urlscan.io logo urlscan.io
SecurityTrails logo

my.consumeraffairs.com Open in urlscan Pro
54.186.8.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.consumeraffairs.com/u/click?_t=8daf31f6608b49a79b6c4d7f39ec0114&_m=b84ef81d9f554bbdae0fb32cc2e580cf&_e=Ckkib...
Effective URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_...
Submission: On May 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 16 domains to perform 80 HTTP transactions. The main IP is 54.186.8.231, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is my.consumeraffairs.com. The Cisco Umbrella rank of the primary domain is 447804.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 9th 2023. Valid for: a year.
This is the only time my.consumeraffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:225... 16509 (AMAZON-02)
29 54.186.8.231 16509 (AMAZON-02)
3 192.229.233.28 15133 (EDGECAST)
4 2a00:1450:400... 15169 (GOOGLE)
9 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a03:2880:f08... 32934 (FACEBOOK)
3 52.57.129.72 16509 (AMAZON-02)
2 2a03:2880:f13... 32934 (FACEBOOK)
2 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
3 20.62.48.180 8075 (MICROSOFT...)
1 2a02:2638:3::e ()
3 2.23.209.145 ()
1 2600:9000:223... ()
1 143.204.215.125 ()
1 2 2a02:2638:d::d ()
1 178.250.7.13 ()
80 23
1    2600:9000:2250:d400:10:53d4:f0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
links.consumeraffairs.com
29    54.186.8.231 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-8-231.us-west-2.compute.amazonaws.com
my.consumeraffairs.com
3    192.229.233.28 (Granada Hills, United States)

ASN15133 (EDGECAST, US)
media.consumeraffairs.com
4    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2600:9000:223e:3e00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
3    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    52.57.129.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-129-72.eu-central-1.compute.amazonaws.com
collect.tealiumiq.com
2    2a03:2880:f13d:83:face:b00c:0:25de (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
3    20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
1    2a02:2638:3::e (None, )

ASN- ()
dynamic.criteo.com
3    2.23.209.145 (None, )

ASN- ()
analytics.tiktok.com
1    2600:9000:223f:7e00:10:b308:84c0:93a1 (None, )

ASN- ()
static.bouncepilot.com
1    143.204.215.125 (None, )

ASN- ()
cdn.datasteam.io
2    2a02:2638:d::d (None, )

ASN- ()
gum.criteo.com
1    178.250.7.13 (None, )

ASN- ()
mug.criteo.com
Apex Domain
Subdomains		 Transfer
33 consumeraffairs.com
links.consumeraffairs.com — Cisco Umbrella Rank: 652280
my.consumeraffairs.com — Cisco Umbrella Rank: 447804
media.consumeraffairs.com — Cisco Umbrella Rank: 211499
238 KB
9 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1064
39 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 995
c.clarity.ms — Cisco Umbrella Rank: 1496
e.clarity.ms — Cisco Umbrella Rank: 18643
22 KB
4 criteo.com
dynamic.criteo.com
gum.criteo.com
mug.criteo.com
22 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 335
c.bing.com — Cisco Umbrella Rank: 233
15 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
248 KB
3 tiktok.com
analytics.tiktok.com
71 KB
3 tealiumiq.com
collect.tealiumiq.com — Cisco Umbrella Rank: 2915
2 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 150
156 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
239 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6386
562 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
562 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 74
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
1 datasteam.io
cdn.datasteam.io
22 KB
1 bouncepilot.com
static.bouncepilot.com
34 KB
80 16
Domain Requested by
29 my.consumeraffairs.com my.consumeraffairs.com
9 tags.tiqcdn.com my.consumeraffairs.com
tags.tiqcdn.com
4 www.googletagmanager.com my.consumeraffairs.com
www.googletagmanager.com
tags.tiqcdn.com
3 analytics.tiktok.com tags.tiqcdn.com
analytics.tiktok.com
3 e.clarity.ms www.clarity.ms
3 collect.tealiumiq.com tags.tiqcdn.com
3 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
3 bat.bing.com tags.tiqcdn.com
bat.bing.com
my.consumeraffairs.com
3 media.consumeraffairs.com my.consumeraffairs.com
2 gum.criteo.com 1 redirects dynamic.criteo.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.facebook.com my.consumeraffairs.com
2 www.google.de my.consumeraffairs.com
2 www.google.com my.consumeraffairs.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 mug.criteo.com
1 cdn.datasteam.io tags.tiqcdn.com
1 static.bouncepilot.com tags.tiqcdn.com
1 dynamic.criteo.com tags.tiqcdn.com
1 c.bing.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 links.consumeraffairs.com 1 redirects
80 24

This site contains links to these domains. Also see Links.

Domain
consumeraffairs.com
www.consumeraffairs.com
Subject Issuer Validity Valid
*.consumeraffairs.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2024-04-01		 a year crt.sh
media.consumeraffairs.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-06-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-15 -
2023-05-16		 3 months crt.sh
*.tealiumiq.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-09-23		 7 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
*.bouncepilot.com
Amazon RSA 2048 M02		 2023-04-24 -
2024-05-22		 a year crt.sh
cdn.datasteam.io
Amazon RSA 2048 M02		 2023-02-23 -
2023-10-17		 8 months crt.sh

This page contains 2 frames:

Primary Page: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Frame ID: C8B3D5AFA21F981EC68E88CA3AB120F5
Requests: 78 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=my.consumeraffairs.com&origin=onetag
Frame ID: D2E3D4CBE1EFBAA2F3A9E097B41F8F89
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get Matched With Your Best Debt Relief Company Today!

Page URL History Show full URLs

  1. https://links.consumeraffairs.com/u/click?_t=8daf31f6608b49a79b6c4d7f39ec0114&_m=b84ef81d9f554bbdae0fb32cc... HTTP 303
    https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

80
Requests

95 %
HTTPS

65 %
IPv6

16
Domains

24
Subdomains

23
IPs

5
Countries

890 kB
Transfer

2603 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.consumeraffairs.com/u/click?_t=8daf31f6608b49a79b6c4d7f39ec0114&amp;_m=b84ef81d9f554bbdae0fb32cc2e580cf&amp;_e=CkkibQEwksIvsISJZHkZ44xIdxs2nnwxTvA6UlQhLgk82JTO4UzMvTxqh3pOSYSZT1Aoo6c60Ql85apC-tdLfhGxI7Kc08p7MJkjlDJaraa7ysp_PYQVJ8majhZ2Z6zwiYdfV6pMcgovEj7Pj9JWCqDhxYqEDqGjLQm1d3PWXo4bAa2t1aRBfuwGhMoXkWjdK91QatTDxx2opDwAUX2ML9zc1vRM5__zAoMkY719S4-gqN4s1tHqfaqo-0HSqwKq2g0TXhfrKAg2cR1nsrzd8vEBob48e7TRLP7qgHJIXpcyoEQz0LR0YSvfbJILPGsVlHFI_oH95nbzDLq_0P5QtfXs6VjAmC9zOVC-42EHGoyze_fhQkXEgLEIu9ERv87xjnTufWLjL3tTi-9curojyjlp2vp9LgavhNX3dHFQADEI-1AqQfnLCWuswLkcYI3lUoc-6BG_nxqJcwpC7Oqut51HxIE3lrVvqdftkfvvoHvPcKld5v1cny3TMNShngaivly22BoMkNYsgJ_GBMG0u9Qssg5TxPg1gAD-nBVCdlzAySptlr_kc8-EKpvqBVVgCRVbWNHzr3H4_pZJUsIgxQ*3D*3D HTTP 303
    https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5F8DDE8244FA462F812154713E54E9B8&RedC=c.clarity.ms&MXFR=358B4B5513966A493E89585E179664B0 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5F8DDE8244FA462F812154713E54E9B8&MUID=106764F983266B1C26A977F282266A34
Request Chain 74
  • https://gum.criteo.com/sid/json?origin=onetag&domain=consumeraffairs.com&sn=ChromeSyncframe&so=0&topUrl=my.consumeraffairs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=VvABZ3xNYWhpc2V5aGIwVFR2Y01vMmcvMlUvNjJQSkJqSU1PTVpnMFIzbGZmaE9LeXpXSHJEN0llVG1TQ2ZrM0dzWExZeFRZZlJ3QncyNVBWLzVDWDM5cEhlR0UzbXlhZ01qZXZ5S05lN3dXREtsY3pNRnpoWnU3OEV1bFpwcHppZGI2dzdTcEtRcnlYc3NXZ2U1Z05sT0tSd2VVMzZndnZuWjg2aGVMYkRqNFlRVXl5VWo4aUt6OEQwVTkwY29rcXpHWnVlUzczUGRMZmNYQ0RWUWROS0ZUTXdPMGJhM3ZPd0tvYm9jR2FOaWpkWTByTlRQdCtDV0xUbUpNbWlNYlZhVzFHT3BQcWV0RStnU0J5Ty85SlM3SmVnelBQR2lZRnRYNktMT1liZTBwWm9mTT18&cppv=2

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my.consumeraffairs.com/debt-relief/get-started/
Redirect Chain
  • https://links.consumeraffairs.com/u/click?_t=8daf31f6608b49a79b6c4d7f39ec0114&amp;_m=b84ef81d9f554bbdae0fb32cc2e580cf&amp;_e=CkkibQEwksIvsISJZHkZ44xIdxs2nnwxTvA6UlQhLgk82JTO4UzMvTxqh3pOSYSZT1Aoo6c6...
  • https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:...
175 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
56a0b142fdffaf1254931c18997ad7a82dea096efc2b79be152a8d73dcc3be77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 08 May 2023 17:04:04 GMT
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie, Origin
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-security-policy
base-uri 'none'; worker-src 'self' blob:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub46dd5cf52153d917fc1d5e91ff3a600d&dd-evp-origin=content-security-policy&ddsource=csp-report; frame-ancestors 'self' https://links.iterable.com; script-src 'none'; object-src 'none'
date
Mon, 08 May 2023 17:04:03 GMT
location
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B"a":"ca","s":"it","m":"em","uid":"","cid":"6768348","cna":"20230506%20XS%20CLR","segment":"abandon"%7D
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
request-time
1
server
iterable-links 08b0
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-id
tfb-RPgYQK0Yy70MDp6F3jX0GjxoGA22EgtlrTI1a7mOrk5q4Fu4Iw==
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
Graphik-Medium.woff2
media.consumeraffairs.com/static/fonts/rebrand/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.consumeraffairs.com/static/fonts/rebrand/Graphik-Medium.woff2
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.28 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
07657e6ef7fb5e9823227480f9aefe4f929804bb761fc118542c6884264bec9d

Request headers

Referer
Origin
https://my.consumeraffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
last-modified
Mon, 08 Aug 2022 20:46:49 GMT
server
ECS (frb/6795)
age
19297769
etag
"62f17639-9940"
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
39232
expires
Tue, 07 May 2024 17:04:04 GMT
Graphik-Semibold-Web.woff2
media.consumeraffairs.com/static/fonts/rebrand/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.consumeraffairs.com/static/fonts/rebrand/Graphik-Semibold-Web.woff2
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.28 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
d44ec42b8e028423879dd789349f6d4c2551e49048c36bd771669f6491d5e7a7

Request headers

Referer
Origin
https://my.consumeraffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
last-modified
Mon, 08 Aug 2022 20:46:49 GMT
server
ECS (frb/6763)
age
19300019
etag
"62f17639-9f89"
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
40841
expires
Tue, 07 May 2024 17:04:04 GMT
PublicoHeadline-Medium-Web.woff2
media.consumeraffairs.com/static/fonts/rebrand/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.consumeraffairs.com/static/fonts/rebrand/PublicoHeadline-Medium-Web.woff2
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.28 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
c56fdf6f07445341dc84401fd891f5e0639648ac085d1d7f4b76055d11c8bffe

Request headers

Referer
Origin
https://my.consumeraffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
last-modified
Mon, 08 Aug 2022 20:46:49 GMT
server
ECS (frb/67F3)
age
19297769
etag
"62f17639-9701"
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
38657
expires
Tue, 07 May 2024 17:04:04 GMT
gtm.js
www.googletagmanager.com/ 		149 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NRTNTR9
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b3827fcbedb448acf4907e8963723d825568d68dc97dc1113c682aa8459cd00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56007
x-xss-protection
0
last-modified
Mon, 08 May 2023 16:09:48 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 May 2023 17:04:04 GMT
utag.js
tags.tiqcdn.com/utag/consumeraffairs/main/prod/ 		52 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a7324d7d8196dfb228ce481c1e440694576173b1061d48790ae043b336df868

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
tTGai_ymUkcWevy1X3Zol8hr6I3.E1VQ
content-encoding
br
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
date
Mon, 08 May 2023 17:02:42 GMT
last-modified
Tue, 02 May 2023 14:52:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
248
x-amz-server-side-encryption
AES256
etag
W/"3c8e2a3d1638048e8ae4f09d2fdafb9a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
mxlw9_LmiCrO9bksPJXWx-NBchl3BOokpiWHOGT56_OUXCnmgVDsIw==
ca_sg_lazyload.ea3f6c05d84b.js
my.consumeraffairs.com/static/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_lazyload.ea3f6c05d84b.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c3d17e050f025e17c0303ac0b27f9359156b154f800feb66ddb65fe1eaa0f8ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-e01"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
983
expires
Wed, 07 Jun 2023 17:04:04 GMT
ca_sg_tooltip_v2.d441d9dc2d57.js
my.consumeraffairs.com/static/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_tooltip_v2.d441d9dc2d57.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6bc25b0792d7d332aec85aadc97de1fca3367ca7c8188fc13039f941d4bbad19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-7070"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
8313
expires
Wed, 07 Jun 2023 17:04:04 GMT
ca_sg_load_on_demand.1a721aae232a.js
my.consumeraffairs.com/static/js/ 		1 KB
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_load_on_demand.1a721aae232a.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
abadf5445791567e3e30df90a1e6c00f7fc4c6241df1871025bab2b308c64adc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-462"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
412
expires
Wed, 07 Jun 2023 17:04:04 GMT
ca_sg_trustedform.139ffa0b904b.js
my.consumeraffairs.com/static/js/ 		1009 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_trustedform.139ffa0b904b.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c834a84f6a19d328a4362df89d065a559def51b0975f5406ba8950318c1723c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-3f1"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
415
expires
Wed, 07 Jun 2023 17:04:04 GMT
ca_sg_modal.9ddc84b3084e.js
my.consumeraffairs.com/static/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_modal.9ddc84b3084e.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6482a9ed7115d9326f9883942a70d4bdf5b2b69c02f8a4ee633d5a5c5b5cf8ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-37e2"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
3607
expires
Wed, 07 Jun 2023 17:04:04 GMT
sb_question_flow_v2.c593ac497f6a.js
my.consumeraffairs.com/static/js/ 		39 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/sb_question_flow_v2.c593ac497f6a.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
7c76d1999f061d5e0b2058226c1107840178d87e72c8b10bc7fcb453b37406a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-9ab6"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
9214
expires
Wed, 07 Jun 2023 17:04:04 GMT
main_site_core.0e6545f210d0.js
my.consumeraffairs.com/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/main_site_core.0e6545f210d0.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
178e13aff3754a6ca88da52547498f279ead30c409451b16574dd9f9cc9bab7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-9cd"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
813
expires
Wed, 07 Jun 2023 17:04:04 GMT
sb_trigger_action.2bfd5d5fac0d.js
my.consumeraffairs.com/static/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/sb_trigger_action.2bfd5d5fac0d.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
bc734eb7940113bb40c7add09236345188b6826eb6c2f694cbac94f1be5025d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-e2d"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
1202
expires
Wed, 07 Jun 2023 17:04:04 GMT
ca_sg_logger_v2.0fda4aa768d6.js
my.consumeraffairs.com/static/js/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_logger_v2.0fda4aa768d6.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0b91833553bfd2d45bac8518f93d5752c344937f8c4f19d78163ebbbf2e6baa1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-a081"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
11430
expires
Wed, 07 Jun 2023 17:04:04 GMT
rebrand.d41d8cd98f00.js
my.consumeraffairs.com/static/js/ 		0
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/rebrand.d41d8cd98f00.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-0"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
0
expires
Wed, 07 Jun 2023 17:04:04 GMT
ca_sg_phone_provider.3a2b03cfeebc.js
my.consumeraffairs.com/static/js/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_phone_provider.3a2b03cfeebc.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
df9717b2943d60f3e88b5e69da2e5884148607a635760b8f4b7b0602a8cb3dcb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-c5cd"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
13906
expires
Wed, 07 Jun 2023 17:04:04 GMT
ca_sg_uapi_critical.0b4b10a8c6cb.js
my.consumeraffairs.com/static/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_uapi_critical.0b4b10a8c6cb.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e97991cb9e18128abbac6e7ff61834631340e6deb34f64fed6c6f624499abab8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-522d"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
5094
expires
Wed, 07 Jun 2023 17:04:04 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTNTR9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 15:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
7144
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 08 May 2023 17:05:00 GMT
js
www.googletagmanager.com/gtag/ 		134 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-722596219
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTNTR9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2a4b236abae8cc28df07924ff45b0720c0139977390c8625d1eeca03c1e880a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52598
x-xss-protection
0
last-modified
Mon, 08 May 2023 16:17:54 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 May 2023 17:04:04 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/722596219/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/722596219/?random=1683565444605&cv=11&fst=1683565444605&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.consumeraffairs.com%2Fdebt-relief%2Fget-started%2F%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_6768348%26utm_source%3Diterable%26utm_medium%3Demail%26conaffid%3D%257B%2522a%2522%3A%2522ca%2522%2C%2522s%2522%3A%2522it%2522%2C%2522m%2522%3A%2522em%2522%2C%2522uid%2522%3A%2522%2522%2C%2522cid%2522%3A%25226768348%2522%2C%2522cna%2522%3A%252220230506%2520XS%2520CLR%2522%2C%2522segment%2522%3A%2522abandon%2522%257D&hn=www.googleadservices.com&frm=0&tiba=Get%20Matched%20With%20Your%20Best%20Debt%20Relief%20Company%20Today!&auid=1390235099.1683565445&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-722596219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ad92d213df4bf1d48ba7e9f4a7d957fe055e3949526ed977e32ae9ff8f86fcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1399
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1575696019&t=pageview&_s=1&dl=https%3A%2F%2Fmy.consumeraffairs.com%2Fdebt-relief%2Fget-started%2F%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_6768348%26utm_source%3Diterable%26utm_medium%3Demail%26conaffid%3D%257B%2522a%2522%3A%2522ca%2522%2C%2522s%2522%3A%2522it%2522%2C%2522m%2522%3A%2522em%2522%2C%2522uid%2522%3A%2522%2522%2C%2522cid%2522%3A%25226768348%2522%2C%2522cna%2522%3A%252220230506%2520XS%2520CLR%2522%2C%2522segment%2522%3A%2522abandon%2522%257D&ul=en-us&de=UTF-8&dt=Get%20Matched%20With%20Your%20Best%20Debt%20Relief%20Company%20Today!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1851360490&gjid=265714553&cid=428045668.1683565443&tid=UA-12322096-15&_gid=1209985679.1683565445&_r=1&_slc=1&gtm=45He3530n81NRTNTR9&cd2=category%20matching%20tool&cd60=%7B%22a%22%3A%20%22ca%22%2C%20%22s%22%3A%20%22it%22%2C%20%22m%22%3A%20%22em%22%2C%20%22uid%22%3A%20%22%22%2C%20%22cid%22%3A%20%226768348%22%2C%20%22cna%22%3A%20%2220230506%20XS%20CLR%22%2C%20%22segment%22%3A%20%22abandon%22%7D&cd61=rule_2_202005272212.json%20%7C%20conf%2045%20%7C%20Debt%20%2F%20Credit%20%2F%20Tax%20Relief%20All%20in%20One%20Flow%20-%2004.07.2023%20by%20Kevin%20T%20%7C%20Catchall&cd62=Flow%20builder&cd63=config_045_202108171926.json&cd64=3301e9bfc6a74ce3b119f6aba1f2b3e7&cd65=%7B%7D&cd71=d5515a86-fe3f-4d09-b0b7-e3ed7cefe2aa&cd72=1594&z=542654483
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 May 2023 17:04:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://my.consumeraffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
my.consumeraffairs.com/api/uapi/e/ 		71 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/api/uapi/e/
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/ca_sg_uapi_critical.0b4b10a8c6cb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
95a50ca8b013e5ad54fb134f0db6e8d07fa364173edbb51ef96639a6ac5c1161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

rule-name
rule_2_202005272212.json | conf 45 | Debt / Credit / Tax Relief All in One Flow - 04.07.2023 by Kevin T | Catchall
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json
template-name
Test PDQ-10658 -v1 -SupAdesign 2.0
previous-referer
config-name
config_045_202108171926.json
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
X-CSRFToken
E4eKHqtLOBcx7sZZ6AiuQaTtvH8NvupdXBcQKwaykiQ94KdtZKeermBItYJCTLLc
page-type
category matching tool

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
referrer-policy
same-origin
server
nginx
vary
Cookie, Origin
allow
POST, OPTIONS
content-type
application/json
x-frame-options
ALLOWALL
access-control-allow-origin
https://my.consumeraffairs.com
access-control-allow-credentials
true
content-length
71
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/ 		4 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-12322096-15&cid=428045668.1683565443&jid=1851360490&gjid=265714553&_gid=1209985679.1683565445&_u=YADAAEAAAAAAACAAI~&z=2107181623
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 08 May 2023 17:04:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://my.consumeraffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/722596219/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/722596219/?random=1683565444605&cv=11&fst=1683565200000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.consumeraffairs.com%2Fdebt-relief%2Fget-started%2F%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_6768348%26utm_source%3Diterable%26utm_medium%3Demail%26conaffid%3D%257B%2522a%2522%3A%2522ca%2522%2C%2522s%2522%3A%2522it%2522%2C%2522m%2522%3A%2522em%2522%2C%2522uid%2522%3A%2522%2522%2C%2522cid%2522%3A%25226768348%2522%2C%2522cna%2522%3A%252220230506%2520XS%2520CLR%2522%2C%2522segment%2522%3A%2522abandon%2522%257D&frm=0&tiba=Get%20Matched%20With%20Your%20Best%20Debt%20Relief%20Company%20Today!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=5035316&rmt_tld=0&ipr=y
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 17:04:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/722596219/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/722596219/?random=1683565444605&cv=11&fst=1683565200000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.consumeraffairs.com%2Fdebt-relief%2Fget-started%2F%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_6768348%26utm_source%3Diterable%26utm_medium%3Demail%26conaffid%3D%257B%2522a%2522%3A%2522ca%2522%2C%2522s%2522%3A%2522it%2522%2C%2522m%2522%3A%2522em%2522%2C%2522uid%2522%3A%2522%2522%2C%2522cid%2522%3A%25226768348%2522%2C%2522cna%2522%3A%252220230506%2520XS%2520CLR%2522%2C%2522segment%2522%3A%2522abandon%2522%257D&frm=0&tiba=Get%20Matched%20With%20Your%20Best%20Debt%20Relief%20Company%20Today!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=5035316&rmt_tld=1&ipr=y
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 17:04:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-12322096-15&cid=428045668.1683565443&jid=1851360490&_u=YADAAEAAAAAAACAAI~&z=1070670491
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 17:04:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-12322096-15&cid=428045668.1683565443&jid=1851360490&_u=YADAAEAAAAAAACAAI~&z=1070670491
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 17:04:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 08 May 2023 17:04:04 GMT
last-modified
Thu, 20 Apr 2023 19:01:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A0EF0DADECC044D59B874AE69CB35238 Ref B: FRAEDGE1920 Ref C: 2023-05-08T17:04:04Z
etag
"808c558fba73d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12036
utag.3.js
tags.tiqcdn.com/utag/consumeraffairs/main/prod/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.3.js?utv=ut4.48.202107291917
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3942b25ef8e7a5e7ec20f2418525b9cd94f5ea58725de1a905b085fc37fcffd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
Z6sPTk_FPxkb_sjLAPrB2DbF94MeLL70
content-encoding
br
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
date
Mon, 08 May 2023 17:02:43 GMT
last-modified
Tue, 02 May 2023 14:52:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
247
x-amz-server-side-encryption
AES256
etag
W/"63f9f6b45e876b83991f162dac0f304c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
6GUugB_zxwqJ6-uSmES8-EW94wAGqMYPgCQ84lzsD2vhmsH3hL1zvg==
utag.4.js
tags.tiqcdn.com/utag/consumeraffairs/main/prod/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.4.js?utv=ut4.48.202304141950
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2236fdcf1b0bbf58f47db66126a373c2391236c02f4ed66e155652befe614ddd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
BgvOyal6N2wXNupctNJl1aaJFA05ATYI
content-encoding
br
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
date
Mon, 08 May 2023 17:02:43 GMT
last-modified
Tue, 02 May 2023 14:52:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
247
x-amz-server-side-encryption
AES256
etag
W/"98966edc7d48d41f94e55dac76f653c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
9DAm7YYYt9FvSYByc5NYTJUaersnTcAIGW1gEmuu1FspyOTt5Sp9ug==
utag.2.js
tags.tiqcdn.com/utag/consumeraffairs/main/prod/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.2.js?utv=ut4.48.202205171450
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffa0a46d5b48e439d752767529efab618d418b523434a4293e21134e97068d7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
PoaBTG9YcEZVy2wv_WjOm3UdKdAQjNmQ
content-encoding
br
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
date
Mon, 08 May 2023 17:02:43 GMT
last-modified
Tue, 02 May 2023 14:52:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
247
x-amz-server-side-encryption
AES256
etag
W/"a07f9fe62d702b6adf85d66b60587267"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
bqohn3T6PN1wn1a8we_5XfmZ4hmRzJczbXaFaTT5kqOvnHSL1JvTNg==
hash-navigation.7dda7044965adbbf1cbe.js
my.consumeraffairs.com/static/js/ 		2 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/hash-navigation.7dda7044965adbbf1cbe.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/sb_question_flow_v2.c593ac497f6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
354db991f9bb03b338a4b57890bd6be508969da1fa25dd40f03a9d7c97a56b5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541742-95e"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
627
expires
Wed, 07 Jun 2023 17:04:04 GMT
scroll-top.ced79cc40ca6f648d502.js
my.consumeraffairs.com/static/js/ 		459 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/scroll-top.ced79cc40ca6f648d502.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/sb_question_flow_v2.c593ac497f6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6a2363a9b1350d1dc4915e500e16b595a416cd053add335bc6d2da601b572635
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541742-1cb"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
221
expires
Wed, 07 Jun 2023 17:04:04 GMT
timed.c63b9310c67f8d84af07.js
my.consumeraffairs.com/static/js/ 		774 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/timed.c63b9310c67f8d84af07.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/sb_question_flow_v2.c593ac497f6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b807a8926b3a6c99ff43195526fb0bd679870f85a2b31bbfb2d89ca876f85ce2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541742-306"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
373
expires
Wed, 07 Jun 2023 17:04:04 GMT
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-460ZBF3W58&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTNTR9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d145cfce3424aa95106a585c14ace850fdf1be525c66a0a10d9303fd9262ed2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72228
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 May 2023 17:04:04 GMT
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-460ZBF3W58
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ea63980109f2bc692d071aef2c6442ca4b06e34d54a79f47f1d1267c55730567
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72260
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 May 2023 17:04:04 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 08 May 2023 17:04:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
zz2Kr5jlc4QNRwCqaM2Qzr5dYeenoW4F79ou6UrV77KOt/XErpPraloB8z8SGWnnfdqWJkChaFtA7kYQ37zweQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
i.gif
collect.tealiumiq.com/consumeraffairs/main/2/ 		43 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/consumeraffairs/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.2.js?utv=ut4.48.202205171450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.129.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-129-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryH4l3kbRB7hDXo4No

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
x-serverid
uconnect_i-0c368b04845a7c41f
x-tid
0187fc51fd030021aeab09a19ab803073014a06b00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
consumeraffairs:main:2:datacloud
x-region
eu-central-1
content-length
43
pragma
no-cache
x-did
0187fc51fd030021aeab09a19ab803073014a06b00b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://my.consumeraffairs.com
x-ulver
9b1ec25f618f2852a333507ed7107ea8f8f4099c-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
09a2f608-a39c-458a-a276-18d711819aeb
expires
Mon, 08 May 2023 17:04:04 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=consumeraffairs/main/202305021451&cb=1683565444888
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Mon, 08 May 2023 16:56:38 GMT
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
E2hfnGyw-2RRjFR3j19KezFdgruTea76ABcQermvpAYkqC9PszgN8Q==
i.gif
collect.tealiumiq.com/consumeraffairs/main/2/ 		43 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/consumeraffairs/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.2.js?utv=ut4.48.202205171450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.129.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-129-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryZ6zzbNjB3eKzZ5Ly

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
x-serverid
uconnect_i-0b082bb9dc7f239fa
x-tid
0187fc51fd030021aeab09a19ab803073014a06b00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
consumeraffairs:main:2:datacloud
x-region
eu-central-1
content-length
43
pragma
no-cache
x-did
0187fc51fd030021aeab09a19ab803073014a06b00b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://my.consumeraffairs.com
x-ulver
9b1ec25f618f2852a333507ed7107ea8f8f4099c-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
9e8f3f45-106f-4ed3-b07d-07a85499e330
expires
Mon, 08 May 2023 17:04:04 GMT
307000698.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/307000698.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
66702e597f096c575d6845e1a967d82d5906aa963363390ba2f2eaa5bf3a4307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 08 May 2023 17:04:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 35F17C627B994A9FBA5795174742E176 Ref B: FRAEDGE1920 Ref C: 2023-05-08T17:04:04Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
content-length
1498
0
bat.bing.com/action/ 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=307000698&Ver=2&mid=5ec2bd0f-1cae-44e0-a3d5-431eacacb649&sid=568987d0edc211ed887f658d846b4427&vid=5689b4a0edc211ed9c7e4b1eb29c056e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Get%20Matched%20With%20Your%20Best%20Debt%20Relief%20Company%20Today!&p=https%3A%2F%2Fmy.consumeraffairs.com%2Fdebt-relief%2Fget-started%2F%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_6768348%26utm_source%3Diterable%26utm_medium%3Demail%26conaffid%3D%257B%2522a%2522%3A%2522ca%2522%2C%2522s%2522%3A%2522it%2522%2C%2522m%2522%3A%2522em%2522%2C%2522uid%2522%3A%2522%2522%2C%2522cid%2522%3A%25226768348%2522%2C%2522cna%2522%3A%252220230506%2520XS%2520CLR%2522%2C%2522segment%2522%3A%2522abandon%2522%257D&r=&lt=1741&evt=pageLoad&sv=1&rn=120308
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 17:04:04 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5AB189B54BC34544AF3B4148AA8A3A21 Ref B: FRAEDGE1920 Ref C: 2023-05-08T17:04:04Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.104
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 08 May 2023 17:04:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
HMnJvoo3Wiu0XNyRKCgS30RhOZHl3cMllraAWA4dBkq4yJ9d7wzL5W4+o2TYkengKWGlmcWDEZFcPQZzJAgsMA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
1036069066452108
connect.facebook.net/signals/config/ 		376 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1036069066452108?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce007cf4c1d65cb70b68d81c13d5754033b70183951456f06cccdca0bdf049d6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 08 May 2023 17:04:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
wd4im5fxu1L9Yd0AO/Mffu45ENmYNUpVASGZLnHRmyH7jql1dJUIlQk0geZLp+jGsTMfNh5nR5gOfPXQQcchlg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
my.consumeraffairs.com/api/uapi/e/ 		115 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/api/uapi/e/
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/ca_sg_uapi_critical.0b4b10a8c6cb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
487a6280c08cddd4ea9e37ac5738ef2c77e53e25d4eef8b23765835e593763d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

rule-name
rule_2_202005272212.json | conf 45 | Debt / Credit / Tax Relief All in One Flow - 04.07.2023 by Kevin T | Catchall
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json
template-name
Test PDQ-10658 -v1 -SupAdesign 2.0
previous-referer
config-name
config_045_202108171926.json
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
X-CSRFToken
E4eKHqtLOBcx7sZZ6AiuQaTtvH8NvupdXBcQKwaykiQ94KdtZKeermBItYJCTLLc
page-type
category matching tool

Response headers

date
Mon, 08 May 2023 17:04:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
referrer-policy
same-origin
server
nginx
vary
Cookie, Origin
allow
POST, OPTIONS
content-type
application/json
x-frame-options
ALLOWALL
access-control-allow-origin
https://my.consumeraffairs.com
access-control-allow-credentials
true
content-length
115
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1036069066452108&ev=PageView&dl=https%3A%2F%2Fmy.consumeraffairs.com%2Fdebt-relief%2Fget-started%2F%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_6768348%26utm_source%3Diterable%26utm_medium%3Demail%26conaffid%3D%257B%2522a%2522%3A%2522ca%2522%2C%2522s%2522%3A%2522it%2522%2C%2522m%2522%3A%2522em%2522%2C%2522uid%2522%3A%2522%2522%2C%2522cid%2522%3A%25226768348%2522%2C%2522cna%2522%3A%252220230506%2520XS%2520CLR%2522%2C%2522segment%2522%3A%2522abandon%2522%257D&rl=&if=false&ts=1683565445113&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1683565445112.363413977&cs_est=true&it=1683565444992&coo=false&eid=3c0b0701c176fc1a6087cab5b7a69e50&tm=1&rqm=GET
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 08 May 2023 17:04:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
307000698
www.clarity.ms/tag/uet/ 		1008 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/307000698
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/307000698.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c47aedd1de7445ff0b990ea9033ee3ced3545f1781d66de967977b5d64baec30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
application/x-javascript
date
Mon, 08 May 2023 17:04:04 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0hStZZAAAAACYG2aAtmZGS4RPU+CTZk4iRlJBMzFFREdFMDMxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
clarity.js
www.clarity.ms/s/0.7.7/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.7/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/307000698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d13b38445a994d5cca2bc90c0155435b3e0146d1d0dc7f3b667ef90c8df65329

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:04 GMT
content-encoding
br
last-modified
Tue, 02 May 2023 21:30:41 GMT
x-azure-ref-originshield
0VONXZAAAAABQ8kJJW8n2R4Qs8zZN90noRlJBMjMxMDUwNDE3MDQ5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DB4B547B27C2FD"
x-azure-ref
0hStZZAAAAADYyK7fOl1nS4NFyshPFULfRlJBMzFFREdFMDMxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
bdbee490-101e-0028-3c6d-804f73000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
ca_sg_expander_collapser.b4c32ab64fec.js
my.consumeraffairs.com/static/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_expander_collapser.b4c32ab64fec.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/ca_sg_lazyload.ea3f6c05d84b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8057ff3409ed56bcde73b878d4b5b7ae8726d642f94e24bbf29873c562681592
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-e63"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
1156
expires
Wed, 07 Jun 2023 17:04:05 GMT
ca_sg_validation.6d3825cbb162.js
my.consumeraffairs.com/static/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_validation.6d3825cbb162.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/ca_sg_lazyload.ea3f6c05d84b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8cc624997dbf84b4e20c3a4a8d29e4527f058387d7ee53a25a5ac3e3f17e5a1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-1eb0"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
1896
expires
Wed, 07 Jun 2023 17:04:05 GMT
progress-bar_simple.0037c779eae1.js
my.consumeraffairs.com/static/js/ 		667 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/progress-bar_simple.0037c779eae1.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/ca_sg_lazyload.ea3f6c05d84b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
64e19831b7363f972e3090241031298ea03a2768d2d4632921c641a2b424ee4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-29b"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
355
expires
Wed, 07 Jun 2023 17:04:05 GMT
ca_sg_tooltip_v2.js
my.consumeraffairs.com/static/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_tooltip_v2.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/ca_sg_load_on_demand.1a721aae232a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6bc25b0792d7d332aec85aadc97de1fca3367ca7c8188fc13039f941d4bbad19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541742-7070"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
8313
expires
Wed, 07 Jun 2023 17:04:05 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5F8DDE8244FA462F812154713E54E9B8&RedC=c.clarity.ms&MXFR=358B4B5513966A493E89585E179664B0
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5F8DDE8244FA462F812154713E54E9B8&MUID=106764F983266B1C26A977F282266A34
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5F8DDE8244FA462F812154713E54E9B8&MUID=106764F983266B1C26A977F282266A34
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 17:04:04 GMT
last-modified
Thu, 04 May 2023 15:33:28 GMT
server
Microsoft-IIS/10.0
etag
"6de038c69d7ed91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 17:04:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7941B4A21F5A409FA1A3949F3C7F7953 Ref B: FRAEDGE1920 Ref C: 2023-05-08T17:04:05Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5F8DDE8244FA462F812154713E54E9B8&MUID=106764F983266B1C26A977F282266A34
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
e.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.7/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://my.consumeraffairs.com
Date
Mon, 08 May 2023 17:04:05 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
ca_sg_fp.dafcfe5abd9a.js
my.consumeraffairs.com/static/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/ca_sg_fp.dafcfe5abd9a.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/ca_sg_lazyload.ea3f6c05d84b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
caff73be87da521787daccb33895a697ece0d34859ecbb731c2cfa4947f056f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-173c"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
1932
expires
Wed, 07 Jun 2023 17:04:06 GMT
collect
e.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.7/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://my.consumeraffairs.com
Date
Mon, 08 May 2023 17:04:06 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1036069066452108&ev=Microdata&dl=https%3A%2F%2Fmy.consumeraffairs.com%2Fdebt-relief%2Fget-started%2F%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_6768348%26utm_source%3Diterable%26utm_medium%3Demail%26conaffid%3D%257B%2522a%2522%3A%2522ca%2522%2C%2522s%2522%3A%2522it%2522%2C%2522m%2522%3A%2522em%2522%2C%2522uid%2522%3A%2522%2522%2C%2522cid%2522%3A%25226768348%2522%2C%2522cna%2522%3A%252220230506%2520XS%2520CLR%2522%2C%2522segment%2522%3A%2522abandon%2522%257D&rl=&if=false&ts=1683565446617&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20Matched%20With%20Your%20Best%20Debt%20Relief%20Company%20Today!%22%2C%22meta%3Adescription%22%3A%22Find%20The%20Best%20Debt%20Relief%20Company%20For%20You!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1683565445112.363413977&it=1683565444992&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 08 May 2023 17:04:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
my.consumeraffairs.com/api/uapi/bd/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/api/uapi/bd/
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/ca_sg_fp.dafcfe5abd9a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

rule-name
rule_2_202005272212.json | conf 45 | Debt / Credit / Tax Relief All in One Flow - 04.07.2023 by Kevin T | Catchall
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json
template-name
Test PDQ-10658 -v1 -SupAdesign 2.0
previous-referer
config-name
config_045_202108171926.json
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
X-CSRFToken
E4eKHqtLOBcx7sZZ6AiuQaTtvH8NvupdXBcQKwaykiQ94KdtZKeermBItYJCTLLc
page-type
category matching tool

Response headers

date
Mon, 08 May 2023 17:04:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
referrer-policy
same-origin
server
nginx
vary
Cookie, Origin
allow
PUT, OPTIONS
content-type
application/json
x-frame-options
ALLOWALL
access-control-allow-origin
https://my.consumeraffairs.com
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
collect
e.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.7/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://my.consumeraffairs.com
Date
Mon, 08 May 2023 17:04:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
/
my.consumeraffairs.com/api/v1/flows/execution/45774/0/ 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/api/v1/flows/execution/45774/0/
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/sb_question_flow_v2.c593ac497f6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
45b5bb8d2577ff8a81a0a168d7036d1b23605a8415a1078ab384fbbd794dfc86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

rule-name
rule_2_202005272212.json | conf 45 | Debt / Credit / Tax Relief All in One Flow - 04.07.2023 by Kevin T | Catchall
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json
template-name
Test PDQ-10658 -v1 -SupAdesign 2.0
previous-referer
config-name
config_045_202108171926.json
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
X-CSRFToken
E4eKHqtLOBcx7sZZ6AiuQaTtvH8NvupdXBcQKwaykiQ94KdtZKeermBItYJCTLLc
page-type
category matching tool

Response headers

date
Mon, 08 May 2023 17:04:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
referrer-policy
same-origin
content-encoding
br
server
nginx
vary
Cookie, Origin
allow
GET, POST, PATCH, DELETE, HEAD, OPTIONS
content-type
application/json
x-frame-options
ALLOWALL
access-control-allow-origin
https://my.consumeraffairs.com
access-control-allow-credentials
true
x-xss-protection
1; mode=block
sb_radio_button.1537d0f283a7.js
my.consumeraffairs.com/static/js/ 		3 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/sb_radio_button.1537d0f283a7.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/ca_sg_load_on_demand.1a721aae232a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
474a0336cc227d261a77bc484eff435b2aaa267350ed060fce7afd28b6eda57e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:08 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541744-a06"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
756
expires
Wed, 07 Jun 2023 17:04:08 GMT
step.69e6b2015c39e875e0e2.js
my.consumeraffairs.com/static/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/step.69e6b2015c39e875e0e2.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/sb_question_flow_v2.c593ac497f6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e9af5ebb524d30b1f9e1db250012a08e25d116b0da0545cc802d76da00aa9925
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:08 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541742-f0b"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
1015
expires
Wed, 07 Jun 2023 17:04:08 GMT
responsive-feedback-tooltip.161217ba52ec231db30f.js
my.consumeraffairs.com/static/js/ 		2 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/responsive-feedback-tooltip.161217ba52ec231db30f.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/sb_question_flow_v2.c593ac497f6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6fbdea27632c8177b487c2f599cf4aa05067940cd5a6108548cacb12c7024cc8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:08 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541742-857"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
683
expires
Wed, 07 Jun 2023 17:04:08 GMT
slide-panel-trigger.b1d1a9efe96f5e874b52.js
my.consumeraffairs.com/static/js/ 		647 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.consumeraffairs.com/static/js/slide-panel-trigger.b1d1a9efe96f5e874b52.js
Requested by
Host: my.consumeraffairs.com
URL: https://my.consumeraffairs.com/static/js/sb_question_flow_v2.c593ac497f6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.186.8.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-8-231.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
006bbb0f035d2610f9b2570439c3eb67418f06c1c14607596d9f498d92cfd0c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.consumeraffairs.com/debt-relief/get-started/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_6768348&utm_source=iterable&utm_medium=email&conaffid=%7B%22a%22:%22ca%22,%22s%22:%22it%22,%22m%22:%22em%22,%22uid%22:%22%22,%22cid%22:%226768348%22,%22cna%22:%2220230506%20XS%20CLR%22,%22segment%22:%22abandon%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:08 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
etag
"64541742-287"
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=2592000, public
content-length
346
expires
Wed, 07 Jun 2023 17:04:08 GMT
i.gif
collect.tealiumiq.com/consumeraffairs/main/2/ 		43 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/consumeraffairs/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.2.js?utv=ut4.48.202205171450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.129.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-129-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarypeywLM2tHLfqPKQQ

Response headers

date
Mon, 08 May 2023 17:04:08 GMT
x-serverid
uconnect_i-0a6d2027a3c75c65e
x-tid
0187fc51fd030021aeab09a19ab803073014a06b00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
consumeraffairs:main:2:datacloud
x-region
eu-central-1
content-length
43
pragma
no-cache
x-did
0187fc51fd030021aeab09a19ab803073014a06b00b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://my.consumeraffairs.com
x-ulver
9b1ec25f618f2852a333507ed7107ea8f8f4099c-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
cb93aea4-af0d-46a0-aa0e-af4fd296ac32
expires
Mon, 08 May 2023 17:04:08 GMT
utag.6.js
tags.tiqcdn.com/utag/consumeraffairs/main/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.6.js?utv=ut4.48.202305021452
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
u3yoLDY8FrpnFgSwQofgoh8pbdtNO.Q6
content-encoding
br
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
date
Mon, 08 May 2023 17:03:54 GMT
last-modified
Tue, 02 May 2023 14:52:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
30
x-amz-server-side-encryption
AES256
etag
W/"fe640101b0c634c51e6d82328516f734"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
Tn_IGegjeSZ62wqJklA1zsbZK3fvj4ysUjusL_YtiVtJju-crxhbrg==
utag.16.js
tags.tiqcdn.com/utag/consumeraffairs/main/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.16.js?utv=ut4.48.202305021452
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
bbmXDcYqTYy09BG.ci6Q3f_dVc432cqj
content-encoding
gzip
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
date
Mon, 08 May 2023 17:03:39 GMT
last-modified
Tue, 02 May 2023 14:52:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
31
x-amz-server-side-encryption
AES256
etag
W/"bb0726d3b7f3855f97ffeb3a13d61ffd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
si44rBUIeJRiGnzEINd4YVSAkCW9oXI1CFhLGHN2Jx-yTu2qjJjwgg==
utag.22.js
tags.tiqcdn.com/utag/consumeraffairs/main/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.22.js?utv=ut4.48.202305021452
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
0_abOdjXhhiXwz.X9LJHcPCXBNFgkHEw
content-encoding
br
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
date
Mon, 08 May 2023 17:03:38 GMT
last-modified
Tue, 02 May 2023 14:52:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
38
x-amz-server-side-encryption
AES256
etag
W/"c5a4744c87b4ae84385eb4bad277d26d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ZXykdIOtiwqcCDQkFQ3pie8XXtB-eEZu3yxdARElk7y7F9gekqmXZg==
utag.25.js
tags.tiqcdn.com/utag/consumeraffairs/main/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.25.js?utv=ut4.48.202305021452
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
53koLO3lUhyeAVFxEuuS7R59Avvqcxgk
content-encoding
br
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
date
Mon, 08 May 2023 17:03:38 GMT
last-modified
Tue, 02 May 2023 14:52:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
38
x-amz-server-side-encryption
AES256
etag
W/"7d6f94665b59e79d78e568c160a38ae9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
uEhGQJW23bhAJc32UueGfulDSJNLmEZlkwQtzbLVuOmFX7Hw4CukzA==
ld.js
dynamic.criteo.com/js/ld/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=44068
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:04:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8PLJNFV9S6N3MLDBAS0&lib=ttq
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.145 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-request-id
ec0e333.62ad0b1
date
Mon, 08 May 2023 17:04:09 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-23-208-17.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-)
x-parent-response-time
166,2.23.208.17
server-timing
cdn-cache; desc=MISS, edge; dur=127, origin; dur=40, inner; dur=3
content-length
1218
pragma
no-cache
server
nginx
x-tt-logid
20230508170409DD1CC422E27DB094878E
x-cache-remote
TCP_MISS from a23-48-215-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
40,23.48.215.204
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8b4971d49592ed40cf2e7fcebdb92f99cd7f62d5c4326d0c6c05d9562f7fd56526e663c365e08e30131417265d3fe722323a28282915996f9a8c2977f56d77fbff61efec9f5a842eb8dc979dc6f2ba5816798a61cdc11be921d5daec402369645
expires
Mon, 08 May 2023 17:04:09 GMT
01983f98-6bee-4473-addf-8444c70bd564.js
static.bouncepilot.com/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bouncepilot.com/01983f98-6bee-4473-addf-8444c70bd564.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7e00:10:b308:84c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 18:14:29 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Apr 2023 13:04:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
82201
x-amz-server-side-encryption
AES256
etag
"e8b3aa6892d89e7fa297cb215b41f227"
x-cache
Error from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
33917
x-amz-cf-id
GBdPmVMKHRYSKSubcuvNzhHqpiDnWodGYqRpqAfD048MkQAA4o4R4w==
D2464751D507A3.js
cdn.datasteam.io/js/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datasteam.io/js/D2464751D507A3.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/consumeraffairs/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 02:53:46 GMT
content-encoding
gzip
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 14:45:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
51102
etag
W/"a1e6d51fdb613b574f4aa22043acbb06"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=600,s-maxage=86400
x-amz-cf-id
AVruOxrQ1IvKNCQ_ELYytVmKwL4TPUSqsbPyusjH3ogujI-QGqaTtg==
syncframe
gum.criteo.com/ Frame D2E3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=my.consumeraffairs.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=44068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 17:04:09 GMT
server
Kestrel
server-processing-duration-in-ticks
504376
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame D2E3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=consumeraffairs.com&sn=ChromeSyncframe&so=0&topUrl=my.consumeraffairs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=VvABZ3xNYWhpc2V5aGIwVFR2Y01vMmcvMlUvNjJQSkJqSU1PTVpnMFIzbGZmaE9LeXpXSHJEN0llVG1TQ2ZrM0dzWExZeFRZZlJ3QncyNVBWLzVDWDM5cEhlR0UzbXlhZ01qZXZ5S05lN3dXREtsY3pNRnpoWnU3OEV1bF...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=VvABZ3xNYWhpc2V5aGIwVFR2Y01vMmcvMlUvNjJQSkJqSU1PTVpnMFIzbGZmaE9LeXpXSHJEN0llVG1TQ2ZrM0dzWExZeFRZZlJ3QncyNVBWLzVDWDM5cEhlR0UzbXlhZ01qZXZ5S05lN3dXREtsY3pNRnpoWnU3OEV1bFpwcHppZGI2dzdTcEtRcnlYc3NXZ2U1Z05sT0tSd2VVMzZndnZuWjg2aGVMYkRqNFlRVXl5VWo4aUt6OEQwVTkwY29rcXpHWnVlUzczUGRMZmNYQ0RWUWROS0ZUTXdPMGJhM3ZPd0tvYm9jR2FOaWpkWTByTlRQdCtDV0xUbUpNbWlNYlZhVzFHT3BQcWV0RStnU0J5Ty85SlM3SmVnelBQR2lZRnRYNktMT1liZTBwWm9mTT18&cppv=2
Protocol
H2
Server
178.250.7.13 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 17:04:09 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3705256
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 17:04:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=VvABZ3xNYWhpc2V5aGIwVFR2Y01vMmcvMlUvNjJQSkJqSU1PTVpnMFIzbGZmaE9LeXpXSHJEN0llVG1TQ2ZrM0dzWExZeFRZZlJ3QncyNVBWLzVDWDM5cEhlR0UzbXlhZ01qZXZ5S05lN3dXREtsY3pNRnpoWnU3OEV1bFpwcHppZGI2dzdTcEtRcnlYc3NXZ2U1Z05sT0tSd2VVMzZndnZuWjg2aGVMYkRqNFlRVXl5VWo4aUt6OEQwVTkwY29rcXpHWnVlUzczUGRMZmNYQ0RWUWROS0ZUTXdPMGJhM3ZPd0tvYm9jR2FOaWpkWTByTlRQdCtDV0xUbUpNbWlNYlZhVzFHT3BQcWV0RStnU0J5Ty85SlM3SmVnelBQR2lZRnRYNktMT1liZTBwWm9mTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
427769
content-length
0
expires
0
main.MWI2MzlmMWJmMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		257 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8PLJNFV9S6N3MLDBAS0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.145 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-request-id
62ad0e8
date
Mon, 08 May 2023 17:04:09 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202305081131206FB06E2DBB3D5A1B6569
vary
Accept-Encoding
x-cache
TCP_HIT from a2-23-208-17.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
013a839d79b75bacf79d1bdda3f12b24958e276d2b3b9018f46612949ed31bcd1d81823f64d5c23b97a2d7faa6cbbb3a911775512f47dd317ae9316e49b364e81ede0858a717261cdadeb584110340e0038cf8c410f4ebe06f368aa28c2d0bf4fd
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
69809
/
my.consumeraffairs.com/api/uapi/e/ 		0
0
identify_738b3.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.145 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-request-id
62ad0f4
date
Mon, 08 May 2023 17:04:09 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202305081131209B3415A8E5F1AF0C6C45
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-23-208-17.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01b43c1c169fcabae13230a698961c1dc2cf30fe478ac67f0810c6f36698e97ce223c39635d0eb173c5aba5e5107368b749e95f989bede14fb80ea69e25d72d7eb7bbcb18e2f9dc1831dc8fae83668db6071fb2470224eacb7b0740d7de96ec7b8
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
30824
pixel
analytics.tiktok.com/api/v2/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.consumeraffairs.com
URL
https://my.consumeraffairs.com/api/uapi/e/
Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/api/v2/pixel

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dimensions object| dataLayer object| utag_data object| CAContent string| advertisingDisclosure boolean| utag_condload number| customDelay object| utag object| uetq boolean| __tealium_twc_switch object| errorContext boolean| CALoadScriptsOnDemand boolean| ScrollThrottledBroadcaster string| CSRF_COOKIE_NAME object| APIClient object| CAUApi object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData object| webpackChunk_consumeraffairs_silverback_frontent object| __SENTRY__ object| CAUApiEvent object| caModal function| TriggerAction function| CAPhoneProvider string| gtagRename function| fbq function| _fbq function| UET function| UET_init function| UET_push object| ueto_1d6ec32fce function| clarity object| clarityuetq object| CAExpanderCollapser

32 Cookies

Domain/Path Name / Value
links.consumeraffairs.com/ Name: XSRF-TOKEN
Value: 61f63db35d3d94778c83d3859c9ea3e21acfeb84-1683565443424-87dd9ff99f3926d82ddd4875
my.consumeraffairs.com/ Name: __uzma
Value: 4bcdd85b-552e-4b65-92dc-13ad0289fba2
my.consumeraffairs.com/ Name: __uzmb
Value: 1683565443
.consumeraffairs.com/ Name: sbcsrftoken
Value: E4eKHqtLOBcx7sZZ6AiuQaTtvH8NvupdXBcQKwaykiQ94KdtZKeermBItYJCTLLc
.consumeraffairs.com/ Name: CA_LAND_PAGE
Value: "eyJjb25hZmZpZCI6IHsiYSI6ICJjYSIsICJzIjogIml0IiwgIm0iOiAiZW0iLCAidWlkIjogIiIsICJjaWQiOiAiNjc2ODM0OCIsICJjbmEiOiAiMjAyMzA1MDYgWFMgQ0xSIiwgInNlZ21lbnQiOiAiYWJhbmRvbiJ9fQ=="
.consumeraffairs.com/ Name: CA_SESSION_ID
Value: "MzMwMWU5YmZjNmE3NGNlM2IxMTlmNmFiYTFmMmIzZTc="
.consumeraffairs.com/ Name: sbsessionid
Value: qnydlf07np66upejx3c9gj7026zq91yv
.consumeraffairs.com/ Name: _gcl_au
Value: 1.1.1390235099.1683565445
.consumeraffairs.com/ Name: _ga
Value: GA1.2.428045668.1683565443
.consumeraffairs.com/ Name: _gid
Value: GA1.2.1209985679.1683565445
.consumeraffairs.com/ Name: _gat_UA-12322096-15
Value: 1
.consumeraffairs.com/ Name: bounceCookie
Value: true
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.consumeraffairs.com/ Name: _uetsid
Value: 568987d0edc211ed887f658d846b4427
.consumeraffairs.com/ Name: _uetvid
Value: 5689b4a0edc211ed9c7e4b1eb29c056e
.tealiumiq.com/ Name: TAPID
Value: consumeraffairs/main>0187fc51fd030021aeab09a19ab803073014a06b00b08|
.bing.com/ Name: MUID
Value: 106764F983266B1C26A977F282266A34
.consumeraffairs.com/ Name: _fbp
Value: fb.1.1683565445112.363413977
www.clarity.ms/ Name: CLID
Value: 66e0fcbe89e04df5b1b14afae3e86c68.20230508.20240507
.consumeraffairs.com/ Name: _clck
Value: 1lyz39g|1|fbf|0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 106764F983266B1C26A977F282266A34
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 106764F983266B1C26A977F282266A34
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.consumeraffairs.com/ Name: _clsk
Value: w5s0ol|1683565445834|1|1|e.clarity.ms/collect
.consumeraffairs.com/ Name: CA_TARGET
Value: "eyJpcF9hZGRyZXNzIjogIjE4NS4yMTMuMTU1LjE2NiIsICJ1c2VyX2FnZW50IjogIk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTMuMC41NjcyLjYzIFNhZmFyaS81MzcuMzYiLCAiYnJvd3Nlcl9kYXRhIjogeyJjYW5UcmFja1VzZXIiOiB0cnVlLCAic2NyZWVuUmVzb2x1dGlvbiI6ICIxNjAweDEyMDAiLCAidXNlT2ZMb2NhbFN0b3JhZ2UiOiB0cnVlLCAiaXNDYW52YXNTdXBwb3J0ZWQiOiB0cnVlLCAid2ViZ2xWZW5kb3IiOiAiSW50ZWwgSW5jLiIsICJ3ZWJnbFJlbmRlcmVyIjogIkludGVsIElyaXMgT3BlbkdMIEVuZ2luZSIsICJsYW5ndWFnZSI6ICJlbi1VUyIsICJwbGF0Zm9ybSI6ICJXaW4zMiIsICJoYXNBZGJsb2NrIjogZmFsc2V9fQ=="
my.consumeraffairs.com/ Name: __uzmc
Value: 802132248568
my.consumeraffairs.com/ Name: uzdbm_a
Value: 534f4875-8a48-88b2-2564-430c777dc5c0
my.consumeraffairs.com/ Name: __uzmd
Value: 1683565448
.consumeraffairs.com/ Name: utag_main
Value: v_id:0187fc51fd030021aeab09a19ab803073014a06b00b08$_sn:1$_se:3$_ss:0$_st:1683567248899$ses_id:1683565444357%3Bexp-session$_pn:1%3Bexp-session$dc_visit:1$dc_event:3%3Bexp-session$dc_region:eu-central-1%3Bexp-session

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.datasteam.io
collect.tealiumiq.com
connect.facebook.net
dynamic.criteo.com
e.clarity.ms
googleads.g.doubleclick.net
gum.criteo.com
links.consumeraffairs.com
media.consumeraffairs.com
mug.criteo.com
my.consumeraffairs.com
static.bouncepilot.com
stats.g.doubleclick.net
tags.tiqcdn.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
analytics.tiktok.com
my.consumeraffairs.com
143.204.215.125
178.250.7.13
192.229.233.28
2.23.209.145
20.62.48.180
2600:9000:223e:3e00:7:2bfb:7c00:93a1
2600:9000:223f:7e00:10:b308:84c0:93a1
2600:9000:2250:d400:10:53d4:f0c0:93a1
2620:1ec:4f:1::45
2620:1ec:c11::200
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c09::9d
2a02:2638:3::e
2a02:2638:d::d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f13d:83:face:b00c:0:25de
52.57.129.72
54.186.8.231
68.219.88.97
006bbb0f035d2610f9b2570439c3eb67418f06c1c14607596d9f498d92cfd0c0
07657e6ef7fb5e9823227480f9aefe4f929804bb761fc118542c6884264bec9d
0ad92d213df4bf1d48ba7e9f4a7d957fe055e3949526ed977e32ae9ff8f86fcb
0b91833553bfd2d45bac8518f93d5752c344937f8c4f19d78163ebbbf2e6baa1
178e13aff3754a6ca88da52547498f279ead30c409451b16574dd9f9cc9bab7a
1a7324d7d8196dfb228ce481c1e440694576173b1061d48790ae043b336df868
2236fdcf1b0bbf58f47db66126a373c2391236c02f4ed66e155652befe614ddd
354db991f9bb03b338a4b57890bd6be508969da1fa25dd40f03a9d7c97a56b5d
3942b25ef8e7a5e7ec20f2418525b9cd94f5ea58725de1a905b085fc37fcffd0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b5bb8d2577ff8a81a0a168d7036d1b23605a8415a1078ab384fbbd794dfc86
474a0336cc227d261a77bc484eff435b2aaa267350ed060fce7afd28b6eda57e
487a6280c08cddd4ea9e37ac5738ef2c77e53e25d4eef8b23765835e593763d7
56a0b142fdffaf1254931c18997ad7a82dea096efc2b79be152a8d73dcc3be77
5b3827fcbedb448acf4907e8963723d825568d68dc97dc1113c682aa8459cd00
6482a9ed7115d9326f9883942a70d4bdf5b2b69c02f8a4ee633d5a5c5b5cf8ed
64e19831b7363f972e3090241031298ea03a2768d2d4632921c641a2b424ee4c
66702e597f096c575d6845e1a967d82d5906aa963363390ba2f2eaa5bf3a4307
6a2363a9b1350d1dc4915e500e16b595a416cd053add335bc6d2da601b572635
6bc25b0792d7d332aec85aadc97de1fca3367ca7c8188fc13039f941d4bbad19
6fbdea27632c8177b487c2f599cf4aa05067940cd5a6108548cacb12c7024cc8
7c76d1999f061d5e0b2058226c1107840178d87e72c8b10bc7fcb453b37406a1
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8057ff3409ed56bcde73b878d4b5b7ae8726d642f94e24bbf29873c562681592
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cc624997dbf84b4e20c3a4a8d29e4527f058387d7ee53a25a5ac3e3f17e5a1d
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
95a50ca8b013e5ad54fb134f0db6e8d07fa364173edbb51ef96639a6ac5c1161
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
abadf5445791567e3e30df90a1e6c00f7fc4c6241df1871025bab2b308c64adc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b807a8926b3a6c99ff43195526fb0bd679870f85a2b31bbfb2d89ca876f85ce2
bc734eb7940113bb40c7add09236345188b6826eb6c2f694cbac94f1be5025d9
c3d17e050f025e17c0303ac0b27f9359156b154f800feb66ddb65fe1eaa0f8ff
c47aedd1de7445ff0b990ea9033ee3ced3545f1781d66de967977b5d64baec30
c56fdf6f07445341dc84401fd891f5e0639648ac085d1d7f4b76055d11c8bffe
c834a84f6a19d328a4362df89d065a559def51b0975f5406ba8950318c1723c0
caff73be87da521787daccb33895a697ece0d34859ecbb731c2cfa4947f056f4
ce007cf4c1d65cb70b68d81c13d5754033b70183951456f06cccdca0bdf049d6
d13b38445a994d5cca2bc90c0155435b3e0146d1d0dc7f3b667ef90c8df65329
d145cfce3424aa95106a585c14ace850fdf1be525c66a0a10d9303fd9262ed2f
d44ec42b8e028423879dd789349f6d4c2551e49048c36bd771669f6491d5e7a7
df9717b2943d60f3e88b5e69da2e5884148607a635760b8f4b7b0602a8cb3dcb
e2a4b236abae8cc28df07924ff45b0720c0139977390c8625d1eeca03c1e880a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e97991cb9e18128abbac6e7ff61834631340e6deb34f64fed6c6f624499abab8
e9af5ebb524d30b1f9e1db250012a08e25d116b0da0545cc802d76da00aa9925
ea63980109f2bc692d071aef2c6442ca4b06e34d54a79f47f1d1267c55730567
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffa0a46d5b48e439d752767529efab618d418b523434a4293e21134e97068d7d