usdebtsrelief.com Open in urlscan Pro
185.199.108.153 Public Scan

Software

API Gateway /

Resource Hash

1c861c26773390863ae121a67ec84609a45d31dc45c36c13cca0f456b92f53c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
Referer: https://usdebtsrelief.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 40
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://usdebtsrelief.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116
date: Sun, 22 Dec 2024 03:34:27 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame CDCB 0
0 288ms
121ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=9388e131-13d6-4574-b03c-225076859734&u_scsid=5928a784-fc39-4ef0-9046-e296e2d7389f&u_sclid=c0299025-ee0d-422c-9bff-f2e8a45862fc

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://usdebtsrelief.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Sun, 22 Dec 2024 03:34:27 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 6af79389-7d6f-4a44-81c2-2cd8503c529c.js Show response
tr.snapchat.com/config/com/ 209 B
478 B 258ms
158ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/6af79389-7d6f-4a44-81c2-2cd8503c529c.js?v=3.35.0-2412161852

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

API Gateway /

Resource Hash

97eb0e9b7b363627424d9651c9882d42b1c92050ae96c720c92de07e7600c0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://usdebtsrelief.com
Referer: https://usdebtsrelief.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 37
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://usdebtsrelief.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
date: Sun, 22 Dec 2024 03:34:27 GMT
content-type: application/javascript
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 36FA 0
0 286ms
122ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=6af79389-7d6f-4a44-81c2-2cd8503c529c&u_scsid=5928a784-fc39-4ef0-9046-e296e2d7389f&u_sclid=c0299025-ee0d-422c-9bff-f2e8a45862fc

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://usdebtsrelief.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Sun, 22 Dec 2024 03:34:27 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 411A 0
0 432ms
150ms Document
text/html 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fusdebtsrelief.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16515592872

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 03:34:27 GMT
expires: Mon, 22 Dec 2025 03:34:27 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 437359512045691 Show response
connect.facebook.net/signals/config/ 116 KB
23 KB 281ms
280ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/437359512045691?v=2.9.179&r=stable&domain=usdebtsrelief.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c8f5cff8dc0b58ee3b32b994f717664a8b64376a29bd98da9c7558a219129bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-H8KQIH5B' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 03:34:27 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-H8KQIH5B' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=139, rtx=0, c=80, mss=1232, tbw=74399, tp=71, tpl=0, uplat=143, ullat=1
pragma: public
x-fb-debug: 5X642QTrPbqDVabI6kNs6XQ/xitCUI/f14tFeJGhmIYFN1zYsxXLc/aSQ0XY5klmgQFq8SKk7c04/PRuqerI9w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 main.MWE1OTI4NzI4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 352 KB
98 KB 137ms
136ms Script
application/javascript 184.28.190.65
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRTUIM3C77U230TJMH20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.65 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-28-190-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ba3710ffb62361879a717271253bcda8d3a4d1c61f22abc95e00181ca2fea228

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

x-cache: TCP_HIT from a184-28-190-54.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-241219132427616204D699A01EDFEC0C-3D1C5C6118349896-00
content-length: 99316
date: Sun, 22 Dec 2024 03:34:27 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241219132427616204D699A01EDFEC0C
server: nginx
x-akamai-request-id: 2d1c9519
x-tt-trace-host: 010b55045b8ff78959746cc7f2ee46012ecaa12012f3c1402584400d7c12a929adf22291463e3aacf2c746b98647ea81baf01d6d5ad52c9160b6077741ff96f9505f3c5391d9704b43dfe475be5042744b0222b4c28d99b76bbe7ba3638499f44f

POST
H2 200 p
tr.snapchat.com/ 0
240 B 276ms
128ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://usdebtsrelief.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 7
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://usdebtsrelief.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 22 Dec 2024 03:34:27 GMT
server: API Gateway

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 2545ms
2054ms XHR
application/json 52.49.166.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=5217936&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.49.166.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-166-168.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9e568db95bb2fbae89fed5cdf6ba8baff15f9e4e0caae88ce70619fbe0611398

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://usdebtsrelief.com/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Sun, 22 Dec 2024 03:34:30 GMT
content-type: application/json

GET
H3 200 1035803981365563 Show response
connect.facebook.net/signals/config/ 33 KB
5 KB 231ms
231ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1035803981365563?v=2.9.179&r=stable&domain=usdebtsrelief.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C135%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C199%2C127%2C128%2C147%2C174%2C160%2C119%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C154%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a82f573f9e8d1909100d41a30fa175aca7b74f3aa456e4e72ce5c431b4f90413

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-IdpU0Qw4' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 03:34:27 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-IdpU0Qw4' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=136, rtx=0, c=100, mss=1232, tbw=99007, tp=95, tpl=0, uplat=91, ullat=0
pragma: public
x-fb-debug: q+v3Ap3xMN00L4M5b1OMjKqyMJ1cV9zYmFM6TH55DRPeJP1STqMM/0ka/vQ23X1DKs0zpATXalVYbw3nLq15NA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 313ms
147ms Image
text/plain 157.240.245.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=437359512045691&ev=PageView&dl=https%3A%2F%2Fusdebtsrelief.com&rl=&if=false&ts=1734838467743&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1734838467736.624802360345189461&cs_est=true&pm=1&hrl=c90fe6&ler=empty&cdl=API_unavailable&it=1734838467313&coo=false&tm=1&cs_cc=1&cas=9643668365662076%2C9004689679625254%2C9619717264723800%2C7881680638627415%2C8243023372442037%2C8446210542159898%2C26840613282249947%2C8400783803298224%2C8101990926515366%2C8092187530864966%2C7874421466020287%2C26906341815631176%2C8443663179031903%2C8245828205464071%2C8048595561883737%2C8111348708901549%2C7982557245197044%2C8618472678183520%2C8010908229021605%2C8074339489285980%2C8500305153336906%2C8340215569375588%2C8256708427783611%2C8014844218595689%2C8099428726799896%2C7367221556711363%2C8340149386016411%2C8208076972575607%2C8204634732914939%2C8317322724977638%2C7810245182368069%2C7347269045350022%2C27219109701037998%2C8602149233214721%2C8598183290271503%2C7745324908862513%2C7199925630132952%2C7369993219735803%2C25210424261936484&rqm=GET

Requested by

Host: usdebtsrelief.com
URL: https://usdebtsrelief.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.245.35 Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=144, rtx=0, c=24, mss=1232, tbw=8282, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 22 Dec 2024 03:34:27 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 397ms
232ms Image
image/png 157.240.245.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=437359512045691&ev=PageView&dl=https%3A%2F%2Fusdebtsrelief.com&rl=&if=false&ts=1734838467743&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1734838467736.624802360345189461&cs_est=true&pm=1&hrl=c90fe6&ler=empty&cdl=API_unavailable&it=1734838467313&coo=false&tm=1&cs_cc=1&cas=9643668365662076%2C9004689679625254%2C9619717264723800%2C7881680638627415%2C8243023372442037%2C8446210542159898%2C26840613282249947%2C8400783803298224%2C8101990926515366%2C8092187530864966%2C7874421466020287%2C26906341815631176%2C8443663179031903%2C8245828205464071%2C8048595561883737%2C8111348708901549%2C7982557245197044%2C8618472678183520%2C8010908229021605%2C8074339489285980%2C8500305153336906%2C8340215569375588%2C8256708427783611%2C8014844218595689%2C8099428726799896%2C7367221556711363%2C8340149386016411%2C8208076972575607%2C8204634732914939%2C8317322724977638%2C7810245182368069%2C7347269045350022%2C27219109701037998%2C8602149233214721%2C8598183290271503%2C7745324908862513%2C7199925630132952%2C7369993219735803%2C25210424261936484&rqm=FGET

Requested by

Host: usdebtsrelief.com
URL: https://usdebtsrelief.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.245.35 Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451074484106111604"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3c9e3b5d3b719d31","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["25492972423681649"]},"debug_reporting":true,"debug_key":"969241382134981731"}
date: Sun, 22 Dec 2024 03:34:28 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451074484106111604", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: /q6chyIdzh43HXY8EJ3J9MDN9pJ8wXTG4DeUutoE0wslvhqhvYU08r2+MbfoHJ/HFmmCybpx3GCtbnJseWj3Mw==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=144, rtx=0, c=24, mss=1232, tbw=8602, tp=16, tpl=0, uplat=85, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3

200

/
www.google.com/pagead/1p-conversion/16515592872/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16515592872/?random=1372484492&cv=11&fst=1734838467245&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=10...
https://www.google.com/pagead/1p-conversion/16515592872/?random=1372484492&cv=11&fst=1734838467245&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102...

42 B
64 B

161ms
159ms

Image
image/gif

142.250.65.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/16515592872/?random=1372484492&cv=11&fst=1734838467245&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&label=mbVnCNaGyqsZEKjln8M9&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&gtm_ee=1&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIzK3m9Li6igMVCTaICR2PBycpMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3VzZGVidHNyZWxpZWYuY29tL0JXQ2hBSWdPdVp1d1lRbDhxNHg2S1B6cTVfRWkwQXJSVTlyRnNPYXNXNklQYk5xX2J0aV8zOWZhbW00Y1BUd3FURkc4YTFFOUpfOG5rZXQ0b3d2ZnhBZENr&is_vtc=1&cid=CAQSKQCa7L7dukIJWvP9ueM_jAaeGhDrB1BxI4HMbapKgGhjc9s5htbafkXm&random=2569217574

Requested by

Host: usdebtsrelief.com
URL: https://usdebtsrelief.com/

Protocol

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Dec 2024 03:34:28 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://www.google.com/pagead/1p-conversion/16515592872/?random=1372484492&cv=11&fst=1734838467245&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&label=mbVnCNaGyqsZEKjln8M9&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&gtm_ee=1&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIzK3m9Li6igMVCTaICR2PBycpMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3VzZGVidHNyZWxpZWYuY29tL0JXQ2hBSWdPdVp1d1lRbDhxNHg2S1B6cTVfRWkwQXJSVTlyRnNPYXNXNklQYk5xX2J0aV8zOWZhbW00Y1BUd3FURkc4YTFFOUpfOG5rZXQ0b3d2ZnhBZENr&is_vtc=1&cid=CAQSKQCa7L7dukIJWvP9ueM_jAaeGhDrB1BxI4HMbapKgGhjc9s5htbafkXm&random=2569217574
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Sun, 22 Dec 2024 03:34:27 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 135ms
135ms Script
application/javascript 184.28.190.65
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.65 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-28-190-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

x-cache: TCP_MEM_HIT from a184-28-190-54.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=29
x-tt-trace-id: 00-24111505023228033227CE92850E9FBD-1ACA3624672FFF51-00
content-length: 39429
date: Sun, 22 Dec 2024 03:34:27 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024111505023228033227CE92850E9FBD
server: nginx
x-akamai-request-id: 2d1c9591
x-tt-trace-host: 01759c23b20d3b6ba0727dc070199f857bdfa545c0fc0c0cf20a540c840bb2f567fc31a9552027527050de60ae7e735382fc6132f38c63f118fb804d22e4a03059dff87731c5632b190489143b3100de13e9f5ee2df4ab86102f01598dee863020

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
718 B 170ms
168ms Ping
text/plain 184.28.190.65
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.65 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-28-190-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://usdebtsrelief.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 22 Dec 2024 03:34:27 GMT
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=12, origin; dur=24
x-cache: TCP_MISS from a184-28-190-54.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 03:34:27 GMT
x-akamai-request-id: 2d1c9597
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012180f69a7f42a71d0771def4c5a9037289b3c0119577bb75cc2aa31e3a831daa08fb2c81d2dc7cb0b34cd6534a61f8174aac888ee8ea2549c6f100946725b398054880004a91b39059f820af742ae2b47bc91d940cb5fca329b31cdf846acaeb
x-origin-response-time: 24,184.28.190.54
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241222033427F96A0373E2514F00D3E6-7073A9C8672BE209-00
content-length: 0
x-tt-logid: 20241222033427F96A0373E2514F00D3E6
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
717 B 171ms
170ms Ping
text/plain 184.28.190.65
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.65 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-28-190-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://usdebtsrelief.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 22 Dec 2024 03:34:27 GMT
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=8, origin; dur=27
x-cache: TCP_MISS from a184-28-190-54.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 03:34:27 GMT
x-akamai-request-id: 2d1c9598
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012180f69a7f42a71d0771def4c5a9037289b3c0119577bb75cc2aa31e3a831daa4edacbe39d774c36a1245d8cedb9446284f28c3b48aaa84f8195deafc2dd556a9bbb658e248dcebcec3e87ce200235c41f1d41ee6eb87796c3e934c279043efa
x-origin-response-time: 27,184.28.190.54
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241222033427D8964AF77A1048E62FF1-48189AD60994CB05-00
content-length: 0
x-tt-logid: 20241222033427D8964AF77A1048E62FF1
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
719 B 476ms
474ms Ping
text/plain 184.28.190.65
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.65 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-28-190-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://usdebtsrelief.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 22 Dec 2024 03:34:28 GMT
server-timing: inner; dur=286, cdn-cache; desc=MISS, edge; dur=17, origin; dur=314
x-cache: TCP_MISS from a184-28-190-54.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 03:34:28 GMT
x-akamai-request-id: 2d1c9599
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012180f69a7f42a71d0771def4c5a9037289b3c0119577bb75cc2aa31e3a831daaa6328775090cc1aa18aa715651009f30aacb58a9ff63c3bafc554c420e1141eb2c891a685317da2e1c6a9de120c33832b24a1bc6607bba0d3cdde4a88e9ff66c
x-origin-response-time: 314,184.28.190.54
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24122203342723325DF6AC841075A32C-553BB1A427CA71A0-00
content-length: 0
x-tt-logid: 2024122203342723325DF6AC841075A32C
server: nginx

GET
H3 200 /
www.google.com/pagead/1p-user-list/16515592872/ 42 B
64 B 157ms
157ms Image
image/gif 142.250.65.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16515592872/?random=1734838467216&cv=11&fst=1734836400000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dX7Ac6S-vVKYC2tCW9vgOQ9c5OP1Iyw&random=585555523&rmt_tld=0&ipr=y

Requested by

Host: usdebtsrelief.com
URL: https://usdebtsrelief.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Dec 2024 03:34:27 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 201 sessions Show response
www.marketcall.com/api/v1/widget/calltracking/ 219 B
749 B 497ms
216ms Fetch
application/json 167.71.172.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marketcall.com/api/v1/widget/calltracking/sessions
Requested by: Host: marketcall.com
URL: https://marketcall.com/js/mc-calltracking.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.71.172.24 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: marketcall.com
Software: nginx / PHP/7.4.23
Resource Hash: b73a83e7ea4d7d072bc64af7acb133d4531f1fc13b2599356e721b870ad7ffda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://usdebtsrelief.com/

Response headers

x-request-id: aee11f33-7584-4b41-9e57-bfdff7e0bf45
access-control-allow-origin: *
cache-control: no-cache, private
date: Sun, 22 Dec 2024 03:34:28 GMT
content-type: application/json
x-powered-by: PHP/7.4.23
server: nginx

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16684506815/ 4 KB
2 KB 161ms
160ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16684506815/?random=1734838467851&cv=11&fst=1734838467851&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16684506815&l=dataLayer&cx=c&gtm=45je4cc1v9200794983za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

2e04576bc6d986615e4a28577c75b074f92ebc51200b530a85b0ec218f69c111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2243
date: Sun, 22 Dec 2024 03:34:27 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16684506815
td.doubleclick.net/td/rul/ Frame 0C49 0
0 160ms
159ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16684506815?random=1734838467851&cv=11&fst=1734838467851&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16684506815&l=dataLayer&cx=c&gtm=45je4cc1v9200794983za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usdebtsrelief.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 03:34:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/16684506815/ 5 KB
3 KB 159ms
158ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/16684506815/?random=1734838467892&cv=11&fst=1734838467892&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&label=pROrCMaardMZEL-95ZM-&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&gtm_ee=1&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16684506815&l=dataLayer&cx=c&gtm=45je4cc1v9200794983za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

40d08af356ecf25e1fc4a5989cdfa666aedb1c34e34add08a8be80a0d5c41f87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2575
date: Sun, 22 Dec 2024 03:34:27 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16684506815
td.doubleclick.net/td/rul/ Frame 8756 0
0 161ms
159ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16684506815?random=1734838467892&cv=11&fst=1734838467892&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&label=pROrCMaardMZEL-95ZM-&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&gtm_ee=1&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16684506815&l=dataLayer&cx=c&gtm=45je4cc1v9200794983za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usdebtsrelief.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 03:34:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16673419801/ 4 KB
2 KB 162ms
161ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16673419801/?random=1734838467925&cv=11&fst=1734838467925&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16673419801&l=dataLayer&cx=c&gtm=45je4cc1v9200794983za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

0463d790f4c855ee79a1796dffd3316d3b411008108fd48a162ce2c55be9ff68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2240
date: Sun, 22 Dec 2024 03:34:28 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16673419801
td.doubleclick.net/td/rul/ Frame 360C 0
0 161ms
160ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16673419801?random=1734838467925&cv=11&fst=1734838467925&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16673419801&l=dataLayer&cx=c&gtm=45je4cc1v9200794983za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usdebtsrelief.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 03:34:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/16673419801/ 5 KB
3 KB 163ms
162ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/16673419801/?random=1734838467965&cv=11&fst=1734838467965&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&label=1nURCPac4MoZEJnkwI4-&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&gtm_ee=1&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16673419801&l=dataLayer&cx=c&gtm=45je4cc1v9200794983za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

ab5c205455ee45576cd93594c5896ad3eac15d07ffc9d803a4d87465af03aea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2563
date: Sun, 22 Dec 2024 03:34:28 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16673419801
td.doubleclick.net/td/rul/ Frame DEBB 0
0 163ms
160ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16673419801?random=1734838467965&cv=11&fst=1734838467965&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&label=1nURCPac4MoZEJnkwI4-&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&gtm_ee=1&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16673419801&l=dataLayer&cx=c&gtm=45je4cc1v9200794983za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usdebtsrelief.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 03:34:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 146ms
146ms Image
text/plain 157.240.245.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1035803981365563&ev=PageView&dl=https%3A%2F%2Fusdebtsrelief.com&rl=&if=false&ts=1734838468003&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1734838467736.624802360345189461&pm=1&hrl=5681b2&ler=empty&cdl=API_unavailable&it=1734838467313&coo=false&tm=1&cs_cc=1&cas=9643668365662076%2C9619717264723800%2C8243023372442037%2C8101990926515366%2C7874421466020287%2C8443663179031903%2C8245828205464071%2C8111348708901549&rqm=GET

Requested by

Host: usdebtsrelief.com
URL: https://usdebtsrelief.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.245.35 Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=144, rtx=0, c=24, mss=1232, tbw=12442, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 22 Dec 2024 03:34:28 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 188ms
187ms Image
image/png 157.240.245.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1035803981365563&ev=PageView&dl=https%3A%2F%2Fusdebtsrelief.com&rl=&if=false&ts=1734838468003&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1734838467736.624802360345189461&pm=1&hrl=5681b2&ler=empty&cdl=API_unavailable&it=1734838467313&coo=false&tm=1&cs_cc=1&cas=9643668365662076%2C9619717264723800%2C8243023372442037%2C8101990926515366%2C7874421466020287%2C8443663179031903%2C8245828205464071%2C8111348708901549&rqm=FGET

Requested by

Host: usdebtsrelief.com
URL: https://usdebtsrelief.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.245.35 Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451074484348248613"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 03:34:28 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451074484348248613", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: b1yq5iLHutZ2zKjwYUgi7W6KTAuKckSgzPI4yiZpsCREof/NGgEzvPDrOJGSGVveTzBu8hBIzMsNlABFIKtoBA==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=145, rtx=0, c=26, mss=1232, tbw=12782, tp=28, tpl=0, uplat=40, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
718 B 189ms
187ms Ping
text/plain 184.28.190.65
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.65 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-28-190-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://usdebtsrelief.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 22 Dec 2024 03:34:28 GMT
server-timing: inner; dur=35, cdn-cache; desc=MISS, edge; dur=8, origin; dur=46
x-cache: TCP_MISS from a184-28-190-54.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 03:34:28 GMT
x-akamai-request-id: 2d1c95cf
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012180f69a7f42a71d0771def4c5a9037289b3c0119577bb75cc2aa31e3a831daa4edacbe39d774c36a1245d8cedb94462e2d79f1cce4505342528f54ade630ac2dca448d480d4e947a46b1911dd111d25d99e70fbfb8afeb73166c6735f9135b6
x-origin-response-time: 46,184.28.190.54
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241222033428D8964AF77A1048E62FFE-4559F1BB5DCA7272-00
content-length: 0
x-tt-logid: 20241222033428D8964AF77A1048E62FFE
server: nginx

GET
H3 200 /
www.google.com/pagead/1p-user-list/16684506815/ 42 B
64 B 156ms
156ms Image
image/gif 142.250.65.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16684506815/?random=1734838467851&cv=11&fst=1734836400000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dZL18O4hYvsztrjOkcVNhE6_Kgpt7lRUdmTG7F7GuL64yND_h&random=2459168914&rmt_tld=0&ipr=y

Requested by

Host: usdebtsrelief.com
URL: https://usdebtsrelief.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Dec 2024 03:34:28 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.com/pagead/1p-conversion/16684506815/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16684506815/?random=1249377108&cv=11&fst=1734838467892&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=...
https://www.google.com/pagead/1p-conversion/16684506815/?random=1249377108&cv=11&fst=1734838467892&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~1...

42 B
64 B

159ms
159ms

Image
image/gif

142.250.65.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/16684506815/?random=1249377108&cv=11&fst=1734838467892&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&label=pROrCMaardMZEL-95ZM-&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&gtm_ee=1&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIlaOB9bi6igMVVA-ICR0f7BXlMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3VzZGVidHNyZWxpZWYuY29tL0JXQ2hBSWdPdVp1d1lRbDhxNHg2S1B6cTVfRWkwQXJSVTlyQmh1R0lTazI3bFQtazNya0lnWS04OW9GZFZWNjRLTFNjc0MtRHdWczd6a1o0eEg5ZldpMHBv&is_vtc=1&cid=CAQSKQCa7L7dvz1OQ63HAFf9AxremMbExeiYOZYQ1rD09cCwbKz1MxY35-bB&random=3555221066

Requested by

Host: usdebtsrelief.com
URL: https://usdebtsrelief.com/

Protocol

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Dec 2024 03:34:28 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://www.google.com/pagead/1p-conversion/16684506815/?random=1249377108&cv=11&fst=1734838467892&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&label=pROrCMaardMZEL-95ZM-&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&gtm_ee=1&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIlaOB9bi6igMVVA-ICR0f7BXlMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3VzZGVidHNyZWxpZWYuY29tL0JXQ2hBSWdPdVp1d1lRbDhxNHg2S1B6cTVfRWkwQXJSVTlyQmh1R0lTazI3bFQtazNya0lnWS04OW9GZFZWNjRLTFNjc0MtRHdWczd6a1o0eEg5ZldpMHBv&is_vtc=1&cid=CAQSKQCa7L7dvz1OQ63HAFf9AxremMbExeiYOZYQ1rD09cCwbKz1MxY35-bB&random=3555221066
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Sun, 22 Dec 2024 03:34:28 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/16673419801/ 42 B
64 B 154ms
154ms Image
image/gif 142.250.65.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16673419801/?random=1734838467925&cv=11&fst=1734836400000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dEe90EeF05KUludb0NSzfGNXR0rK82_ZmV5E8UDNcHjNRXS6H&random=3023891720&rmt_tld=0&ipr=y

Requested by

Host: usdebtsrelief.com
URL: https://usdebtsrelief.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://usdebtsrelief.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Dec 2024 03:34:28 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.com/pagead/1p-conversion/16673419801/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16673419801/?random=918837299&cv=11&fst=1734838467965&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0...
https://www.google.com/pagead/1p-conversion/16673419801/?random=918837299&cv=11&fst=1734838467965&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~10...

42 B
64 B

158ms
157ms

Image
image/gif

142.250.65.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/16673419801/?random=918837299&cv=11&fst=1734838467965&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb9200794983&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fusdebtsrelief.com%2F&label=1nURCPac4MoZEJnkwI4-&hn=www.googleadservices.com&frm=0&tiba=debtsreliefus&gtm_ee=1&npa=0&pscdl=noapi&auid=801416243.1734838467&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkonZXZlbnQtc291cmNlLCB0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIwv-F9bi6igMV0i2ICR0TzDpqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3VzZGVidHNyZWxpZWYuY29tL0JXQ2hBSWdPdVp1d1lRbDhxNHg2S1B6cTVfRWkwQXJSVTlySUthWVNld29sREYyZHN5ZFd0am14d01uSXVfYjgwZWZmc3dOMVE4cXVsMzFfaGNSZmVaZzhB&is_vtc=1&cid=CAQSKQCa7L7dMTPR0AjLuvfnzidgZzq8djUnC2BAULzhOAPJ_iZx97pX0JCs&random=506323657

Requested by

Host: usdebtsrelief.com
URL: https://usdebtsrelief.com/

Protocol

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS