhbs&r=dgrrcmtdcm&s=mppvjmcgpkyqsbbtswwmsdgkpnyntyzymsy&q=1675711800&a=view
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Feb 2023 23:50:47 GMT
Keep-Alive: timeout=60
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

16ms
15ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98b9fea9433ec7e65c4434a8b2b9c51270e2588af26cd8362a5edc2c742b8761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 23:50:47 GMT
content-md5: hRF48taEenAYg6KTvLRC/g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: nQVgra4hY10QZOvRBf7PFqXNQ0hFSVaWpuYacHghL+g37v9W41wlALI4Dss3zREpab3qv/SQMkMaIlvnAgGgmA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: ad868743113b937924d670fac0c94671
cross-origin-opener-policy: same-origin-allow-popups
etag: "397d33c21e9275bf4c4de1702896356f"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 06 Feb 2023 23:50:56 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
971 B 135ms
52ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&display=swap

Requested by

Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2ac45e05f5188999247bc9287fc7b21b6e501c0fc286073074abb1e38eac743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 23:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 23:37:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 23:50:47 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 308 KB
86 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=46da5ea8ba1daa9d5be75cc741f486f4

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31bf9221d3e74d5e74c3b4156e298396bff1c3ad1a58c370c5345d5b8565d1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://click1.em.investingchannel.com/
Origin: http://click1.em.investingchannel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 23:50:47 GMT
content-md5: Gn459RnigcbTeYRxDXkYYQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88316
x-fb-rlafr: 0
x-fb-debug: UpSDX/d300gBkobnju6O3uBRczaX2rOnQ2CNsMu7Q3oTyBv9N4+c7qm7Z6GFN46mbiLWHC0CwLCpzmQYeLrE0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: cbf1f988a4622955840e5f4ae5585d54
cross-origin-opener-policy: same-origin-allow-popups
etag: "702e17fa8603988f4b885d37858cba37"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 06 Feb 2024 22:19:33 GMT

GET
H/1.1 200
OK thecleanselogo.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/ICTheCleanse/ 155 KB
155 KB 207ms
104ms Image
image/png 34.239.29.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://iclnd.investingchannel.com/nl_forms/src/public/assets/images/ICTheCleanse/thecleanselogo.png
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: HTTP/1.1
Server: 34.239.29.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-29-224.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6f85313d3a812349e9d40331b56369fdb4e715117e8e84aefd9c0190a36c8379

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 23:50:47 GMT
Last-Modified: Thu, 07 Oct 2021 10:43:01 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "26a8a-5cdc0ed448d1a"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 158346

GET
H2 200 girl-worried-chewing-her-pencil.jpg
i.ibb.co/bg7F9qr/ 63 KB
63 KB 120ms
17ms Image
image/jpeg 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/bg7F9qr/girl-worried-chewing-her-pencil.jpg
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: ea8601d0fcea7b8cf24a86a285c4b1a308ef0dcfd7c0717378892e5a99f58da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:50:47 GMT
last-modified: Fri, 20 Jan 2023 10:24:22 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 64314
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 G65dlz7ZQ_-isu0ltyWdr_LJ5TjFAddRfJ290FLJOILVCcLQPonv-snKCk9mIuiGcj8KuZdpuv8OmtrYvBer6UerSg6Rzi8WzWG4173TPSN-iL5QDwAI5vceHQqzTSWCPPBq2dQjsXFwmMgKNVoqbCQ
lh6.googleusercontent.com/ 108 KB
108 KB 127ms
29ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/G65dlz7ZQ_-isu0ltyWdr_LJ5TjFAddRfJ290FLJOILVCcLQPonv-snKCk9mIuiGcj8KuZdpuv8OmtrYvBer6UerSg6Rzi8WzWG4173TPSN-iL5QDwAI5vceHQqzTSWCPPBq2dQjsXFwmMgKNVoqbCQ

Requested by

Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0df03c10f909b794fa2193d021cc6722b65348b8e0bcf6282ea6e241b6766059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:15:26 GMT
x-content-type-options: nosniff
age: 2121
content-disposition: inline;filename="image.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110488
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Feb 2023 17:31:05 GMT

GET
H2 200 yq_Z9vhw7jIdVFcHFKbzDL8evDwL8E4y33JEQjEEIz4tnasjOVjZ6gMCVspCZ9lXeAF0qiYsPsyVt6k5pNbg3d6l9dDNEieShpt0U-oFcoUjCnTn1oAIu-Ha4muO7TMEtCiBqSszYlKO5--7NGKapcY
lh4.googleusercontent.com/ 61 KB
62 KB 126ms
28ms Image
image/png 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/yq_Z9vhw7jIdVFcHFKbzDL8evDwL8E4y33JEQjEEIz4tnasjOVjZ6gMCVspCZ9lXeAF0qiYsPsyVt6k5pNbg3d6l9dDNEieShpt0U-oFcoUjCnTn1oAIu-Ha4muO7TMEtCiBqSszYlKO5--7NGKapcY

Requested by

Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ccb0113054d8a836c3fd9d81278249d4189f5d606476490a943026a03875ef61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 22:21:57 GMT
x-content-type-options: nosniff
age: 5330
content-disposition: inline;filename="image.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62742
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Feb 2023 17:31:05 GMT

GET
H2 200 u_cdV5XeJVSFS6Pzh9D6WGa0wb4h_-8CxBZqPZ5PTio5m9EFyikP1GtmB5f9djdYHAIKb82MJHLEGwp0WG3vM2h3285mHw8YGWxDQfr3qZb8Sr9vnqv1kZr0BhT18zwGMBeAbiRe-VdEkV1N27CWBYg
lh3.googleusercontent.com/ 126 KB
126 KB 127ms
30ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/u_cdV5XeJVSFS6Pzh9D6WGa0wb4h_-8CxBZqPZ5PTio5m9EFyikP1GtmB5f9djdYHAIKb82MJHLEGwp0WG3vM2h3285mHw8YGWxDQfr3qZb8Sr9vnqv1kZr0BhT18zwGMBeAbiRe-VdEkV1N27CWBYg

Requested by

Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5251aa04ddc51ec4dbd8d3c629e886fb04aa15cadcd9b81491962443fd4c4b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:15:26 GMT
x-content-type-options: nosniff
age: 2121
content-disposition: inline;filename="image.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128518
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Feb 2023 17:31:05 GMT

GET
H2 200 U2QePee156LYWiUwKWbmn1ahQz3RkBnjyn0840k6ni4bnjA0ajQKoxjne8whjYFoD0zDvSA9c-qSQaFzdet3ReLgwTe43m3BJK0PoFhHfB_QprWYNajgZcmkke0uwUKh-ObJeIFLjcFVbxPgDaWTRZQ
lh6.googleusercontent.com/ 54 KB
54 KB 158ms
61ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/U2QePee156LYWiUwKWbmn1ahQz3RkBnjyn0840k6ni4bnjA0ajQKoxjne8whjYFoD0zDvSA9c-qSQaFzdet3ReLgwTe43m3BJK0PoFhHfB_QprWYNajgZcmkke0uwUKh-ObJeIFLjcFVbxPgDaWTRZQ

Requested by

Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7f78723b6a230c29e9137c88ebe7f92ce39268a86d83ffb1ad125f0213f85e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:15:26 GMT
x-content-type-options: nosniff
age: 2121
content-disposition: inline;filename="image.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55340
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Feb 2023 17:31:05 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 125ms
29ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://click1.em.investingchannel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 16:49:14 GMT
x-content-type-options: nosniff
age: 370893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:49:14 GMT

GET IntroBold.otf
stgiclnd.investingchannel.com/nl_forms/src/public/assets/fonts/ 0
0

GET
H2 200 UNp0zCFO0F7XJvrlSFD2tDzuUOtPTCkoE98SZkBPGHzmchaFhUtSGRd-D7HIMol6YUcdBbCZRGicTzbhxg_MR3MS903MjhKuo6v8zqOv_Jn-EE2ehfNKpy4BD9XDd3fHw6c4CVCJb-Vz40VZ3ac-Iwk
lh3.googleusercontent.com/ 48 KB
48 KB 150ms
107ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/UNp0zCFO0F7XJvrlSFD2tDzuUOtPTCkoE98SZkBPGHzmchaFhUtSGRd-D7HIMol6YUcdBbCZRGicTzbhxg_MR3MS903MjhKuo6v8zqOv_Jn-EE2ehfNKpy4BD9XDd3fHw6c4CVCJb-Vz40VZ3ac-Iwk

Requested by

Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cd62d29a7922143313e0566adcb68fe3c4414930d33068d9eb1e390583e9d8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:15:26 GMT
x-content-type-options: nosniff
age: 2121
content-disposition: inline;filename="image.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49328
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Feb 2023 17:31:05 GMT

GET
H2 200 5kca-ky8Y6PTFV6w2_uBv6Qt5E60wgn4K9MJCw-1-N3J4MOWl3StJRirS4X3dhVYf9gq6fpUZWf0hSoABW4yi5qj3ekIZ8pRMQqKFORv27_uNXHhLAUDJNP0c_SCuoxK_vigs9WRz3VNyJh3PnQBIso
lh3.googleusercontent.com/ 65 KB
65 KB 159ms
116ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/5kca-ky8Y6PTFV6w2_uBv6Qt5E60wgn4K9MJCw-1-N3J4MOWl3StJRirS4X3dhVYf9gq6fpUZWf0hSoABW4yi5qj3ekIZ8pRMQqKFORv27_uNXHhLAUDJNP0c_SCuoxK_vigs9WRz3VNyJh3PnQBIso

Requested by

Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b58600629702fe9f6982180c06b8d5a0ee66d2cb33109c994c6714f41f0480c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:15:26 GMT
x-content-type-options: nosniff
age: 2121
content-disposition: inline;filename="image.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66738
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Feb 2023 17:31:05 GMT

GET
H2 200 fbsocial.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/ 548 B
734 B 304ms
100ms Image
image/png 34.239.29.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/fbsocial.png
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.29.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-29-224.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 61a3aca796c07a0604967e77250dc068759e552d5bd9f2207078b2f1274bcf4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:50:47 GMT
last-modified: Mon, 23 Jan 2023 06:24:46 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "224-5f2e874a715f3"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 548

GET
H2 200 twsocial.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/ 682 B
867 B 305ms
101ms Image
image/png 34.239.29.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/twsocial.png
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.29.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-29-224.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bde8a7a16eccacd986ff0ee8b649944ff25d8aca1725f035f948bda805db3022

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:50:47 GMT
last-modified: Mon, 23 Jan 2023 06:24:48 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "2aa-5f2e874bcd073"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 682

GET
H2 200 lnsocial.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/ 541 B
726 B 599ms
394ms Image
image/png 34.239.29.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/lnsocial.png
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.29.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-29-224.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 01ed36ef8b7f89a329bd76bc47305902e81e4c57dfedeeda2d360261449b551a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:50:47 GMT
last-modified: Mon, 23 Jan 2023 06:24:47 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "21d-5f2e874b1d3f3"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 541

GET
H2 200 emsocial.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/ 2 KB
2 KB 501ms
297ms Image
image/png 34.239.29.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/emsocial.png
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.29.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-29-224.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 033a3e9004c4caa1bd7923f438be4e1cd207c7ac04c522f13bb5bb0b9096d5bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:50:47 GMT
last-modified: Mon, 30 Jan 2023 06:54:32 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "6fa-5f375affa2ad9"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1786

GET PixelDot_TheCleanse
eas.investingchannel.com/api/impression/PixelDotSite/ 0
0

GET
H/1.1 200
OK hchpdjvrfgbzqmhhzsmnnzjmwrzgfcbcsblbjmbqqnmwmn_uywgnfhpnfshfpnphhmyy.gif
f29147.efeedbacktrk.com/ 68 B
466 B 1265ms
107ms Image
image/png 96.46.128.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f29147.efeedbacktrk.com/hchpdjvrfgbzqmhhzsmnnzjmwrzgfcbcsblbjmbqqnmwmn_uywgnfhpnfshfpnphhmyy.gif
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.128.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: www.efeedbacktrk.com
Software: sp /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 23:50:48 GMT
Server: sp
Content-Type: image/png;charset=utf-8
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
imagetoolbar: no
Connection: Keep-Alive
Keep-Alive: timeout=60
Content-Length: 68
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 white_logo.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/ 38 KB
38 KB 397ms
298ms Image
image/png 34.239.29.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/white_logo.png
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.29.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-29-224.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6aac9a03b221c5b7e85901f346e5042f9fc58246ff265becc994af6e492a1458

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:50:47 GMT
last-modified: Tue, 16 Mar 2021 16:45:38 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "96ca-5bdaa189632b6"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 38602

GET
H2 200 facebook.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/ 49 KB
49 KB 290ms
198ms Image
image/png 34.239.29.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/facebook.png
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.29.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-29-224.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 06b0025ce038759318767d059c0b4dd4847d6c9400b8542b79b12946ba73d22c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:50:47 GMT
last-modified: Tue, 16 Mar 2021 16:45:38 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "c246-5bdaa18a0d176"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 49734

GET
H2 200 linkedin.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/ 66 KB
66 KB 294ms
293ms Image
image/png 34.239.29.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/linkedin.png
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.29.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-29-224.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b43556e274d6525065afb0bd5f064ec1a75c63017c688df4ccb94cb4bcc342cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:50:47 GMT
last-modified: Tue, 16 Mar 2021 16:45:36 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "1086c-5bdaa1884bdf6"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 67692

GET
H2 200 twitter.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/ 94 KB
94 KB 293ms
293ms Image
image/png 34.239.29.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/twitter.png
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.29.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-29-224.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5d7852fd3aa231f08521874e11537416bec49d893828db09e4d3934737024037

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:50:47 GMT
last-modified: Tue, 16 Mar 2021 16:45:35 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "178c9-5bdaa18689ad6"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 96457

GET
H2 200 instagramic.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/ 4 KB
5 KB 294ms
294ms Image
image/png 34.239.29.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/instagramic.png
Requested by: Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.29.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-29-224.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a0ca23c14e4d9fb51efca9a14496f94b3bbd8d2d4ed3a787da474df5865955c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.investingchannel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:50:47 GMT
last-modified: Mon, 14 Mar 2022 09:30:45 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "115f-5da2a55b8a31c"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4447

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stgiclnd.investingchannel.com
URL: https://stgiclnd.investingchannel.com/nl_forms/src/public/assets/fonts/IntroBold.otf

Domain: eas.investingchannel.com
URL: https://eas.investingchannel.com/api/impression/PixelDotSite/PixelDot_TheCleanse?emailId=shaucha.lopez@americanfidelity.com&mailingId=TheCleanse@em.investingchannel.com&pos=0&size=1x1&resolution=1px&utm_source=adwords&utm_medium=Email&utm_campaign=The%20Cleanse%20Newsletter&utm_content=ads.investingchannel.com&utm_term=230206175047&pageId=23020617504700&postupMailId=102734

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| FB object| __buffer

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			click1.em.investingchannel.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 1CF54D97DA1B26EBBD703CB7412B50BC

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=ABBC71599D95CBD99E400B8F58250C2F Message: Access to font at 'https://stgiclnd.investingchannel.com/nl_forms/src/public/assets/fonts/IntroBold.otf' from origin 'http://click1.em.investingchannel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://stgiclnd.investingchannel.com/nl_forms/src/public/assets/fonts/IntroBold.otf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click1.em.investingchannel.com
connect.facebook.net
eas.investingchannel.com
f29147.efeedbacktrk.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
iclnd.investingchannel.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh6.googleusercontent.com
stgiclnd.investingchannel.com
eas.investingchannel.com
stgiclnd.investingchannel.com
162.19.58.159
2a00:1450:400d:808::2001
2a00:1450:400d:80c::2001
2a00:1450:400d:80d::2003
2a00:1450:400d:80e::200a
2a03:2880:f01c:8012:face:b00c:0:3
34.239.29.224
74.214.203.11
96.46.128.252
01ed36ef8b7f89a329bd76bc47305902e81e4c57dfedeeda2d360261449b551a
033a3e9004c4caa1bd7923f438be4e1cd207c7ac04c522f13bb5bb0b9096d5bb
06b0025ce038759318767d059c0b4dd4847d6c9400b8542b79b12946ba73d22c
0df03c10f909b794fa2193d021cc6722b65348b8e0bcf6282ea6e241b6766059
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
31bf9221d3e74d5e74c3b4156e298396bff1c3ad1a58c370c5345d5b8565d1fd
51457e3d25a2c1456a8505abf0c5b089161f181d6621a41044175785a31fbdd2
5251aa04ddc51ec4dbd8d3c629e886fb04aa15cadcd9b81491962443fd4c4b70
5d7852fd3aa231f08521874e11537416bec49d893828db09e4d3934737024037
61a3aca796c07a0604967e77250dc068759e552d5bd9f2207078b2f1274bcf4b
6aac9a03b221c5b7e85901f346e5042f9fc58246ff265becc994af6e492a1458
6f85313d3a812349e9d40331b56369fdb4e715117e8e84aefd9c0190a36c8379
7f78723b6a230c29e9137c88ebe7f92ce39268a86d83ffb1ad125f0213f85e5a
98b9fea9433ec7e65c4434a8b2b9c51270e2588af26cd8362a5edc2c742b8761
9b58600629702fe9f6982180c06b8d5a0ee66d2cb33109c994c6714f41f0480c
a0ca23c14e4d9fb51efca9a14496f94b3bbd8d2d4ed3a787da474df5865955c5
aa5e1ee6b8bb6f22e5d5208a4eb9ac26b7f95d43c0b3aaae26179be015a0484d
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b43556e274d6525065afb0bd5f064ec1a75c63017c688df4ccb94cb4bcc342cd
bde8a7a16eccacd986ff0ee8b649944ff25d8aca1725f035f948bda805db3022
ccb0113054d8a836c3fd9d81278249d4189f5d606476490a943026a03875ef61
cd62d29a7922143313e0566adcb68fe3c4414930d33068d9eb1e390583e9d8f9
d2ac45e05f5188999247bc9287fc7b21b6e501c0fc286073074abb1e38eac743
ea8601d0fcea7b8cf24a86a285c4b1a308ef0dcfd7c0717378892e5a99f58da8

click1.em.investingchannel.com Open in urlscan Pro 74.214.203.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

75 %HTTPS

56 %IPv6

7 Domains

12 Subdomains

10 IPs

4 Countries

1190 kBTransfer

1631 kBSize

1 Cookies

8 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

click1.em.investingchannel.com Open in urlscan Pro
74.214.203.11 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

75 %
HTTPS

56 %
IPv6

7
Domains

12
Subdomains

10
IPs

4
Countries

1190 kB
Transfer

1631 kB
Size

1
Cookies

28 HTTP transactions
0 data transactions