www.shareyourfreebies.com Open in urlscan Pro
34.232.243.77  Public Scan

20 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://money.advanceplatinum.com/ Page URL
2. http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=1307&source=SYF-PP-3-generic-0&request_id=&aff_sub=012-&aff_sub2=---012&aff_sub3=286baf12-e0cc-4404-8465-a0ea7cf49bb1&aff_sub4=&aff_sub5=&email=&firstname=&lastname=&dobmonth=&dobday=&dobyear=&gender=&address=&city2=&state=&zip=&areacode=&prefix=&number= HTTP 302
   https://go.aramistrk.com/aff_c?aff_id=1307&aff_sub=012-&aff_sub1=012-&aff_sub2=---012&aff_sub3=286baf12-e0cc-4404-8465-a0ea7cf49bb1&aff_sub4=&aff_sub5=&creative_id=1025&offer_id=2008&source=SYF-PP-3-generic-0 HTTP 302
   https://www.shareyourfreebies.com/welcome.php Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

• https://api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16096117274800.4426928828957759 HTTP 301
• https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16096117274800.4426928828957759

Request Chain 70

• http://shareyourfreebies.com/wp-content/uploads/2014/04/body-bg.jpg HTTP 301
• https://shareyourfreebies.com/wp-content/uploads/2014/04/body-bg.jpg

Request Chain 71

• http://shareyourfreebies.com/freebies/syf-logo-1201.png HTTP 301
• https://shareyourfreebies.com/freebies/syf-logo-1201.png

Request Chain 72

• http://shareyourfreebies.com/wp-content/uploads/2014/04/content-780.jpg HTTP 301
• https://shareyourfreebies.com/wp-content/uploads/2014/04/content-780.jpg

Request Chain 73

• http://shareyourfreebies.com/wp-content/uploads/2013/07/wrap-bg-bottom.png HTTP 301
• https://shareyourfreebies.com/wp-content/uploads/2013/07/wrap-bg-bottom.png

Request Chain 74

• http://shareyourfreebies.com/wp-content/uploads/2014/04/footer-widget-bg-mid-780.jpg HTTP 301
• https://shareyourfreebies.com/wp-content/uploads/2014/04/footer-widget-bg-mid-780.jpg

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response money.advanceplatinum.com/	1 MB 116 KB	684ms 622ms	Document text/html	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash b329f48cd3d554c927ff5233b55e9e0eef891329928e34a04e048214b14ccea6 Request headers :method GET :authority money.advanceplatinum.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server keycdn-engine date Sat, 02 Jan 2021 18:22:04 GMT content-type text/html content-length 118809 cache-control no-cache, must-revalidate, max-age=0 content-encoding br etag "8ea276ef2f9e7b856eb25f3534383654" last-modified Thu, 31 Dec 2020 11:26:17 GMT x-amz-version-id R_6kpuD9f4cP51UwzHg9.tUyboHJ8Zf7 x-cache-status REVALIDATED x-cache MISS x-edge-location defr access-control-allow-origin * accept-ranges bytes
GET H2	200	presenter.4717d24.css impressure-c630.kxcdn.com/	19 KB 5 KB	25ms 6ms	Stylesheet text/css	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/presenter.4717d24.css Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash baacbac8ea102fe556f4d7d75f0ed28614f1c6712ef7c124df6ad7cfbc4cf744 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:04 GMT content-encoding br x-amz-request-id C7016C02B87D7473 x-edge-location defr x-cache HIT content-length 4928 x-amz-id-2 +UiSyNYMyZ9bB6nhEUs6uYqvDrq8nZioJrL2HEbbYto+TmQMmibdl6NUXqvAXidCKSX2123K0tU= last-modified Wed, 09 Oct 2019 17:37:18 GMT server keycdn-engine etag "e39087b2545506688b40e35efb46751b" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Sat, 09 Jan 2021 18:22:04 GMT
GET H2	200	presenter.473070e.js Show response impressure-c630.kxcdn.com/	394 KB 105 KB	25ms 7ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/presenter.473070e.js Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 61d209a38eb261fd73db6b21314a9fbe683582e8b2014568ab90e99338e722da Request headers Origin https://money.advanceplatinum.com Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:04 GMT content-encoding br x-amz-request-id 4D15A7031DD15FE6 x-edge-location defr x-cache HIT content-length 106778 x-amz-id-2 ApI3zRaigWpCDUb8MgiaTRo+o0tySUngDTTeNRQWlXTHv0JjBT9zDqSl/irThfNETVSU2++6AdM= last-modified Mon, 28 Sep 2020 04:36:37 GMT server keycdn-engine etag "399bc418707e540a42b4a31c42fa707b" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Sat, 09 Jan 2021 18:22:04 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 5517 date Sat, 02 Jan 2021 16:50:07 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Sat, 02 Jan 2021 18:50:07 GMT
GET H/1.1	200 OK	info Show response events.impressure.io/	1 KB 1 KB	685ms 171ms	XHR application/json	34.208.235.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/info?v=2&nonce=10517593678743764&userId= Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.235.142 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-235-142.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash f488f9f598317900c98636a8a2306b482c1e3c1d340cf6677a7a3051e12aa139 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:05 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx X-Powered-By Express Vary Accept-Encoding, Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://money.advanceplatinum.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 720 ETag W/"422-NGQniwJcKFqsw+cAVoh3thetsIY"
GET DATA	200 OK	truncated /	24 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/	84 KB 27 KB	22ms 22ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 656672 cross-origin-resource-policy cross-origin vary Accept-Encoding content-length 26983 cf-request-id 0765eee1a400002b7d63a16000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-14e7e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HBEY81CNPSAeTga4RB3gFkB6fFYG1DpwcvQoRp6yR4lMXNRyk5BxNb9tYgHnDl8YHsAfvVZWsoJpLncUJXwo%2FcNNHodUsZBvf%2BjOIcnRNcStUq6Ew%2B1rpGSKUzV92X9hiA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 60b680e2a9e12b7d-FRA expires Thu, 23 Dec 2021 18:22:05 GMT
GET H2	200	loading.d78985d5a90c42d31aaaf9203cddb569.gif impressure-c630.kxcdn.com/	2 KB 2 KB	9ms 9ms	Image image/gif	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://impressure-c630.kxcdn.com/loading.d78985d5a90c42d31aaaf9203cddb569.gif Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.4717d24.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09 Request headers Referer https://impressure-c630.kxcdn.com/presenter.4717d24.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:05 GMT content-encoding gzip x-amz-request-id D4469678AEE64FAE x-edge-location defr x-cache HIT content-length 1315 x-amz-id-2 VM+6opP7oKMpp1yEbofkT9SNMGx6n1YWrgC+nbWI9Htd01zu1lmgclz/zO1d4kZXY94ppzjT7TM= last-modified Tue, 21 Aug 2018 14:21:48 GMT server keycdn-engine etag W/"d78985d5a90c42d31aaaf9203cddb569" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/plain access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Sat, 09 Jan 2021 18:22:05 GMT
GET H2	200	GetPushScript Show response pushpros.tech/	2 KB 3 KB	581ms 453ms	Fetch application/json	52.84.112.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=money.advanceplatinum.com Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.112.51 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-112-51.sof50.r.cloudfront.net Software / Resource Hash f4ef7ae54d5b9817e64c7669e3650edff3f3f7614e63ad5f71ca273a3be43f55 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:05 GMT via 1.1 da775efc0806eff8cd47a6e8449a4cdb.cloudfront.net (CloudFront) x-amz-cf-pop SOF50-C1 x-amzn-requestid 451bcc57-da42-43a3-b5dd-6e6d0ae1c7b8 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-5ff0b9cd-7fbafd1b571c41d14065354c;Sampled=0 x-amz-apigw-id YiH4KFIpIAMFimw= content-length 2192 x-amz-cf-id AOYq5_el7Q6y7ltHGmFbhZn0uyjTPdKdmxLWMTnVzwuHpPHreadcuw==
GET H2	200	joi.js Show response www.offerfwd.net/oi/	172 KB 172 KB	540ms 204ms	Script text/javascript	104.130.88.172 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://www.offerfwd.net/oi/joi.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.130.88.172 San Antonio, United States, ASN19994 (RACKSPACE, US), Reverse DNS Software Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips / Resource Hash 0a6f77695358c20aa596d7f890fe7e558e481361bb5719330c3cbef52952402e Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:05 GMT server Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips content-type text/javascript
GET H/1.1	200 OK	trackpush.min.js Show response s3.amazonaws.com/trackpush/	45 KB 13 KB	389ms 105ms	Script text/javascript	52.217.66.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/trackpush/trackpush.min.js Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.66.62 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 081d8373ab6c9adcf00b696fdc23e2b714828cacb1ff435d8c79ebe2bdf396b6 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:07 GMT Content-Encoding gzip Last-Modified Tue, 17 Nov 2020 22:49:50 GMT Server AmazonS3 x-amz-request-id 430557687CBDF223 ETag "9f48e6cbb2a6f7d39b407b9f877adddd" Content-Type text/javascript Cache-Control max-age=86400 Accept-Ranges bytes Content-Length 12838 x-amz-id-2 /b5iG8Z1YHNbLIRqZn7fa6NfPK9wDOat15PlZVYAJHlvDx13Q3/AuO6bnXa9gZUxV5sOnz66ne4=
GET H2	200	1f80532c-a1c0-4927-b8d1-b84d5d5321c2.js Show response money.advanceplatinum.com/chunk/106670/	11 KB 4 KB	355ms 355ms	Script text/html	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://money.advanceplatinum.com/chunk/106670/1f80532c-a1c0-4927-b8d1-b84d5d5321c2.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash b86d59a881cbf3206188011cafcff2138824eb8dfdb1ccaf29e37d085eae8f17 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:06 GMT content-encoding br last-modified Thu, 31 Dec 2020 11:26:11 GMT server keycdn-engine x-edge-location defr etag "05bff027c634e0dbc16a7f5438c0f3e2" x-cache-status MISS x-cache MISS x-amz-version-id bVH6BiLTn0uZbxYoTsCt_wkS6O08NL1h access-control-allow-origin * cache-control no-cache, must-revalidate, max-age=0 accept-ranges bytes content-type text/html content-length 3433
GET H2	200	chunk.7.6caa6e6.css impressure-c630.kxcdn.com/	1 KB 961 B	7ms 6ms	Stylesheet text/css	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.7.6caa6e6.css Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 340d633e2738fe02c289dc44662122655656ba9d48c268a61f9c761f6a8252ba Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:06 GMT content-encoding br x-amz-request-id 0K7G6K8X7X9S0M6J x-edge-location defr x-cache HIT content-length 538 x-amz-id-2 lNk9vsARBqyNo9ZMT2qmCTYQHUkj0qdEBsC+xfFbW06RNByufte/pA+tNxvl6kSH6Y2ypnnR9l0= last-modified Wed, 09 Oct 2019 17:37:11 GMT server keycdn-engine etag "e73681ade786069d4cb8563abe3a911e" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Sat, 09 Jan 2021 18:22:06 GMT
GET H2	200	chunk.7.6b4aa76.js Show response impressure-c630.kxcdn.com/	11 KB 4 KB	7ms 7ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.7.6b4aa76.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash bb567a6877cd9fbf0c08d55c7d64b5ebbf21a8de27fc9292e445708cf81f8cbe Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:06 GMT content-encoding br x-amz-request-id 534698AB93811FB0 x-edge-location defr x-cache HIT content-length 3359 x-amz-id-2 MGkuuZpTdZCiJcj5ByiZl1BfuZlrAE5to7PYG0nDsGB4TwJFXkXkyFR8arXg2tN1EcbriOQyQLc= last-modified Sat, 19 Sep 2020 17:57:48 GMT server keycdn-engine etag "4a8e2010be8daac0eb417e28d5590e05" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Sat, 09 Jan 2021 18:22:06 GMT
GET H2	200	56974fab-fc89-476e-883f-9a14f7a9d09e.png djk97zng6lbya.cloudfront.net/2020/09/04/19/34/12/	5 KB 5 KB	76ms 22ms	Image image/png	13.224.89.48 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2020/09/04/19/34/12/56974fab-fc89-476e-883f-9a14f7a9d09e.png Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.48 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-89-48.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 00c629a39eea785baf9e8904554550196b7c757779b05c27b64be62446caca68 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 23:24:29 GMT via 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront) last-modified Fri, 04 Sep 2020 19:34:13 GMT server AmazonS3 age 413858 etag "32dbcb6eccdd533db518b1dd3c5fab40" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-meta-json x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 4931 x-amz-cf-id SuYUfD2mQ2v6uCjYxxwlfxYMI-qTo3V9l8dgAy5qutU65FYOi7tIiA==
GET H2	200	af9a7985-0486-416c-82fd-371dc90ffd4d.jpg djk97zng6lbya.cloudfront.net/2020/08/19/18/59/24/	50 KB 50 KB	81ms 27ms	Image image/jpeg	13.224.89.48 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2020/08/19/18/59/24/af9a7985-0486-416c-82fd-371dc90ffd4d.jpg Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.48 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-89-48.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 24f22f7e5bafbb084f527aa2f897fa0ab1a838f5b57464bac45bfc6d27b6a020 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:57:05 GMT via 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront) last-modified Wed, 19 Aug 2020 18:59:25 GMT server AmazonS3 age 1009502 etag "ccfd46ff0d21c82cfe68dd9ab4cdd519" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 x-amz-meta-json x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 50953 x-amz-cf-id JuT84RGulL699fpgqHoQjUwj7i0CvYXbvm_vucAHauo4VQQclW1m_g==
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 73 B	13ms 13ms	XHR text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1774026407&t=pageview&_s=1&dl=https%3A%2F%2Fmoney.advanceplatinum.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=PushToHomePage%20(Don%27t%20Move)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=1946074712&gjid=2078904064&cid=1579396075.1609611725&tid=UA-179195657-1&_gid=1682050758.1609611725&_r=1&_slc=1&z=250460880 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 02 Jan 2021 18:22:06 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://money.advanceplatinum.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	events Show response events.impressure.io/	72 B 500 B	200ms 199ms	Fetch application/json	34.208.235.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.235.142 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-235-142.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 9599bd479b542e3d869139e9d4847b182bdaff65a21ee699b17a8217537bf8d6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type text/plain Response headers Date Sat, 02 Jan 2021 18:22:06 GMT X-Content-Type-Options nosniff Server nginx X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://money.advanceplatinum.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 72 ETag W/"48-vJDX8fX4c3/1IWGCzptRcb+bAjo"
GET H2	200	chunk.13.5f3a945.js Show response impressure-c630.kxcdn.com/	17 KB 5 KB	8ms 8ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.13.5f3a945.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash ecb5f9a97229a42a05d070bf1fb26ccf785e89c4dd8aeda12f820923cdeffc42 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:06 GMT content-encoding br x-amz-request-id 290211D0E6982647 x-edge-location defr x-cache HIT content-length 5062 x-amz-id-2 zFRLWVSpkJtq0OF38ZPxoHjA/KTn7byEIFaN3jCzxBr/12tiUNgFhHWAW0/XOt1ceqg/9rhuWNM= last-modified Wed, 09 Oct 2019 17:37:16 GMT server keycdn-engine etag "99d0c075b044b783e3f3e92fdf9ab9cc" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Sat, 09 Jan 2021 18:22:06 GMT
GET H2	200	chunk.1.1835e12.js Show response impressure-c630.kxcdn.com/	118 KB 29 KB	8ms 8ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.1.1835e12.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 1f8ef466087da7f1845c6539611726540d56d132c1dde753d8688b39184f1e5d Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:06 GMT content-encoding br x-amz-request-id 19AF59C5880AB6BF x-edge-location defr x-cache HIT content-length 28928 x-amz-id-2 UEBNCxc4Zb602/oFCQHdCZIDF/7TGKIlLMUBbSQJ0I3Q4RT9e9mKEcq1yOtd50BGorCIjnwDRRM= last-modified Wed, 09 Oct 2019 17:37:19 GMT server keycdn-engine etag "0166f627bdb6ee21229484adc92c1ad0" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Sat, 09 Jan 2021 18:22:06 GMT
GET H2	200	chunk.4.14607f3.css impressure-c630.kxcdn.com/	2 KB 1 KB	10ms 9ms	Stylesheet text/css	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.4.14607f3.css Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash af4184fcac0beab4133f96dad725c066cddedb9db58107af8928c9486d140d2b Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:06 GMT content-encoding br x-amz-request-id 79251306C0671E81 x-edge-location defr x-cache HIT content-length 794 x-amz-id-2 ubvt6Pkf69vw9RKaGI548D32QLllSDSyeRrVa/4UShlHrdXDHz2R/JZX2d9BVuIMPHbhXAhu9wg= last-modified Wed, 09 Oct 2019 17:37:10 GMT server keycdn-engine etag "92cf1ed8bfc5123b1b1c5ae4a995d8d6" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Sat, 09 Jan 2021 18:22:06 GMT
GET H2	200	chunk.4.7eecc8f.js Show response impressure-c630.kxcdn.com/	56 KB 14 KB	10ms 10ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.4.7eecc8f.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 9183055942fbfde646d1b897a17fcbb9462c41e22f7557c98b53a74bd99f693b Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:06 GMT content-encoding br x-amz-request-id 09AA46DD8063CF8A x-edge-location defr x-cache HIT content-length 13699 x-amz-id-2 h6DOPSHqODb6OhB2rVf4BK6xFKnYaf9KrKYRJNlrII7m/Wc5XyXjhfXVOgGZc1Hugqc3oe83JEM= last-modified Mon, 21 Sep 2020 22:00:01 GMT server keycdn-engine etag "4a7de9bee6b3fd309cbd4c54ee00cd32" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Sat, 09 Jan 2021 18:22:06 GMT
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	22ms 10ms	Script application/javascript	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/chunk.13.5f3a945.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:06 GMT content-encoding gzip last-modified Sat, 20 Jan 2018 17:26:44 GMT server nginx etag W/"5a637bd4-1538f" vary Accept-Encoding x-hw 1609611726.dop207.fr8.t,1609611726.cds224.fr8.hc,1609611726.cds002.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30288
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 503 B	338ms 201ms	Fetch application/json	34.208.235.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.235.142 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-235-142.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 02f89d5118d47018bbb906ac2638bf93c815a29411ff81ff70dcc2c1796de7bd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type text/plain Response headers Date Sat, 02 Jan 2021 18:22:06 GMT X-Content-Type-Options nosniff Server nginx X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://money.advanceplatinum.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 75 ETag W/"4b-KUsXwIRNKOPuC9CDi2uQQq2j0jo"
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 503 B	535ms 200ms	Fetch application/json	34.208.235.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.235.142 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-235-142.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 61b109fae89eba1e19ac2f0d3c691fac91fffcd50cafeef610e5e2ce6d21af1d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type text/plain Response headers Date Sat, 02 Jan 2021 18:22:06 GMT X-Content-Type-Options nosniff Server nginx X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://money.advanceplatinum.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 75 ETag W/"4b-UvN4iEYSCKtmJ+lPASidscfSgBg"
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 503 B	599ms 263ms	Fetch application/json	34.208.235.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.235.142 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-235-142.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 4ff81a1675d9142976654cd59fe137344c56687fcec151d2f13b549b6a57483d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type text/plain Response headers Date Sat, 02 Jan 2021 18:22:06 GMT X-Content-Type-Options nosniff Server nginx X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://money.advanceplatinum.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 75 ETag W/"4b-ol5WifGKzIFRyzKmAHkXrybsqMM"
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 503 B	539ms 204ms	Fetch application/json	34.208.235.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.235.142 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-235-142.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 38af1dae7a5e2a61f29d9321d24d65dda165b3c321bcadcdaecd2427ba711229 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type text/plain Response headers Date Sat, 02 Jan 2021 18:22:06 GMT X-Content-Type-Options nosniff Server nginx X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://money.advanceplatinum.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 75 ETag W/"4b-jw15IGx5SHxSEsHkiP9cM8DGTXc"
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 503 B	542ms 207ms	Fetch application/json	34.208.235.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.235.142 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-235-142.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 41cc7105298c158c446a23442ad71d6a9bb2a499104153fc783e6d1a43fb724c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type text/plain Response headers Date Sat, 02 Jan 2021 18:22:06 GMT X-Content-Type-Options nosniff Server nginx X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://money.advanceplatinum.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 75 ETag W/"4b-42mdiYim5YfVOj/4TmGZ1ia82gg"
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 503 B	541ms 205ms	Fetch application/json	34.208.235.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.235.142 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-235-142.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 8098b0c3af91f225ab1601787a68daefbec39d1759fe2d70cb664ae1326a6c5a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type text/plain Response headers Date Sat, 02 Jan 2021 18:22:06 GMT X-Content-Type-Options nosniff Server nginx X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://money.advanceplatinum.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 75 ETag W/"4b-djoBWeBSDjyUMH5kf8l0reqjr+E"
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 503 B	542ms 205ms	Fetch application/json	34.208.235.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.235.142 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-235-142.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 5b85cd8de23535f5dc5b9294386c3578b5782fd9beed42f946f50d89c5bb12b8 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type text/plain Response headers Date Sat, 02 Jan 2021 18:22:06 GMT X-Content-Type-Options nosniff Server nginx X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://money.advanceplatinum.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 75 ETag W/"4b-IGalw8x7GBggX97uISZU5+qxpMQ"
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 503 B	732ms 198ms	Fetch application/json	34.208.235.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.235.142 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-235-142.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash afb4eaf37cfcbf50d2f38f9eb864aa63dbe6b7f369bf1608e7027d066ee57e43 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type text/plain Response headers Date Sat, 02 Jan 2021 18:22:07 GMT X-Content-Type-Options nosniff Server nginx X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://money.advanceplatinum.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 75 ETag W/"4b-IZi/F07jvkQJmfNsqBN0LwGZUP0"
GET H2	200	1e7c53bd-c407-48f1-a3bc-71d24d8df58c.jpg djk97zng6lbya.cloudfront.net/2020/08/19/18/56/46/	50 KB 50 KB	23ms 22ms	Image image/jpeg	13.224.89.48 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2020/08/19/18/56/46/1e7c53bd-c407-48f1-a3bc-71d24d8df58c.jpg Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.48 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-89-48.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 24f22f7e5bafbb084f527aa2f897fa0ab1a838f5b57464bac45bfc6d27b6a020 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Dec 2020 02:04:58 GMT via 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront) last-modified Wed, 19 Aug 2020 18:56:47 GMT server AmazonS3 age 1873029 etag "ccfd46ff0d21c82cfe68dd9ab4cdd519" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 x-amz-meta-json x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 50953 x-amz-cf-id 50qjIyMXV1YreMPm3-mt7SC8QgXMu5o0xuDfRVDeqoMBQ42SVcmS5A==
GET H3-Q050	200	collect www.google-analytics.com/	35 B 63 B	7ms 6ms	Image image/gif	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=1774026407&t=pageview&_s=2&dl=https%3A%2F%2Fmoney.advanceplatinum.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=RegPageFull&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1579396075.1609611725&tid=UA-179195657-1&_gid=1682050758.1609611725&z=1772601288 Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 02 Jan 2021 06:43:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 41943 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	events Show response events.impressure.io/	72 B 500 B	706ms 202ms	Fetch application/json	34.208.235.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.235.142 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-235-142.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 189868ae203ebec9606f33f0e0771e31dadcc3cfe8269179cedc59cc3e00c226 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type text/plain Response headers Date Sat, 02 Jan 2021 18:22:07 GMT X-Content-Type-Options nosniff Server nginx X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://money.advanceplatinum.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 72 ETag W/"48-eUH+FRtDgZPlrX8AC7y3KJif0M4"
GET H2	200	chunk.12.ccb487b.js Show response impressure-c630.kxcdn.com/	5 KB 2 KB	6ms 6ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.12.ccb487b.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 11713ea89178e580a27ae6d2124375a9a0abc4f6dab37ba4569e1bee0e8c1814 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:06 GMT content-encoding br x-amz-request-id 143C83F6D283CB77 x-edge-location defr x-cache HIT content-length 1676 x-amz-id-2 9jxdpvIjbU4uXSxm0VQEyH30W3LJzraxlkwDiRtxmv3EWQ9kX23xmYk1yfU+Qry6A/XeciazeE4= last-modified Sat, 19 Sep 2020 17:57:50 GMT server keycdn-engine etag "faa4cc49f4d97d5ba9debbc2cb321495" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Sat, 09 Jan 2021 18:22:06 GMT
GET H2	200	chunk.15.0e1c25f.js Show response impressure-c630.kxcdn.com/	1 KB 896 B	8ms 8ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.15.0e1c25f.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 6926041f41c716ebe9d93be218273020f96631e92e16b5a6565535426c9d0e22 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:06 GMT content-encoding br x-amz-request-id 7EED9EB17D5A9D51 x-edge-location defr x-cache HIT content-length 463 x-amz-id-2 FdYIF1Se9rtB2ZI+Wxas1nkWOAEJnI54VIky9Wy4ld046Xk6tLO5rvXIEhTDP22GRGN7cl7KD0o= last-modified Sat, 19 Sep 2020 17:57:48 GMT server keycdn-engine etag "d6f316fca4fecd15a02f54412b4afba9" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Sat, 09 Jan 2021 18:22:06 GMT
GET H2	200	9c635849-6553-46ba-8408-a353e9288dc6.png djk97zng6lbya.cloudfront.net/2020/10/16/14/25/52/	441 KB 442 KB	26ms 26ms	Image image/png	13.224.89.48 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2020/10/16/14/25/52/9c635849-6553-46ba-8408-a353e9288dc6.png Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.48 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-89-48.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash c4ef2e7ed03132d94551949c6a03f88815442cc1e8bd800be47d41ea60939554 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 29 Dec 2020 18:02:17 GMT via 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront) last-modified Fri, 16 Oct 2020 14:25:54 GMT server AmazonS3 age 346790 etag "921f58a6dde0e66e978b7086fbacbb82" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-meta-json x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 451738 x-amz-cf-id w2PIyKHZz5-hl-qA0FuyGtMBCnSRWCCVItEltdidZSeX2WwIug5JBw==
GET H2	200	47b3ebf1-f568-05ac-6674-6ba34499f7ed.js Show response create.lidstatic.com/campaign/	123 KB 39 KB	442ms 417ms	Script text/javascript	2606:4700:10::6816:27b6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2 Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7aabc45841f726bbba2d87ebcc94cb251f59b66c6d915a71673e5a05b982d9b2 Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:07 GMT content-encoding gzip cf-cache-status REVALIDATED x-amz-request-id FEA25DE62027B246 cf-ray 60b680eb6e1705d0-FRA x-amz-replication-status COMPLETED x-amz-id-2 EXkdcKFDc8lHVU1N107pj0fL3B5Rpu1lBBOd/XbcqRAbThA+5WzO+3uMB/buZ1qqrTFPS9vaRrM= last-modified Tue, 21 Apr 2020 14:54:55 GMT server cloudflare etag W/"a0094c18922d7bb48e9bd9c0dd366f0e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id eJ2ZkYiM65vE2Jb2Uhid_5Vnx6YhssrO cache-control max-age=1800 cf-request-id 0765eee71f000005d0df95f000000001 content-type text/javascript
GET H2	200	request.js Show response script.anura.io/	45 KB 45 KB	134ms 84ms	Script application/javascript	3.10.249.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/request.js?instance=2383107219&source=-&campaign=1307&callback=optionalCallbackFunction&175925278047 Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.10.249.220 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-10-249-220.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash d25e86cbccb30a4bcf5b089a4fbd1311a859cf6ea5a9a39cf97ca4ea39a2152c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 02 Jan 2021 18:22:06 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 x-content-type-options nosniff expires Sun, 28 Dec 1980 18:57:00 EST server nginx content-type application/javascript; charset=utf-8
GET H2	200	297d08f6-76c9-42a9-b442-5da3bf9b0df3.png djk97zng6lbya.cloudfront.net/2020/09/04/19/32/25/	7 KB 7 KB	34ms 33ms	Image image/png	13.224.89.48 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2020/09/04/19/32/25/297d08f6-76c9-42a9-b442-5da3bf9b0df3.png Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.48 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-89-48.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 5181b772661ff98456a1590898d1315f2392a1b47c425bc558800d015d85854c Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 23:24:31 GMT via 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront) last-modified Fri, 04 Sep 2020 19:32:26 GMT server AmazonS3 age 413856 etag "4407427d0702ca7bf0f8ae36ddfdfa3c" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-meta-json x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 7177 x-amz-cf-id G3dKyPq6zRWqMKVONidGxbGVK9EMSftbpZcJRzjQKMMInmBObzTmXg==
GET DATA	200 OK	truncated /	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b193cca67a1a3485f0418f26f67cfcd728df50e8f5b71c4fb477c918651d0ba7 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	1 stats.pusher.com/timeline/v2/jsonp/	80 B 228 B	379ms 93ms	Script application/javascript	52.90.41.11 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stats.pusher.com/timeline/v2/jsonp/1?session=NzMxMzM1MDU1&bundle=MQ%3D%3D&key=NTAyODM0YTg1MjU1MGVlNDZkZjk%3D&lib=anM%3D&version=NC4zLjE%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2MDk2MTE3MjY1ODF9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjA5NjExNzI2NTgxfSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjA5NjExNzI2NTgyfSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTYwOTYxMTcyNjU4Mn0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTYwOTYxMTcyNjU4M30seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTYwOTYxMTcyNjk2NX0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiIzMDc1ODcuMTgxOTE4MzUifSwidGltZXN0YW1wIjoxNjA5NjExNzI2OTY2fV0%3D Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/chunk.1.1835e12.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.90.41.11 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-90-41-11.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:07 GMT Server nginx Connection close Content-Length 80 Content-Type application/javascript
POST H2	200	GenerateToken create.leadid.com/2.7.0/	36 B 331 B	357ms 144ms	XHR text/plain	52.202.223.214 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.7.0/GenerateToken?msn=1&pid=6d7f4b52-3164-430f-83cb-66ffb4cd3d2a&_=271655889 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.223.214 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-223-214.compute-1.amazonaws.com Software nginx/1.17.6 / PHP/7.1.33 Resource Hash Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sat, 02 Jan 2021 18:22:07 GMT content-encoding gzip server nginx/1.17.6 x-powered-by PHP/7.1.33 access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	response.json Show response script.anura.io/	78 B 428 B	168ms 128ms	XHR application/json	3.10.249.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/response.json Requested by Host: script.anura.io URL: https://script.anura.io/request.js?instance=2383107219&source=-&campaign=1307&callback=optionalCallbackFunction&175925278047 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.10.249.220 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-10-249-220.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash f7135d7bf41dd9fa5b71d0706714d99d864f18190b12b881f351b603cefeceb7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Sat, 02 Jan 2021 18:22:07 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding access-control-allow-methods POST content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
POST H2	200	result.json script.anura.io/	27 B 384 B	36ms 35ms	XHR application/json	3.10.249.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/result.json Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.10.249.220 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-10-249-220.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Sat, 02 Jan 2021 18:22:07 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding access-control-allow-methods GET, POST content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
GET		aff_ad go.aramistrk.com/	0 0
GET		aff_ad go.aramistrk.com/	0 0
GET H/1.1	200 OK	Primary Request Cookie set welcome.php Show response www.shareyourfreebies.com/ Redirect Chain http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=1307&source=SYF-PP-3-generic-0&request_id=&aff_sub=012-&aff_sub2=---012&aff_sub3=286baf12-e0cc-4404-8465-a0ea7cf49bb1&aff_sub4=&aff_sub5=&email... https://go.aramistrk.com/aff_c?aff_id=1307&aff_sub=012-&aff_sub1=012-&aff_sub2=---012&aff_sub3=286baf12-e0cc-4404-8465-a0ea7cf49bb1&aff_sub4=&aff_sub5=&creative_id=1025&offer_id=2008&source=SYF-PP-... https://www.shareyourfreebies.com/welcome.php	16 KB 5 KB	626ms 96ms	Document text/html	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.shareyourfreebies.com/welcome.php Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / PHP/7.2.30 Resource Hash 394dcaada2f721f25cb062819be1e92ab636f3a5ada64f3afffd5369de17a492 Request headers Host www.shareyourfreebies.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://money.advanceplatinum.com/ Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips X-Powered-By PHP/7.2.30 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Set-Cookie PHPSESSID=jv6dikq1qnn98fbu85tsjd4h1u; path=/ Vary Accept-Encoding Upgrade h2,h2c Connection Upgrade, Keep-Alive Content-Encoding gzip Referrer-Policy Content-Length 4797 Keep-Alive timeout=5, max=100 Content-Type text/html; charset=UTF-8 Redirect headers Server nginx Date Sat, 02 Jan 2021 18:22:07 GMT Content-Type text/html; charset=iso-8859-1 Content-Length 229 Connection keep-alive Cache-Control no-cache, no-store, must-revalidate Expires Sat, 26 Jul 1997 05:00:00 GMT Location https://www.shareyourfreebies.com/welcome.php P3p CP="NOI CUR OUR NOR INT" Pragma no-cache Set-Cookie enc_aff_session_2008=ENC036c3279910ade4d623a58b249e23c1bc3f825f2691578c3eca1e7f0d507f782a766116f6f1837eb11219c9d09136d775b290bafe20c7fc8d7c42164ab74046366ee1d40d598e9248fa3e4057d0a01996b314ab84daafeb2566314ec1de23e98e3f2944b158be40a2ac35949e207723e274d15ca8de789d4d0eeebe7ced3c30b882b574f5597b21c11e91caa4dea82b5405fd0a5dd39fd781668bba16ca117516e28c64a50; expires=Sun, 03 Jan 2021 18:22:07 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Tue, 28 Nov 2023 05:02:07 GMT; path=/; SameSite=None; Secure Tracking_id 102253117108576871243781871381 X-Robots-Tag noindex, nofollow Access-Control-Allow-Origin * X-Request-Id 858f47e05673d3df40cb1e454cb89e7f Access-Control-Allow-Headers Tune-SDK-Version
GET H/1.1	200 OK	iframe.html d2m2wsoho8qq12.cloudfront.net/ Frame CE09	0 0	62ms 8ms	Document text/html	13.225.84.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5C749AAF-D772-03A9-EEB9-E8CDBB5EEB92&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.84.125 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-125.fra2.r.cloudfront.net Software nginx/1.17.6 / Resource Hash Request headers Host d2m2wsoho8qq12.cloudfront.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://money.advanceplatinum.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://money.advanceplatinum.com/ Response headers Content-Type text/html Transfer-Encoding chunked Connection keep-alive Date Sat, 02 Jan 2021 07:32:23 GMT Server nginx/1.17.6 Last-Modified Fri, 01 Jan 2021 16:58:35 GMT ETag W/"5fef54bb-dbc" P3P CP="NOI DSP COR NID CUR ADM DEV OUR BUS" Content-Encoding gzip X-Cache Hit from cloudfront Via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 X-Amz-Cf-Id fmotyNNIUGdES9O7uUYdAojj9pZIcUXObeNBzWrJ16iJlLfNI5135Q== Age 38984
POST H2	200	SaveDom create.leadid.com/2.7.0/	0 298 B	100ms 99ms	XHR text/plain	52.202.223.214 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.7.0/SaveDom?msn=2&pid=6d7f4b52-3164-430f-83cb-66ffb4cd3d2a&token=5C749AAF-D772-03A9-EEB9-E8CDBB5EEB92&_=271655890 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.223.214 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-223-214.compute-1.amazonaws.com Software nginx/1.17.6 / PHP/7.1.33 Resource Hash Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sat, 02 Jan 2021 18:22:07 GMT content-encoding gzip server nginx/1.17.6 x-powered-by PHP/7.1.33 access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	InitFormData create.leadid.com/2.7.0/	0 298 B	108ms 108ms	XHR text/plain	52.202.223.214 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.7.0/InitFormData?msn=3&pid=6d7f4b52-3164-430f-83cb-66ffb4cd3d2a&token=5C749AAF-D772-03A9-EEB9-E8CDBB5EEB92&_=271655891 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.223.214 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-223-214.compute-1.amazonaws.com Software nginx/1.17.6 / PHP/7.1.33 Resource Hash Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sat, 02 Jan 2021 18:22:07 GMT content-encoding gzip server nginx/1.17.6 x-powered-by PHP/7.1.33 access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	bootstrap.js cdn.trustedform.com/ Redirect Chain https://api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16096117274800.4426928828957759 https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16096117274800.4426928828957759	14 KB 6 KB	173ms 131ms	Script application/javascript	2600:9000:2057:fe00:1c:7f1a:6680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16096117274800.4426928828957759 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:fe00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Referer https://money.advanceplatinum.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:08 GMT content-encoding gzip last-modified Mon, 28 Dec 2020 14:37:19 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 etag W/"0a699d04879bd99dbc998f9b56c0111d" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript via 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront) x-amz-version-id 7BK7BvkEXLhjWR9ZJmnEu647ipHXYVp0 x-amz-cf-id uHTIDIhl_LnGl9udZWvGCkvcmlN9O8useGfidDH9ANKKlkVM14m4Bg== Redirect headers location https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16096117274800.4426928828957759 date Sat, 02 Jan 2021 18:22:07 GMT server awselb/2.0 content-length 134 content-type text/html
GET		c27752d6-8040-4726-8776-b288603ae6b1.js money.advanceplatinum.com/chunk/106670/	0 0
POST		certs api.trustedform.com/	0 0
GET H/1.1	200 OK	style.css shareyourfreebies.com/wp-content/themes/wp-mystique102/	78 KB 11 KB	289ms 97ms	Stylesheet text/css	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://shareyourfreebies.com/wp-content/themes/wp-mystique102/style.css Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash 176f0bf0d2cdd8b719c8c56b236c3c6db29b57f7d7345d8042ec6c0321f95805 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Content-Encoding gzip Referrer-Policy Last-Modified Thu, 02 Jun 2016 11:09:40 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "13972-53449a475e500-gzip" Vary Accept-Encoding Upgrade h2,h2c Cache-Control max-age=31536000 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/css Keep-Alive timeout=5, max=100 Content-Length 10974 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H/1.1	200 OK	steel-blue.css shareyourfreebies.com/wp-content/themes/wp-mystique102/styles/	1 KB 917 B	286ms 95ms	Stylesheet text/css	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://shareyourfreebies.com/wp-content/themes/wp-mystique102/styles/steel-blue.css Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash cd81bcbd4a843a7bcd79d7b7475b92f790126768d85f5900403bdf2ea738f68e Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Content-Encoding gzip Referrer-Policy Last-Modified Thu, 02 Jun 2016 11:09:55 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "50e-53449a55ac6c0-gzip" Vary Accept-Encoding Upgrade h2,h2c Cache-Control max-age=31536000 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/css Keep-Alive timeout=5, max=100 Content-Length 449 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H/1.1	200 OK	custom.css shareyourfreebies.com/wp-content/themes/wp-mystique102/	2 KB 1 KB	287ms 95ms	Stylesheet text/css	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://shareyourfreebies.com/wp-content/themes/wp-mystique102/custom.css Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash 95853211b5b599c3d8c2f2773495f8388e2a881f90b91e96401e3dc67076758c Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Content-Encoding gzip Referrer-Policy Last-Modified Thu, 02 Jun 2016 11:10:00 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "849-53449a5a71200-gzip" Vary Accept-Encoding Upgrade h2,h2c Cache-Control max-age=31536000 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/css Keep-Alive timeout=5, max=100 Content-Length 844 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	19ms 18ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-45034405-12 Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 117caf653a21448928fae69a98e7b309729a038f8733b947d921ebce933c35dd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:08 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39019 x-xss-protection 0 last-modified Sat, 02 Jan 2021 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 02 Jan 2021 18:22:08 GMT
GET H/1.1	200 OK	walmart-120x60.jpg shareyourfreebies.com/new-today-images/	13 KB 13 KB	97ms 95ms	Image image/jpeg	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/new-today-images/walmart-120x60.jpg Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash 14692a9344d47654df30332d85e3427a67fa10443cf2b254e0e8eb5947c1fdea Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Wed, 06 Dec 2017 16:00:44 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "33ed-55fae0dcc6300" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 13293 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H/1.1	200 OK	free-tide.jpg shareyourfreebies.com/new-today-images/	8 KB 8 KB	97ms 95ms	Image image/jpeg	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/new-today-images/free-tide.jpg Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash edc4470f84970317075e6e7fbfbc8018652e3ddbcba882252faa35cc7a76b6b8 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Wed, 06 Jul 2016 14:58:49 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "1ef1-536f8ce91bc40" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 7921 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H/1.1	200 OK	makeup120.png shareyourfreebies.com/new-today-images/	15 KB 15 KB	97ms 95ms	Image image/png	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/new-today-images/makeup120.png Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash 9db82dbc9a5be526a8378f0c069c9de8c7de3ec0436dee4c025aef38a94c5dee Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Mon, 27 Nov 2017 16:52:41 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "3b3c-55ef9bb03a840" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 15164 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H/1.1	200 OK	free-mr-clean.jpg shareyourfreebies.com/new-today-images/	7 KB 7 KB	284ms 95ms	Image image/jpeg	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/new-today-images/free-mr-clean.jpg Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash a6985e195a209cfeb03b08c8dea923edd9cc697aea2653d4b89d5f6b52ac2d59 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Wed, 06 Jul 2016 14:58:48 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "1bf6-536f8ce827a00" Vary Accept-Encoding Upgrade h2,h2c Cache-Control max-age=31536000 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5, max=100 Content-Length 7158 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H/1.1	200 OK	120x60-wb-amzns.jpg shareyourfreebies.com/new-today-images/	11 KB 11 KB	284ms 94ms	Image image/jpeg	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/new-today-images/120x60-wb-amzns.jpg Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash af44cb29ef5887ae2d737441c9cb0194a76883069f41a78059da90fec641d74c Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Wed, 06 Dec 2017 16:02:41 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "2a62-55fae14c5aa40" Vary Accept-Encoding Upgrade h2,h2c Cache-Control max-age=31536000 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5, max=100 Content-Length 10850 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H/1.1	200 OK	laundry1.jpg shareyourfreebies.com/new-today-images/	7 KB 8 KB	284ms 95ms	Image image/jpeg	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/new-today-images/laundry1.jpg Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash f63e05c02b01d7e4750dc0b95f555800548b7a042c7443bd455b06539284b9f2 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Wed, 06 Jul 2016 14:58:50 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "1d44-536f8cea0fe80" Vary Accept-Encoding Upgrade h2,h2c Cache-Control max-age=31536000 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5, max=100 Content-Length 7492 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H/1.1	200 OK	free-clorox.jpg shareyourfreebies.com/new-today-images/	8 KB 8 KB	173ms 95ms	Image image/jpeg	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/new-today-images/free-clorox.jpg Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash 284cb419b8534249eead48a25d5629954e7d5a737713601170725887b7b62faf Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Wed, 06 Jul 2016 14:58:53 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "1fd0-536f8cecec540" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 8144 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H/1.1	200 OK	loreal2.jpg shareyourfreebies.com/new-today-images/	4 KB 5 KB	174ms 95ms	Image image/jpeg	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/new-today-images/loreal2.jpg Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash 85080800a2ff0cb8502faf1ce9348856a6c767ef8b114c0d2d35cd7a76be8fa8 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Tue, 28 Nov 2017 15:49:13 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "1175-55f0cf5e19040" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4469 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H/1.1	200 OK	free-febreze.jpg shareyourfreebies.com/new-today-images/	7 KB 7 KB	260ms 95ms	Image image/jpeg	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/new-today-images/free-febreze.jpg Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash 260bbe72be660c2bf46db95f283de93bb40754eee4f07e6e6322f2af297feab6 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Wed, 06 Jul 2016 14:58:54 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "1a32-536f8cede0780" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 6706 Expires Sun, 02 Jan 2022 18:22:08 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	32ms 31ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-45034405-1 Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1d5f0b60735d9e420580cc6d91988817fedf67ea2ab7ee63641d4916a1c5ac29 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:08 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38974 x-xss-protection 0 last-modified Sat, 02 Jan 2021 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 02 Jan 2021 18:22:08 GMT
GET H2	200	js Show response static.getclicky.com/	15 KB 6 KB	31ms 14ms	Script text/javascript	2606:4700::6810:dd1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.getclicky.com/js Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c29235c7537fb21c1de7b20aec0870b95532cdc39b60a00d45a72c2a7fb2376 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:08 GMT content-encoding gzip cf-cache-status HIT server cloudflare age 584433 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=604800 cf-ray 60b680f798af4a8c-FRA x-proxy-cache HIT cf-request-id 0765eeeec200004a8ce10a2000000001 expires Sat, 09 Jan 2021 18:22:08 GMT
GET H2	200	fbds.js Show response connect.facebook.net/en_US/	4 KB 2 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbds.js Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash da85067c912ff6e7e51da9ef22a1ae385b0be859b3fab3fc626c3a10687326fb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 5Rdch8eAEllufHVBbM78nQ== cross-origin-resource-policy cross-origin expires Sat, 02 Jan 2021 18:36:00 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 2117 x-fb-rlafr 0 x-fb-debug QjgKuI9l1A5NvI3ytwD43iMF2v1OzD5A/xQ17l6Dh0Irq4EICaTZwA4cqAEplNQOVeozSRNvjB7SvSro7jODXA== x-fb-trip-id 1814657579 x-fb-content-md5 c0ed4c6b368d1d4e86efa099785f74b4 date Sat, 02 Jan 2021 18:22:08 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "6f2ebe44d80e81d110a264450ebe221e" timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H2	200	GetPushScript Show response pushpros.tech/	2 KB 2 KB	472ms 470ms	Fetch application/json	52.84.112.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=www.shareyourfreebies.com Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.112.51 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-112-51.sof50.r.cloudfront.net Software / Resource Hash db03938dc1151a68828a01a167485ffa1fb36c30da2c7b349bea481f1e792aa8 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:08 GMT via 1.1 da775efc0806eff8cd47a6e8449a4cdb.cloudfront.net (CloudFront) x-amz-cf-pop SOF50-C1 x-amzn-requestid 7dd11ff8-baca-4238-a500-2d72309a544e x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-5ff0b9d0-41b630683640c83969cdad40;Sampled=0 x-amz-apigw-id YiH4pFuzIAMF4Ow= content-length 2187 x-amz-cf-id zq7om5D8UQ-0uWggoVCEjnu5QGTwGwQpwWGx2qLTiNIGq_i-fHUDHA==
GET H/1.1	200 OK	body-bg.jpg shareyourfreebies.com/wp-content/uploads/2014/04/ Redirect Chain http://shareyourfreebies.com/wp-content/uploads/2014/04/body-bg.jpg https://shareyourfreebies.com/wp-content/uploads/2014/04/body-bg.jpg	2 KB 2 KB	95ms 94ms	Image image/jpeg	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/wp-content/uploads/2014/04/body-bg.jpg Requested by Host: shareyourfreebies.com URL: https://shareyourfreebies.com/wp-content/themes/wp-mystique102/custom.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash f9a89ebfb322f66742674ed7f15a9755bf9a066743ca7916bc40e948d9027a07 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Thu, 02 Jun 2016 10:59:17 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "679-534497f53ab40" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1657 Expires Sun, 02 Jan 2022 18:22:08 GMT Redirect headers Location https://shareyourfreebies.com/wp-content/uploads/2014/04/body-bg.jpg Date Sat, 02 Jan 2021 18:22:08 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 276 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	syf-logo-1201.png shareyourfreebies.com/freebies/ Redirect Chain http://shareyourfreebies.com/freebies/syf-logo-1201.png https://shareyourfreebies.com/freebies/syf-logo-1201.png	22 KB 22 KB	173ms 95ms	Image image/png	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/freebies/syf-logo-1201.png Requested by Host: shareyourfreebies.com URL: https://shareyourfreebies.com/wp-content/themes/wp-mystique102/custom.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash 1b6a9d3896a9ff3ba8a6a732847b170b772ea13adb0b248ce3ab30934fc996ee Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Thu, 02 Jun 2016 10:56:01 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "56b7-5344973a4f240" Content-Type image/png Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 22199 Expires Sun, 02 Jan 2022 18:22:08 GMT Redirect headers Location https://shareyourfreebies.com/freebies/syf-logo-1201.png Date Sat, 02 Jan 2021 18:22:08 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 264 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	content-780.jpg shareyourfreebies.com/wp-content/uploads/2014/04/ Redirect Chain http://shareyourfreebies.com/wp-content/uploads/2014/04/content-780.jpg https://shareyourfreebies.com/wp-content/uploads/2014/04/content-780.jpg	451 B 865 B	95ms 95ms	Image image/jpeg	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/wp-content/uploads/2014/04/content-780.jpg Requested by Host: shareyourfreebies.com URL: https://shareyourfreebies.com/wp-content/themes/wp-mystique102/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash 3bba5bc646188a607d46348818ac9b73ab307640566c69bf11fbb9e4dc8235c0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Thu, 02 Jun 2016 10:59:26 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "1c3-534497fdcff80" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 451 Expires Sun, 02 Jan 2022 18:22:08 GMT Redirect headers Location https://shareyourfreebies.com/wp-content/uploads/2014/04/content-780.jpg Date Sat, 02 Jan 2021 18:22:08 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 280 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	wrap-bg-bottom.png shareyourfreebies.com/wp-content/uploads/2013/07/ Redirect Chain http://shareyourfreebies.com/wp-content/uploads/2013/07/wrap-bg-bottom.png https://shareyourfreebies.com/wp-content/uploads/2013/07/wrap-bg-bottom.png	260 B 673 B	168ms 95ms	Image image/png	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/wp-content/uploads/2013/07/wrap-bg-bottom.png Requested by Host: shareyourfreebies.com URL: https://shareyourfreebies.com/wp-content/themes/wp-mystique102/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash 24e1a31ef931f0e3fca7d3e7eb40ef7aafc4484938f18597152cb95ffc562971 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Thu, 02 Jun 2016 11:01:45 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "104-534498825f840" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 260 Expires Sun, 02 Jan 2022 18:22:08 GMT Redirect headers Location https://shareyourfreebies.com/wp-content/uploads/2013/07/wrap-bg-bottom.png Date Sat, 02 Jan 2021 18:22:08 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 283 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	footer-widget-bg-mid-780.jpg shareyourfreebies.com/wp-content/uploads/2014/04/ Redirect Chain http://shareyourfreebies.com/wp-content/uploads/2014/04/footer-widget-bg-mid-780.jpg https://shareyourfreebies.com/wp-content/uploads/2014/04/footer-widget-bg-mid-780.jpg	4 KB 5 KB	173ms 94ms	Image image/jpeg	34.232.243.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://shareyourfreebies.com/wp-content/uploads/2014/04/footer-widget-bg-mid-780.jpg Requested by Host: shareyourfreebies.com URL: https://shareyourfreebies.com/wp-content/themes/wp-mystique102/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.243.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-243-77.compute-1.amazonaws.com Software Apache/2.4.39 () OpenSSL/1.0.2k-fips / Resource Hash 81c1734ee60f5956fd26443da5a19461497eee73674f1faa86a48bbca0e7b27b Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:08 GMT Referrer-Policy Last-Modified Thu, 02 Jun 2016 10:59:17 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips ETag "11e4-534497f53ab40" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4580 Expires Sun, 02 Jan 2022 18:22:08 GMT Redirect headers Location https://shareyourfreebies.com/wp-content/uploads/2014/04/footer-widget-bg-mid-780.jpg Date Sat, 02 Jan 2021 18:22:08 GMT Server Apache/2.4.39 () OpenSSL/1.0.2k-fips Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 293 Content-Type text/html; charset=iso-8859-1
GET H2	200	/ www.facebook.com/tr/	44 B 257 B	6ms 6ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1586138831606282&ev=PixelInitialized&dl=https%3A%2F%2Fwww.shareyourfreebies.com%2Fwelcome.php&rl=&if=false&ts=1609611728589 Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:08 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Sat, 02 Jan 2021 18:22:08 GMT
GET H/1.1	200 OK	Cookie set aff_l go.aramistrk.com/ Frame E54D	0 0	416ms 416ms	Document text/html	99.81.139.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://go.aramistrk.com/aff_l?offer_id=2008 Requested by Host: www.shareyourfreebies.com URL: https://www.shareyourfreebies.com/welcome.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.139.146 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-139-146.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Host go.aramistrk.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.shareyourfreebies.com/welcome.php Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie enc_aff_session_2008=ENC036c3279910ade4d623a58b249e23c1bc3f825f2691578c3eca1e7f0d507f782a766116f6f1837eb11219c9d09136d775b290bafe20c7fc8d7c42164ab74046366ee1d40d598e9248fa3e4057d0a01996b314ab84daafeb2566314ec1de23e98e3f2944b158be40a2ac35949e207723e274d15ca8de789d4d0eeebe7ced3c30b882b574f5597b21c11e91caa4dea82b5405fd0a5dd39fd781668bba16ca117516e28c64a50; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.shareyourfreebies.com/welcome.php Response headers Server nginx Date Sat, 02 Jan 2021 18:22:08 GMT Content-Type text/html Content-Length 53 Connection keep-alive Cache-Control no-cache, no-store, must-revalidate Expires Sat, 26 Jul 1997 05:00:00 GMT P3p CP="NOI CUR OUR NOR INT" Pragma no-cache Set-Cookie aff_conversions=|2008|; expires=Tue, 28 Nov 2023 05:02:08 GMT; path=/; SameSite=None; Secure aff_session_2008=; expires=Fri, 02-Jan-1970 00:00:00 GMT; path=/; enc_aff_session_2008=; expires=Fri, 02-Jan-1970 00:00:00 GMT; path=/; HasLC=1; expires=Sat, 02 Jan 2021 18:22:10 GMT; path=/; SameSite=None; Secure Tracking_id 102253117108576871243781871381 Access-Control-Allow-Origin * X-Request-Id 71c7107ed5600c2ddba2508f5920dd03 Access-Control-Allow-Headers Tune-SDK-Version
GET H3-Q050	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-45034405-12 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 1894 date Sat, 02 Jan 2021 17:50:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Sat, 02 Jan 2021 19:50:34 GMT
GET H3-Q050	200	js Show response www.googletagmanager.com/gtag/	96 KB 39 KB	60ms 46ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-45034405-1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-45034405-12 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e841b61015891ae123c56b31c6b6bce68f94fc9a049026c95c1cd4017f7de9de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:08 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39039 x-xss-protection 0 last-modified Sat, 02 Jan 2021 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 02 Jan 2021 18:22:08 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	1 B 72 B	13ms 13ms	XHR text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1210781732&t=pageview&_s=1&dl=https%3A%2F%2Fwww.shareyourfreebies.com%2Fwelcome.php&ul=en-us&de=UTF-8&dt=(1)%20New%20Freebie%20%3A%20ShareYourFreebies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=2033247102&gjid=2097845143&cid=1458113965.1609611729&tid=UA-45034405-12&_gid=217467063.1609611729&_r=1&gtm=2oubu0&z=712535983 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 02 Jan 2021 18:22:08 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.shareyourfreebies.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 25 B	13ms 13ms	XHR text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1210781732&t=pageview&_s=1&dl=https%3A%2F%2Fwww.shareyourfreebies.com%2Fwelcome.php&ul=en-us&de=UTF-8&dt=(1)%20New%20Freebie%20%3A%20ShareYourFreebies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=1103057214&gjid=222108294&cid=1458113965.1609611729&tid=UA-45034405-1&_gid=217467063.1609611729&_r=1&gtm=2oubu0&z=182756207 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 02 Jan 2021 18:22:08 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.shareyourfreebies.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 92 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c0c::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-45034405-1&cid=1458113965.1609611729&jid=1103057214&gjid=222108294&_gid=217467063.1609611729&_u=IEDAAUABAAAAAC~&z=1749929289 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sat, 02 Jan 2021 18:22:08 GMT content-type text/plain access-control-allow-origin https://www.shareyourfreebies.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	in.php Show response in.getclicky.com/	139 B 435 B	486ms 162ms	Script text/javascript	198.145.13.12 IINET-2044
General Check archive.org Show headers Download Go to Full URL https://in.getclicky.com/in.php?site_id=100600973&type=pageview&href=%2Fwelcome.php&title=(1)%20New%20Freebie%20%3A%20ShareYourFreebies&res=1600x1200&lang=en&jsuid=2595439203&mime=js&x=0.006873629484227317 Requested by Host: static.getclicky.com URL: https://static.getclicky.com/js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.145.13.12 , United States, ASN2044 (IINET-2044, US), Reverse DNS getclicky.com Software nginx / Resource Hash de1554de8f4705865411f64d1de40ffd42601157c6730b2672920857fff9499a Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 18:22:09 GMT content-encoding gzip server nginx vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache, must-revalidate, post-check=0, pre-check=0 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	trackpush.min.js Show response s3.amazonaws.com/trackpush/	45 KB 13 KB	106ms 106ms	Script text/javascript	52.217.66.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/trackpush/trackpush.min.js Requested by Host: money.advanceplatinum.com URL: https://money.advanceplatinum.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.66.62 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 081d8373ab6c9adcf00b696fdc23e2b714828cacb1ff435d8c79ebe2bdf396b6 Request headers Referer https://www.shareyourfreebies.com/welcome.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 02 Jan 2021 18:22:10 GMT Content-Encoding gzip Last-Modified Tue, 17 Nov 2020 22:49:50 GMT Server AmazonS3 x-amz-request-id B8C5D8473AC0568C ETag "9f48e6cbb2a6f7d39b407b9f877adddd" Content-Type text/javascript Cache-Control max-age=86400 Accept-Ranges bytes Content-Length 12838 x-amz-id-2 sNCElYTki3/Z+bC4yMK7gC6ekkcaeW66cYfOA/ES/jDNijdDV+GiCngattXr9lREeQzYKGrawlo=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

go.aramistrk.com

URL

http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=1307&source=SYF-PP-3-generic-0&request_id=&aff_sub=012-&aff_sub2=---012&aff_sub3=286baf12-e0cc-4404-8465-a0ea7cf49bb1&aff_sub4=&aff_sub5=&email=&firstname=&lastname=&dobmonth=&dobday=&dobyear=&gender=&address=&city2=&state=&zip=&areacode=&prefix=&number=

Domain

go.aramistrk.com

URL

http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=1307&source=SYF-PP-3-generic-0&request_id=&aff_sub=012-&aff_sub2=---012&aff_sub3=286baf12-e0cc-4404-8465-a0ea7cf49bb1&aff_sub4=&aff_sub5=&email=&firstname=&lastname=&dobmonth=&dobday=&dobyear=&gender=&address=&city2=&state=&zip=&areacode=&prefix=&number=

Domain

money.advanceplatinum.com

URL

https://money.advanceplatinum.com/chunk/106670/c27752d6-8040-4726-8776-b288603ae6b1.js

Domain

api.trustedform.com

URL

https://api.trustedform.com/certs