www.freescoreclick.com Open in urlscan Pro
18.160.10.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://storage.googleapis.com/q2c8v0n7d8b4a3h1/q0a9e6o6m8d6j4h7.html#cVgGaGkcS.jspf?fQ3Z7cccRVQwcxNsccdcWZc8c69NLj0ZGcbbb5c
Effective URL:
https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&...
Submission: On August 08 via manual (August 8th 2023, 6:26:16 pm UTC) from CA — Scanned from US

Summary HTTP 26 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 26 HTTP transactions. The main IP is 18.160.10.13, located in United States and belongs to AMAZON-02, US. The main domain is www.freescoreclick.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 25th 2023. Valid for: a year.

This is the only time www.freescoreclick.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2607:f8b0:400... 2607:f8b0:4006:81d::2010	15169 (GOOGLE) (GOOGLE)
1 1	111.90.139.33 111.90.139.33	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
1 1	8.45.51.43 8.45.51.43	35913 (DEDIPATH-LLC) (DEDIPATH-LLC)
1 1	54.167.252.202 54.167.252.202	14618 (AMAZON-AES) (AMAZON-AES)
1 25	18.160.10.13 18.160.10.13	16509 (AMAZON-02) (AMAZON-02)
1	35.227.215.218 35.227.215.218	15169 (GOOGLE) (GOOGLE)
26	4

1 2607:f8b0:4006:81d::2010 (Stony Point, United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.90.139.33 (Malaysia) 1 redirects

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: fenemoregroup.com

fenemoregroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.45.51.43 (Henderson, United States) 1 redirects

ASN35913 (DEDIPATH-LLC, US)

www.tyingree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.167.252.202 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-252-202.compute-1.amazonaws.com

novatrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 18.160.10.13 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-13.iad12.r.cloudfront.net

www.freescoreclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.215.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.215.227.35.bc.googleusercontent.com

www.pmd3trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	freescoreclick.com 1 redirects www.freescoreclick.com	286 KB
1	pmd3trk.com www.pmd3trk.com — Cisco Umbrella Rank: 731191	545 B
1	novatrk.com 1 redirects novatrk.com	833 B
1	tyingree.com 1 redirects www.tyingree.com	647 B
1	fenemoregroup.com 1 redirects fenemoregroup.com	318 B
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 467	796 B
26	6

	Domain	Requested by
25	www.freescoreclick.com	1 redirects storage.googleapis.com www.freescoreclick.com
1	www.pmd3trk.com	www.freescoreclick.com
1	novatrk.com	1 redirects
1	www.tyingree.com	1 redirects
1	fenemoregroup.com	1 redirects
1	storage.googleapis.com
26	6

This site contains links to these domains. Also see Links.

Domain
www.trustedsite.com
policies.google.com

Subject Issuer	Validity	Valid
freescoreclick.com Amazon RSA 2048 M02	`2023-04-25` - `2024-05-23`	a year	crt.sh
pmd3trk.com Starfield Secure Certificate Authority - G2	`2022-12-18` - `2024-01-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
Frame ID: 0C7489DF12D3E01F2AB0B0D3744107C3
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get Your Credit Score Online

Page URL History Show full URLs

http://storage.googleapis.com/q2c8v0n7d8b4a3h1/q0a9e6o6m8d6j4h7.html Page URL
http://fenemoregroup.com/anchorcVgGaGkcS.jspf?fQ3Z7cccRVQwcxNsccdcWZc8c69NLj0ZGcbbb5c HTTP 302
https://www.tyingree.com/2FS5GQ86M/BGCW75S/?sub1=rtXchwXsGGeUoraPe-7g1g12sK3jrC6ay-V3Mbw&sub2=SEmczvq... HTTP 302
https://novatrk.com/?a=5543&c=1329&s1=705038&s2=51b02ef8f3d64c4087294886e9976dee&s3=rtXchwXsGGeU... HTTP 302
https://www.freescoreclick.com/redirect?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082 HTTP 302
https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

286 kB
Transfer

548 kB
Size

11
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.trustedsite.com/verify?js=1&host=viewfreescore.com

Search URL Search Domain Scan URL

URL: https://www.trustedsite.com/verify?host=freescoreclick.com

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://storage.googleapis.com/q2c8v0n7d8b4a3h1/q0a9e6o6m8d6j4h7.html Page URL
http://fenemoregroup.com/anchorcVgGaGkcS.jspf?fQ3Z7cccRVQwcxNsccdcWZc8c69NLj0ZGcbbb5c HTTP 302
https://www.tyingree.com/2FS5GQ86M/BGCW75S/?sub1=rtXchwXsGGeUoraPe-7g1g12sK3jrC6ay-V3Mbw&sub2=SEmczvqO%7E9pBF%7EnSOpF-5CKF40kfaOPTaLQ&sub3=sukm%7EavlF7II HTTP 302
https://novatrk.com/?a=5543&c=1329&s1=705038&s2=51b02ef8f3d64c4087294886e9976dee&s3=rtXchwXsGGeUoraPe-7g1g12sK3jrC6ay-V3Mbw HTTP 302
https://www.freescoreclick.com/redirect?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082 HTTP 302
https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK q0a9e6o6m8d6j4h7.html
storage.googleapis.com/q2c8v0n7d8b4a3h1/ 111 B
796 B 143ms
65ms Document
text/html 2607:f8b0:4006:81d::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://storage.googleapis.com/q2c8v0n7d8b4a3h1/q0a9e6o6m8d6j4h7.html
Protocol: HTTP/1.1
Server: 2607:f8b0:4006:81d::2010 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 1490
Cache-Control: public, max-age=3600
Content-Length: 111
Content-Type: text/html
Date: Tue, 08 Aug 2023 18:01:19 GMT
ETag: "3217d3c75d5f4894d83033ab027db4ac"
Expires: Tue, 08 Aug 2023 19:01:19 GMT
Last-Modified: Thu, 22 Jun 2023 11:00:40 GMT
Server: UploadServer
X-GUploader-UploadID: ADPycdtxmjbJ8YwsA7YYgOGdrM2CEfzmHWUnorD_O0AVu8-ob4EJROvljISLgKkDkwaM0QcdROf0cHdJ_NxOqsOREcR--g
x-goog-generation: 1687431640075113
x-goog-hash: crc32c=66cFgA== md5=MhfTx11fSJTYMDOrAn20rA==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 111

GET
H2

200

Primary Request lp Show response
www.freescoreclick.com/sP1eU0qW/
Redirect Chain

http://fenemoregroup.com/anchorcVgGaGkcS.jspf?fQ3Z7cccRVQwcxNsccdcWZc8c69NLj0ZGcbbb5c
https://www.tyingree.com/2FS5GQ86M/BGCW75S/?sub1=rtXchwXsGGeUoraPe-7g1g12sK3jrC6ay-V3Mbw&sub2=SEmczvqO%7E9pBF%7EnSOpF-5CKF40kfaOPTaLQ&sub3=sukm%7EavlF7II
https://novatrk.com/?a=5543&c=1329&s1=705038&s2=51b02ef8f3d64c4087294886e9976dee&s3=rtXchwXsGGeUoraPe-7g1g12sK3jrC6ay-V3Mbw
https://www.freescoreclick.com/redirect?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082
https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31...

52 KB
14 KB

79ms
78ms

Document
text/html

18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806

Requested by

Host: storage.googleapis.com
URL: http://storage.googleapis.com/q2c8v0n7d8b4a3h1/q0a9e6o6m8d6j4h7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

c8bfd11a727b6c1ff8f94d5c84df644041ffbea3032cc7c789e159ab73234f6e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://storage.googleapis.com/q2c8v0n7d8b4a3h1/q0a9e6o6m8d6j4h7.html#cVgGaGkcS.jspf?fQ3Z7cccRVQwcxNsccdcWZc8c69NLj0ZGcbbb5c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18331
alt-svc: h3=":443"; ma=86400
cache-control: no-cache="Set-Cookie"
content-encoding: gzip
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 13:20:41 GMT
etag: W/"d0c3-HuTjAMKCZ8Lmq/6XT8u5Z6+JCl8"
referrer-policy: same-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-rid;desc="gZ7fD5pyfR-esy3XyEaQSQ8l6343imJRr_5cdQ9uWTwb2sG9FPMpnQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=11
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
x-amz-cf-id: gZ7fD5pyfR-esy3XyEaQSQ8l6343imJRr_5cdQ9uWTwb2sG9FPMpnQ==
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-rds-hit: yes
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
content-length: 652
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 18:26:12 GMT
from-redirect: true
location: /sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
referrer-policy: same-origin
server-timing: cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=218,cdn-cache-miss,cdn-pop;desc="IAD12-P3",cdn-rid;desc="Jr3dBJN4mrLP17sQY0XbBiEOt_-0l3b_pC31bDwCo-lo9WLmeqQ59g==",cdn-downstream-fbl;dur=222
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept
via: 1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
x-amz-cf-id: Jr3dBJN4mrLP17sQY0XbBiEOt_-0l3b_pC31bDwCo-lo9WLmeqQ59g==
x-amz-cf-pop: IAD12-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 0

GET
H3 200 4upBUbfmQfqASKYkWAbh-freescoreclick.com.svg
www.freescoreclick.com/resources/images/ 6 KB
3 KB 65ms
64ms Image
image/svg+xml 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/resources/images/4upBUbfmQfqASKYkWAbh-freescoreclick.com.svg

Requested by

Host: www.freescoreclick.com
URL: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

58042affab5d0691c0af1eeadf693b9b3c6837b3b8dc1696b0e7e5406399f6d5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Thu, 03 Aug 2023 15:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 441816
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="wg3igyL39FmZZ5aznE48tmauPx2dAS-fLwO9MB7f6nB7G6xOiPFkcw==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Wed, 02 Nov 2022 00:01:27 GMT
server: AmazonS3
etag: W/"dbb5832a4e3093163eba70b664796738"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=604800
x-amz-cf-id: wg3igyL39FmZZ5aznE48tmauPx2dAS-fLwO9MB7f6nB7G6xOiPFkcw==

GET
H3 200 bureaus.svg
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 11 KB
5 KB 70ms
69ms Image
image/svg+xml 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/bureaus.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

897a4e1697336dace32fa18f2b216ff97193cb25de8bd8fcdd849cbcd85c11db

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Mon, 07 Aug 2023 19:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 84101
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="-B_Au3bab-E3VMlyC9n5D49c5-rkNXwBLB_iVb51QfXB2FKsDC7T2w==",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:57:58 GMT
etag: W/"2d21-189d1260870"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-cf-id: -B_Au3bab-E3VMlyC9n5D49c5-rkNXwBLB_iVb51QfXB2FKsDC7T2w==

GET
H3 200 3bdesktop_n960x960.webp
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 39 KB
40 KB 69ms
68ms Image
image/webp 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/3bdesktop_n960x960.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

4feeb3fc265d8b73f21c04f4c19466a10c2a3dac10f56fe0198b1783549b95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:32:54 GMT
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 6798
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="0KppwXl17JSBD26N_kazJui1UCzC_r7_1Gu3lpTgUo1nvXw3yF-2Ww==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
content-length: 40220
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:57:58 GMT
etag: W/"9d1c-189d1260870"
x-frame-options: DENY
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: 0KppwXl17JSBD26N_kazJui1UCzC_r7_1Gu3lpTgUo1nvXw3yF-2Ww==

GET
H3 200 secure-ssl-encryption.svg
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 9 KB
5 KB 67ms
66ms Image
image/svg+xml 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/secure-ssl-encryption.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

f5571c0cce230552078bed8954df7a3ce1156f08c5ae9d992f691dec76b2f741

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 08 Aug 2023 14:34:17 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 13915
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="ke10McaCHNv8wlfhIjYUxr1SVleLWLBZb-p_ndEEBbNY0FtW0h7bWQ==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:58:00 GMT
etag: W/"2523-189d1261040"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-cf-id: ke10McaCHNv8wlfhIjYUxr1SVleLWLBZb-p_ndEEBbNY0FtW0h7bWQ==

GET
H3 200 efvanilla.js Show response
www.freescoreclick.com/resources/js/ 43 KB
9 KB 65ms
64ms Script
application/javascript 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freescoreclick.com/resources/js/efvanilla.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

66d14d1fb6c59b199eeeacaf074f5aaf6e4e788fb4cde596dd07d98718762764

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 01 Aug 2023 23:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 584812
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="JwWlAglpJ-KEyL33VM8T8HzXqlJIjXicvxX0ZY-cF3k6Hlm35nnykg==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Wed, 02 Nov 2022 00:00:59 GMT
server: AmazonS3
etag: W/"565c315235742fcab30508d3e1e927eb"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-cf-id: JwWlAglpJ-KEyL33VM8T8HzXqlJIjXicvxX0ZY-cF3k6Hlm35nnykg==

GET
H3 200 jquery.3.7.0.min.js Show response
www.freescoreclick.com/resources/js/ 85 KB
30 KB 74ms
72ms Script
application/javascript 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freescoreclick.com/resources/js/jquery.3.7.0.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

32b42f9bc813dd6bad1b45129eade1df8dd1463908f79505209fbfa1aa71018a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 08 Aug 2023 04:40:00 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 49573
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="pQ1bZK3eWqJ9eLib5kaxHW8ic9KKcC3oOKnZ0fbbylHMqHrT_tO7OQ==",cdn-downstream-fbl;dur=10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 10 Jul 2023 13:42:08 GMT
server: AmazonS3
etag: W/"4fcf018b5c604c47ae980185cf0167c2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-amz-cf-id: pQ1bZK3eWqJ9eLib5kaxHW8ic9KKcC3oOKnZ0fbbylHMqHrT_tO7OQ==

GET
H3 200 bootstrap.min.js Show response
www.freescoreclick.com/general/js/bootstrap/4.6.2/ 61 KB
15 KB 72ms
70ms Script
application/javascript 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freescoreclick.com/general/js/bootstrap/4.6.2/bootstrap.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

7e01d2e4e9c29b6d8ad98086d154d5f11d21d668726e8cebe6844c2db81604b8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
Origin: https://www.freescoreclick.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 08 Aug 2023 17:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 4094
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="4yikX_DrltZRKECJCvyGMqgcA4TvRC_t0NVQftP9ysDVXQ54Ji0QDQ==",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:58:00 GMT
etag: W/"f469-189d1261040"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
x-amz-cf-id: 4yikX_DrltZRKECJCvyGMqgcA4TvRC_t0NVQftP9ysDVXQ54Ji0QDQ==

GET
H3 200 jquery.validate.1.19.5.min.js Show response
www.freescoreclick.com/resources/js/ 48 KB
10 KB 65ms
64ms Script
application/javascript 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freescoreclick.com/resources/js/jquery.validate.1.19.5.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e9ed0df9626254a05e4e2b4ad46292c0f8b7adb74fa4bb6ea9a8a2b598de0f6c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
date: Tue, 08 Aug 2023 00:11:39 GMT
x-content-type-options: nosniff
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 65674
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="Y_OcBcahUEH2EfgxVRXuuDfCOByQdnGrs5i_OrPAO4LLZ2Rr6LL0Ng==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Fri, 17 Mar 2023 15:02:16 GMT
server: AmazonS3
etag: W/"d22e0b334f03215d57df1d0c17d1fa1b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-amz-cf-id: Y_OcBcahUEH2EfgxVRXuuDfCOByQdnGrs5i_OrPAO4LLZ2Rr6LL0Ng==

GET
H3 200 signuppath.js Show response
www.freescoreclick.com/general/js/ 4 KB
2 KB 67ms
66ms Script
application/javascript 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freescoreclick.com/general/js/signuppath.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

ac4d042cd63584ce8ce20acd261b668ebbd13b9458c34a188ad8fb6d8eafc648

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 08 Aug 2023 13:41:31 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 17081
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="WtdoY1VHw-y__MAOk-_mMGB6l-HH62jpRppDMrCx8luRW1EqcsUvwg==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:57:59 GMT
etag: W/"fa5-189d1260c58"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
x-amz-cf-id: WtdoY1VHw-y__MAOk-_mMGB6l-HH62jpRppDMrCx8luRW1EqcsUvwg==

GET
DATA 200
OK truncated
/ 58 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63e486661fa339d1cf77bdffa9d8d818e3c91984454633e4073e07142e3ecf26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 mulish.woff2
www.freescoreclick.com/fonts/ 18 KB
19 KB 103ms
103ms Font
font/woff2 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freescoreclick.com/fonts/mulish.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

b9d0521258e26facda9df232a5a05444ae311b63eb620a043157676d3971384d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
Origin: https://www.freescoreclick.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:26:12 GMT
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
x-powered-by: Express
x-cache: Miss from cloudfront
server-timing: cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=13,cdn-cache-miss,cdn-pop;desc="IAD12-P3",cdn-rid;desc="NMz3WSCD-_14bszCNBFDLquK77VEFIcSvAOYrlHicrNL7t2CQiPi7w==",cdn-downstream-fbl;dur=27
alt-svc: h3=":443"; ma=86400
content-length: 18232
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:57:58 GMT
etag: W/"4738-189d1260870"
x-frame-options: DENY
content-type: font/woff2
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: NMz3WSCD-_14bszCNBFDLquK77VEFIcSvAOYrlHicrNL7t2CQiPi7w==

GET
H3 200 trustedsite.svg
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 7 KB
4 KB 79ms
78ms Image
image/svg+xml 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/trustedsite.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

eb7d8edbbaf1db91338518f592e0be6273c2cf45907373379a6ca2ddd7cdb054

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 08 Aug 2023 13:41:31 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 17081
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="lco9Rwz8F6D-4h8dvcU84jINgYAHTd4i5WIZT4q0aUaQIZRdV3UvEA==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:57:59 GMT
etag: W/"1cf9-189d1260c58"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-cf-id: lco9Rwz8F6D-4h8dvcU84jINgYAHTd4i5WIZT4q0aUaQIZRdV3UvEA==

GET
H3 200 arrow-black-2.webp
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 618 B
1 KB 83ms
80ms Image
image/webp 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/arrow-black-2.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

cea5837f4a88688e36f7418b6ac18ad9f7b6415dc963d5a645505f2c2f3d43e1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:32:54 GMT
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 6798
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="KE69O4vEb2UkB9IB0OW6ePGPP30HV76kPUFi2StWiuiCdI1id2Ob9g==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
content-length: 618
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:58:00 GMT
etag: W/"26a-189d1261040"
x-frame-options: DENY
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: KE69O4vEb2UkB9IB0OW6ePGPP30HV76kPUFi2StWiuiCdI1id2Ob9g==

GET
H3 200 1m-seal.webp
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 3 KB
4 KB 83ms
80ms Image
image/webp 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/1m-seal.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

41c0dbbed3ec62b52a38f0b1a83382ac4c865895cb6501e720f5baf0c05e2751

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 11:35:44 GMT
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 24628
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="aLReZ0r0pe4UkwZ7uzuMfNgmXBWJvAYwy-zClqh3VVUflA7VLLhLVQ==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
content-length: 3084
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:58:00 GMT
etag: W/"c0c-189d1261040"
x-frame-options: DENY
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: aLReZ0r0pe4UkwZ7uzuMfNgmXBWJvAYwy-zClqh3VVUflA7VLLhLVQ==

GET
H3 200 checkmark-green.svg
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 385 B
1 KB 102ms
99ms Image
image/svg+xml 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/checkmark-green.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

32bbcf06a42d8d591d2384b8f7b959c41b8a89790444753e2cc96b0b80a094ac

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 01:26:41 GMT
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 61171
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="cBDKlkpobInpEJ5brMhGG-n3MIRn1e7FLaB7SLJDmo-tz5nbxfCKIQ==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 385
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:58:00 GMT
etag: W/"181-189d1261040"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: cBDKlkpobInpEJ5brMhGG-n3MIRn1e7FLaB7SLJDmo-tz5nbxfCKIQ==

GET
H3 200 icon1.svg
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 20 KB
15 KB 97ms
94ms Image
image/svg+xml 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/icon1.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

d68fb951e8d2cd1b83f7306ac7bcc94271b021d13b870d21116ccf7b84ce0696

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 08 Aug 2023 14:23:56 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 14536
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="DWu7Qk9QAI66I_GMqK5HzryH_G6EDt8gAVGWBrwXOnQ05zkLUka6Wg==",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:57:59 GMT
etag: W/"5103-189d1260c58"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-cf-id: DWu7Qk9QAI66I_GMqK5HzryH_G6EDt8gAVGWBrwXOnQ05zkLUka6Wg==

GET
H3 200 icon2.svg
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 30 KB
23 KB 98ms
95ms Image
image/svg+xml 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/icon2.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

029d5f2f75b2fabbe6564432d3606656e92ef9bb8049fd8a1d60868e65bfdfaf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 08 Aug 2023 07:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 38883
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="CYn8LYda2VhjWAxXuorJjt14eeBcUu_u9jD60NmjEghALrFrbC0IIQ==",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:58:00 GMT
etag: W/"7767-189d1261040"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-cf-id: CYn8LYda2VhjWAxXuorJjt14eeBcUu_u9jD60NmjEghALrFrbC0IIQ==

GET
H3 200 icon3.svg
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 27 KB
20 KB 85ms
82ms Image
image/svg+xml 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/icon3.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

ce5d2b728abef5265bb03a5a41ab6da7e9bf975af4dd8127e7492b5dc1859115

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 08 Aug 2023 17:09:02 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 4630
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="F_skq4IAqF10v-j7ib_yi4h-76XuW2E2x03kQhhH0Icyo5wC8cX3yw==",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:58:00 GMT
etag: W/"6b9b-189d1261040"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-cf-id: F_skq4IAqF10v-j7ib_yi4h-76XuW2E2x03kQhhH0Icyo5wC8cX3yw==

GET
H3 200 icon4.svg
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 21 KB
16 KB 85ms
82ms Image
image/svg+xml 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/icon4.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

9b488825d525f1bad033ac476e2c4335f882178452608265729ce4ec54af8242

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 08 Aug 2023 07:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 38883
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="SAmbH2m73gg7v9oxtZbJhT26gG99js0qxMMXpkru9ChmNUgmRxixrA==",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:58:01 GMT
etag: W/"5481-189d1261428"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-cf-id: SAmbH2m73gg7v9oxtZbJhT26gG99js0qxMMXpkru9ChmNUgmRxixrA==

GET
H3 200 icon5.svg
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 35 KB
27 KB 98ms
96ms Image
image/svg+xml 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/icon5.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

2d18d725ee286f0cfff03ecbcc491f6d02437c1178d2302d3be25f6036976a28

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 08 Aug 2023 12:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 23155
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="FH8Rp_ldjP2axeqJS9wKoA5TPSgNokMlNf-0TfVccbRy3ERrlkrZdQ==",cdn-downstream-fbl;dur=11
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:57:59 GMT
etag: W/"8cf3-189d1260c58"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-cf-id: FH8Rp_ldjP2axeqJS9wKoA5TPSgNokMlNf-0TfVccbRy3ERrlkrZdQ==

GET
H3 200 icon6.svg
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 23 KB
17 KB 83ms
80ms Image
image/svg+xml 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/icon6.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

779404db18944bf97d398349fdc776b04be10e56df01920928710df4ce454774

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
date: Tue, 08 Aug 2023 18:18:48 GMT
x-content-type-options: nosniff
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 452
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="DvRsnu7mirKDI0eeYEOd5YZ_okaRb9kht9RWt-6J21-UKZC_5U9y6g==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:57:59 GMT
etag: W/"5b7f-189d1260c58"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-cf-id: DvRsnu7mirKDI0eeYEOd5YZ_okaRb9kht9RWt-6J21-UKZC_5U9y6g==

GET
H3 200 michaelh.webp
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 850 B
2 KB 83ms
81ms Image
image/webp 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/michaelh.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

04ea62c0fb490842262074ad9fa15e034df6d891ed0637b3620dddb0205b8cd4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 15:29:12 GMT
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 10620
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="le92KhK3UftVC6dFb_n89HW29dGq39_XdaCdswmbwYXFMwMhk40s5Q==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 850
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:57:59 GMT
etag: W/"352-189d1260c58"
x-frame-options: DENY
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: le92KhK3UftVC6dFb_n89HW29dGq39_XdaCdswmbwYXFMwMhk40s5Q==

GET
H3 200 5stars.webp
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 850 B
2 KB 95ms
92ms Image
image/webp 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/5stars.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

4d7359e35afbc8c69a4e90a8adfc5552dac84e9d80d2a41382f62f73e7693426

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 15:29:12 GMT
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 10620
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="uscvLJPYRqjqDHYWmA83bf8TeJJdTQi43x1OnWrZHeLGHFQfpAZK3w==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
content-length: 850
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:57:59 GMT
etag: W/"352-189d1260c58"
x-frame-options: DENY
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: uscvLJPYRqjqDHYWmA83bf8TeJJdTQi43x1OnWrZHeLGHFQfpAZK3w==

GET
H3 200 rebeccah.webp
www.freescoreclick.com/templates/sP1eU0qW/images/lp/ 958 B
2 KB 97ms
94ms Image
image/webp 18.160.10.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freescoreclick.com/templates/sP1eU0qW/images/lp/rebeccah.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

18.160.10.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-13.iad12.r.cloudfront.net

Software

/ Express

Resource Hash

a63ab034d047760416c4d14621e7e0df1d1776cbf1afd48560767225f8b688ad

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src ; style-src data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freescoreclick.com/sP1eU0qW/lp?pid=66&oid=17&uid=0&sub1=5543&sub2=705038&sub5=56384082&gid=1672&source_id=sP1eU0qW&m=false&hcity=Miami&hstate=FL&clid=a345c065-c64e-4656-b906-c7ed20b2a31a&dcid=f51cb30d-9555-4195-b62d-0b5c7395d1b1&pfid=6336f5da-c67f-4048-a330-6f082142c806
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 15:29:12 GMT
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: filesystem: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-amz-cf-pop: IAD12-P3
age: 10620
x-powered-by: Express
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="IAD12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="GW0159NfxSO7rGHD4_HHa1u8zdzID7oRWQNWWrJ9Cnt8sUvx6OU0Ag==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
content-length: 958
x-xss-protection: 0
referrer-policy: same-origin
last-modified: Mon, 07 Aug 2023 17:58:00 GMT
etag: W/"3be-189d1261040"
x-frame-options: DENY
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: GW0159NfxSO7rGHD4_HHa1u8zdzID7oRWQNWWrJ9Cnt8sUvx6OU0Ag==

GET
H2 200 click Show response
www.pmd3trk.com/sdk/ 86 B
545 B 454ms
61ms Fetch
application/json 35.227.215.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pmd3trk.com/sdk/click?_ef_transaction_id=&oid=17&affid=66&__cc=&async=json&uid=0&sub1=5543&sub2=705038&sub5=56384082&source_id=sP1eU0qW
Requested by: Host: www.freescoreclick.com
URL: https://www.freescoreclick.com/resources/js/efvanilla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.215.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.215.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9d90040da71685506d253168e406094ae637b6f6fb8cc8eca5fdbb4cdce3faf0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:26:12 GMT
via: 1.1 google
server: nginx
accept-ch: Sec-Ch-Ua-Platform-Version
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.freescoreclick.com
access-control-allow-credentials: true
x-eflow-request-id: e46e507d-a1c9-441f-bfa5-d4334b17835f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.novatrk.com/	1969-12-31 23:59:59	Name: sid Value: 8E9egmru+Qq6gBIfD0kcodhiOcdtBX0nctoSR14J6jJ95DYfufnwnQ==
.novatrk.com/	1970-01-20 23:27:59	Name: trk Value: YcSFgjrbeHq6gBIfD0kcodhiOcdtBX0nctoSR14J6jJ95DYfufnwnQ==
.novatrk.com/	1970-01-20 14:35:11	Name: c315 Value: 8E9egmru+Qruw5S8APVGgCfEdZXkgIbZn+NFhhzfhIbuXaGFIQ7frQ==
www.freescoreclick.com/	1970-01-20 13:53:25	Name: be7a0f21502fcf313af732948d8003c6 Value: s%3Aclidkey_13b24595448700294d7b5d7eb3362df6.RcPcwtGJKsKVbAfYJaWKddXtqrPO%2BJDgyBo8fhFu8iM
www.freescoreclick.com/	1970-01-20 23:27:59	Name: 6D3DB007-9F67-416E-B0B1-FC1FFEFEFB44 Value: s%3Af51cb30d-9555-4195-b62d-0b5c7395d1b1.Eq0Nzi%2Bqn2iKSg4lslSzPsbS2WQ7lT24B7QYNvfnyKs
www.freescoreclick.com/	1970-01-20 23:27:59	Name: 3906DCC0-7E2A-11EC-BF44-0800200C9A66 Value: s%3A6336f5da-c67f-4048-a330-6f082142c806.1vc32E%2FG11JCdKSnQSWKtT471AODWFA6gR%2BHFS%2BYxR4
www.freescoreclick.com/	1970-01-20 13:52:13	Name: sess Value: s%3AlG14nyRKgh9a9-W7MbFxhi-mpbCJanFD.rGmeLcrbg9PEFgpcCkmYuwvwPseudaxl%2B%2BWgzTZqVdQ
www.pmd3trk.com/	1970-01-20 13:53:25	Name: uniqueClick Value: 280f663d-2fb5-4a56-acc4-14b4e4bd5c5f:1691519172
www.pmd3trk.com/	1970-01-20 16:01:35	Name: transaction_id Value: e799a3323f1544018f3e0d0327bb45bc
www.freescoreclick.com/	1970-01-20 14:35:11	Name: ef_tid_c_o_17 Value: e799a3323f1544018f3e0d0327bb45bc
www.freescoreclick.com/	1970-01-20 14:35:11	Name: ef_tid_c_a_1 Value: e799a3323f1544018f3e0d0327bb45bc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fenemoregroup.com
novatrk.com
storage.googleapis.com
www.freescoreclick.com
www.pmd3trk.com
www.tyingree.com
111.90.139.33
18.160.10.13
2607:f8b0:4006:81d::2010
35.227.215.218
54.167.252.202
8.45.51.43
029d5f2f75b2fabbe6564432d3606656e92ef9bb8049fd8a1d60868e65bfdfaf
04ea62c0fb490842262074ad9fa15e034df6d891ed0637b3620dddb0205b8cd4
2d18d725ee286f0cfff03ecbcc491f6d02437c1178d2302d3be25f6036976a28
32b42f9bc813dd6bad1b45129eade1df8dd1463908f79505209fbfa1aa71018a
32bbcf06a42d8d591d2384b8f7b959c41b8a89790444753e2cc96b0b80a094ac
41c0dbbed3ec62b52a38f0b1a83382ac4c865895cb6501e720f5baf0c05e2751
4d7359e35afbc8c69a4e90a8adfc5552dac84e9d80d2a41382f62f73e7693426
4feeb3fc265d8b73f21c04f4c19466a10c2a3dac10f56fe0198b1783549b95cf
58042affab5d0691c0af1eeadf693b9b3c6837b3b8dc1696b0e7e5406399f6d5
63e486661fa339d1cf77bdffa9d8d818e3c91984454633e4073e07142e3ecf26
66d14d1fb6c59b199eeeacaf074f5aaf6e4e788fb4cde596dd07d98718762764
779404db18944bf97d398349fdc776b04be10e56df01920928710df4ce454774
7e01d2e4e9c29b6d8ad98086d154d5f11d21d668726e8cebe6844c2db81604b8
897a4e1697336dace32fa18f2b216ff97193cb25de8bd8fcdd849cbcd85c11db
9b488825d525f1bad033ac476e2c4335f882178452608265729ce4ec54af8242
9d90040da71685506d253168e406094ae637b6f6fb8cc8eca5fdbb4cdce3faf0
a63ab034d047760416c4d14621e7e0df1d1776cbf1afd48560767225f8b688ad
ac4d042cd63584ce8ce20acd261b668ebbd13b9458c34a188ad8fb6d8eafc648
b9d0521258e26facda9df232a5a05444ae311b63eb620a043157676d3971384d
c8bfd11a727b6c1ff8f94d5c84df644041ffbea3032cc7c789e159ab73234f6e
ce5d2b728abef5265bb03a5a41ab6da7e9bf975af4dd8127e7492b5dc1859115
cea5837f4a88688e36f7418b6ac18ad9f7b6415dc963d5a645505f2c2f3d43e1
d68fb951e8d2cd1b83f7306ac7bcc94271b021d13b870d21116ccf7b84ce0696
e9ed0df9626254a05e4e2b4ad46292c0f8b7adb74fa4bb6ea9a8a2b598de0f6c
eb7d8edbbaf1db91338518f592e0be6273c2cf45907373379a6ca2ddd7cdb054
f5571c0cce230552078bed8954df7a3ce1156f08c5ae9d992f691dec76b2f741

www.freescoreclick.com Open in urlscan Pro 18.160.10.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

17 %IPv6

6 Domains

6 Subdomains

4 IPs

2 Countries

286 kBTransfer

548 kBSize

11 Cookies

4 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

www.freescoreclick.com Open in urlscan Pro
18.160.10.13 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

286 kB
Transfer

548 kB
Size

11
Cookies

26 HTTP transactions
1 data transactions