www.marshallfreeman.com Open in urlscan Pro
122.201.97.175 Public Scan

Software

Google Tag Manager /

Resource Hash

ef7eb55146085d2818eb4bf3babbb51167f674bfe426210e116ab75ade461871

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 22 Nov 2024 03:53:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 03:53:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 118114
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK feature-image.jpg
www.marshallfreeman.com/assets/img/ 218 KB
219 KB 1ms
1ms Image
image/jpeg 122.201.97.175
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.marshallfreeman.com/assets/img/feature-image.jpg
Requested by: Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/assets/css/styles.css?v=1.06
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 122.201.97.175 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ip7ac961af.ipv4.syd02.ds.network
Software: Apache /
Resource Hash: ed1509f96ac0072702bd0b812b4ba7acf894db4452d573584d99101505d89682

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/assets/css/styles.css?v=1.06

Response headers

Cache-Control: max-age=2592000
Connection: Keep-Alive
Expires: Sun, 22 Dec 2024 03:53:38 GMT
Accept-Ranges: bytes
Content-Length: 223650
Keep-Alive: timeout=5, max=91
Date: Fri, 22 Nov 2024 03:53:38 GMT
Last-Modified: Mon, 13 May 2019 02:30:29 GMT
Content-Type: image/jpeg
Server: Apache

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 242ms
18ms Font
font/woff2 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marshallfreeman.com
Referer: https://fonts.googleapis.com/

Response headers

age: 468533
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 17:44:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:44:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 241ms
19ms Font
font/woff2 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marshallfreeman.com
Referer: https://fonts.googleapis.com/

Response headers

age: 469002
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 17:36:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:36:56 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 242ms
19ms Font
font/woff2 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marshallfreeman.com
Referer: https://fonts.googleapis.com/

Response headers

age: 469452
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 17:29:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:29:26 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 243ms
19ms Font
font/woff2 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marshallfreeman.com
Referer: https://fonts.googleapis.com/

Response headers

age: 468422
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 17:46:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:46:36 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK feature-s05-bussinessman.jpg
www.marshallfreeman.com/assets/img/ 86 KB
86 KB 3ms
3ms Image
image/jpeg 122.201.97.175
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.marshallfreeman.com/assets/img/feature-s05-bussinessman.jpg
Requested by: Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 122.201.97.175 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ip7ac961af.ipv4.syd02.ds.network
Software: Apache /
Resource Hash: ab233e2efd0095302a3b4937674731337135104cffde70e24ecaacbcb74e6fdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

Cache-Control: max-age=2592000
Connection: Keep-Alive
Expires: Sun, 22 Dec 2024 03:53:38 GMT
Accept-Ranges: bytes
Content-Length: 87721
Keep-Alive: timeout=5, max=90
Date: Fri, 22 Nov 2024 03:53:38 GMT
Last-Modified: Mon, 13 May 2019 02:30:29 GMT
Content-Type: image/jpeg
Server: Apache

POST
H3 200 collect
www.google.com/ccm/ 0
0 356ms
140ms Ping
text/plain 142.251.42.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.marshallfreeman.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=899876455.1732247619&auid=121486096.1732247619&npa=0&gtm=45He4bk0v71016632za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732247619159&tfd=2628&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF4FBC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.42.196 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s47-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 447 KB
137 KB 221ms
219ms Script
application/javascript 216.58.220.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W1MG6H7NZT&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF4FBC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

8527db1749dddfe7d2d4a4acee24718f31358bde32b00300290b7b8bb53d0c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 03:53:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 140013
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 466ms
213ms Script
text/javascript 142.250.199.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF4FBC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-encoding: gzip
age: 4255
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 04:42:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 02:42:44 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
15 KB 37ms
6ms Script
application/javascript 23.32.5.109
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF4FBC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.5.109 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-32-5-109.deploy.static.akamaitechnologies.com

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=20705
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Fri, 22 Nov 2024 03:53:39 GMT
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 0
content-type: application/javascript;charset=utf-8
x-edgeconnect-origin-mex-latency: 697

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 248 KB
89 KB 278ms
276ms Script
application/javascript 216.58.220.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-797576520&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF4FBC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a62e05e2ac29b66f971791e2f67546f5cdaab2d8893e6c4b185d712b8a1f3d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 22 Nov 2024 03:53:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90928
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 286 KB
98 KB 285ms
283ms Script
application/javascript 216.58.220.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-958357872&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF4FBC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Google Tag Manager /

Resource Hash

3b5b64a53a81253a16d8f01c17670e6379d18eee769546df0beb69b2762bb1ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 22 Nov 2024 03:53:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100578
x-xss-protection: 0
server: Google Tag Manager

GET 5f0fbb945337640fea0000e4.js
tag.marinsm.com/serve/ 0
0

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 142ms
125ms Script
application/javascript 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 219023B596B9442380EF3F31211B9272 Ref B: SYD281080709031 Ref C: 2024-11-22T03:53:39Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Fri, 22 Nov 2024 03:53:38 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 13ms
4ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-fuMlIPVE' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-fuMlIPVE' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4429, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 0fNKycKtXlJFZeFv08Ri3x16BT2Z8C48kL2aUYJtnrFK9WF3rJEx+KfS2myCduRkH7ksvIY5BDKDUxoPGYMGJw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 20ms
8ms Script
application/javascript 108.158.16.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.16.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-16-221.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

vary: accept-encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"e31293f40e8a324de552ff593ee76a9b"
age: 2654
via: 1.1 1b68da67ecd8210b43b9ded7550536ca.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: q_-NCFovhkMZKu1u-YHm1vA8Dr_bIMihhMH_fCQaKZUAG2zJd5RaNw==
date: Fri, 22 Nov 2024 03:09:26 GMT
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P3
x-amz-server-side-encryption: AES256

GET
H2 200 htx0ym2wgo Show response
www.clarity.ms/tag/ 904 B
1 KB 231ms
207ms Script
application/x-javascript 13.107.246.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/htx0ym2wgo?ref=gtm2
Requested by: Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.35 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 82256a2204280fad19c6ef801a8e23c258c4cee68e4f8f070fd5ae00ff3085e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 904
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: application/x-javascript
x-azure-ref: 20241122T035339Z-15868f5fd77bbt4hhC1SYDadds00000003pg00000000vs98

GET
H2 200 htx0ym2wgo Show response
www.clarity.ms/tag/ 853 B
1 KB 231ms
208ms Script
application/x-javascript 13.107.246.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/htx0ym2wgo
Requested by: Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.35 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9e21355700c1d66a2fa57cc51a85abb9956d62d08bcf661eb39f9f66fde5494e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 853
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: application/x-javascript
x-azure-ref: 20241122T035339Z-15868f5fd77bbt4hhC1SYDadds00000003pg00000000vs99

GET
H2 204 td
www.googletagmanager.com/ 0
341 B 229ms
223ms Image
text/plain 216.58.220.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=GTM-NF4FBC&v=3&t=t&pid=661147034&dl=www.marshallfreeman.com%2F&tdp=GTM-NF4FBC;1016632;0;0;0&frm=0&rtg=1016632&slo=8&hlo=1&lst=1&z=0
Requested by: Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.220.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt20s17-in-f8.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 2F5E 0
0 483ms
225ms Document
text/html 216.58.220.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.marshallfreeman.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF4FBC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 03:53:37 GMT
expires: Sat, 22 Nov 2025 03:53:37 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
settings.luckyorange.net/ 129 B
914 B 267ms
247ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.marshallfreeman.com%2F&s=117855

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0940597bdc4ba2d27ee68a34e30fc749766e816c8fb236bcba07c7dabc8b7433

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rxGoUa4tS7H9tIT7sCenF3lrc676mujfoA%2BYgeD%2FmAHMZq3axASHIr0dXxTTCXx5JLFby%2BWjMvac%2BjIms7WIvwy38KFRsVSqSgFCN8aVFdJ1Xcn2it0c%2BuFr0xiErR1AzclKyQIZLm2GRg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
server-timing: cfL4;desc="?proto=TCP&rtt=684&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3981&recv_bytes=2326&delivery_rate=5823056&cwnd=254&unsent_bytes=0&cid=6dc1d38ff83bbdc4&ts=252&x=0"
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: application/json
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e65f9442fe7e7e8-SYD
access-control-allow-origin: https://www.marshallfreeman.com
content-length: 121
server: cloudflare

GET
H3 200 2112938815673297 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 4ms
4ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2112938815673297?v=2.9.176&r=stable&domain=www.marshallfreeman.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ff6d760ed4ffd2c2c1eb622888907e1986949a3ceb83710a00ec64bfa8397ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-kulX1WcX' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-kulX1WcX' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=71, mss=1232, tbw=70844, tp=67, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: RriY6cG+RZygCiDv3w9ZbQny8zv51Lb+3m4tLdux+bSPIYD6ageGYko/1zoGV5RLPei8BbSnvIlJdyiIdT0VMA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 13449
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
761 B 204ms
189ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=120220&time=1732247619231&url=https%3A%2F%2Fwww.marshallfreeman.com%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://www.marshallfreeman.com/

Response headers

x-li-pop: afd-prod-ltx1-x
content-encoding: gzip
x-fs-uuid: 000627785403712c1950274e4d2efc1a
x-msedge-ref: Ref A: A1118E3E3E304C89A56DB316926E288D Ref B: SYD03EDGE1612 Ref C: 2024-11-22T03:53:39Z
x-li-fabric: prod-ltx1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYneFQDcSwZUCdOTS78Gg==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 22 Nov 2024 03:53:38 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120220&time=1732247619231&li_adsId=b0a4791a-8724-4217-9d7c-54c2c3b83a42&url=https%3A%2F%2Fwww.marshallfreeman.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120220&time=1732247619231&li_adsId=b0a4791a-8724-4217-9d7c-54c2c3b83a42&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D120220%26time%3D1732247619231%26li_adsId%3Db0a4791a-8724-4217-9d7c-54c2c3b83a42%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120220&time=1732247619231&li_adsId=b0a4791a-8724-4217-9d7c-54c2c3b83a42&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&cookiesTest=true&liSync=true

0
383 B

184ms
184ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120220&time=1732247619231&li_adsId=b0a4791a-8724-4217-9d7c-54c2c3b83a42&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&cookiesTest=true&liSync=true
Requested by: Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3FA32ECE941B41F78CE92BC96AD91258 Ref B: SYD03EDGE1921 Ref C: 2024-11-22T03:53:39Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYneFQN9jMSM/4o93lNoQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
cf-cache-status: DYNAMIC
x-li-fabric: prod-ltx1
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-li-proto: http/2
date: Fri, 22 Nov 2024 03:53:39 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000
x-li-pop: cf-prod-ltx1-x
content-security-policy: frame-ancestors 'self'
cache-control: no-cache, no-store
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120220&time=1732247619231&li_adsId=b0a4791a-8724-4217-9d7c-54c2c3b83a42&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&cookiesTest=true&liSync=true
pragma: no-cache
cf-ray: 8e65f94719dca949-SYD
x-li-uuid: AAYneFQKj0f8bXB+OuPBvg==
content-length: 0
server: cloudflare

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 9ms
3ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2112938815673297&ev=PageView&dl=https%3A%2F%2Fwww.marshallfreeman.com&rl=&if=false&ts=1732247619251&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1732247619245.71207945806077904&pm=1&hrl=f574b1&ler=empty&cdl=API_unavailable&it=1732247619223&coo=false&cs_cc=1&cas=2238955032849033&rqm=GET

Requested by

Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4478, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 257ms
252ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2112938815673297&ev=PageView&dl=https%3A%2F%2Fwww.marshallfreeman.com&rl=&if=false&ts=1732247619251&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1732247619245.71207945806077904&pm=1&hrl=f574b1&ler=empty&cdl=API_unavailable&it=1732247619223&coo=false&cs_cc=1&cas=2238955032849033&rqm=FGET

Requested by

Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439946873924832031"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Zh9vxP2vnEx/Es1FwxoKLST5Ln5TVT1QWNgRexSRwgDWheGGbkDlJXZ120VJSgrArfpkDXuwPF1vl+k5OIk8KA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439946873924832031", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4846, tp=13, tpl=0, uplat=248, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 5436957.js Show response
bat.bing.com/p/action/ 363 B
423 B 123ms
123ms Script
application/javascript 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5436957.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 051256BF8C2D4247AFCC743248E499C8 Ref B: SYD281080709031 Ref C: 2024-11-22T03:53:39Z
x-cache: CONFIG_NOCACHE
date: Fri, 22 Nov 2024 03:53:38 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 7ms
6ms Script
application/javascript 13.107.246.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/htx0ym2wgo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.35 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

x-azure-ref: 20241122T035339Z-15868f5fd77bbt4hhC1SYDadds00000003pg00000000vs9p
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 4869fe2d-601e-0050-1083-38ec8b000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 19:41:29 GMT

GET
H2 204 0
bat.bing.com/action/ 0
361 B 123ms
122ms Image
text/plain 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5436957&Ver=2&mid=ce8ded0c-55b7-4d8d-98d2-7b10dbc05d42&bo=1&sid=5bbb3670a88511ef98b9f74d6aad14c1&vid=5bbb46a0a88511efa04ca10168500743&vids=1&msclkid=N&pi=918639831&lg=en-AU&sw=1600&sh=1200&sc=24&tl=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&p=https%3A%2F%2Fwww.marshallfreeman.com%2F&r=&lt=1874&evt=pageLoad&sv=1&cdb=AQAQ&rn=768705

Requested by

Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E4CA9642E3545B4B29FFD0F17201183 Ref B: SYD281080709031 Ref C: 2024-11-22T03:53:39Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 22 Nov 2024 03:53:38 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
287 B 861ms
449ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.marshallfreeman.com/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://www.marshallfreeman.com
Date: Fri, 22 Nov 2024 03:53:40 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 collect
analytics.google.com/g/ 0
0 203ms
102ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-W1MG6H7NZT&gtm=45je4bk0v896758714z871016632za200zb71016632&_p=1732247618350&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=712059996.1732247620&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1732247619&sct=1&seg=0&dl=https%3A%2F%2Fwww.marshallfreeman.com%2F&dt=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3084
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1MG6H7NZT&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.marshallfreeman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 03:53:39 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
269 B 580ms
287ms Ping
text/plain 64.233.189.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-W1MG6H7NZT&cid=712059996.1732247620&gtm=45je4bk0v896758714z871016632za200zb71016632&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1MG6H7NZT&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.189.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tl-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.marshallfreeman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 03:53:40 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 84DE 0
0 418ms
160ms Document
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-W1MG6H7NZT&gacid=712059996.1732247620&gtm=45je4bk0v896758714z871016632za200zb71016632&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=152034794

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1MG6H7NZT&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.marshallfreeman.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 03:53:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 309ms
164ms Image
image/gif 216.58.220.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-W1MG6H7NZT&cid=712059996.1732247620&gtm=45je4bk0v896758714z871016632za200zb71016632&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1446891638

Requested by

Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 03:53:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/797576520/ 5 KB
2 KB 385ms
158ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/797576520/?random=1732247619679&cv=11&fst=1732247619679&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-797576520&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a53712c18d4f479e86a7d86ff2387648006e2442cf3a72fe5a149f31ce08f797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2324
date: Fri, 22 Nov 2024 03:53:39 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 797576520
td.doubleclick.net/td/rul/ Frame 1785 0
0 454ms
254ms Document
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/797576520?random=1732247619679&cv=11&fst=1732247619679&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-797576520&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.marshallfreeman.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 03:53:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/958357872/ 5 KB
2 KB 339ms
161ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958357872/?random=1732247619725&cv=11&fst=1732247619725&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&label=RSb2CPfewr8BEPDC_cgD&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-958357872&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeb153c24ed8ee2f1b9d9c891096e5b76348a002125a015b1f5169b42a739925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2377
date: Fri, 22 Nov 2024 03:53:39 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 958357872
td.doubleclick.net/td/rul/ Frame 898C 0
0 468ms
319ms Document
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/958357872?random=1732247619725&cv=11&fst=1732247619725&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&label=RSb2CPfewr8BEPDC_cgD&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-958357872&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f14.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.marshallfreeman.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 03:53:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
427 B 221ms
219ms XHR
text/plain 142.250.199.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1230713565&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marshallfreeman.com%2F&ul=en-au&de=UTF-8&dt=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAEK~&jid=679686248&gjid=773663971&cid=712059996.1732247620&tid=UA-59570092-1&_gid=1075958814.1732247620&_slc=1&gtm=45He4bk0n71NF4FBCv71016632za200&cd5=1732247619165.3rr362cm&cd6=2024-11-22T11%3A53%3A39.166%2B08%3A00&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cd4=712059996.1732247620&z=7098357

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.marshallfreeman.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 03:53:39 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.marshallfreeman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
652 B 417ms
287ms XHR
text/plain 64.233.189.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-59570092-1&cid=712059996.1732247620&jid=679686248&gjid=773663971&_gid=1075958814.1732247620&_u=YCDAgEABAAAAAGAEK~&z=154067743

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.189.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.marshallfreeman.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 03:53:40 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://www.marshallfreeman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 /
www.google.com/pagead/1p-user-list/958357872/ 42 B
64 B 151ms
150ms Image
image/gif 142.251.42.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958357872/?random=1732247619725&cv=11&fst=1732244400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&label=RSb2CPfewr8BEPDC_cgD&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dUVzGappPgngEY02d8QUETsIDpwFAwA&random=3437372852&rmt_tld=0&ipr=y

Requested by

Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.196 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 03:53:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/958357872/ 42 B
64 B 153ms
152ms Image
image/gif 216.58.220.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/958357872/?random=1732247619725&cv=11&fst=1732244400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&label=RSb2CPfewr8BEPDC_cgD&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dUVzGappPgngEY02d8QUETsIDpwFAwA&random=3437372852&rmt_tld=1&ipr=y

Requested by

Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 03:53:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/797576520/ 42 B
64 B 149ms
148ms Image
image/gif 142.251.42.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/797576520/?random=1732247619679&cv=11&fst=1732244400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dq1fsvUz0HtE3pM6mDj9tAbigNOrFSw&random=1348201946&rmt_tld=0&ipr=y

Requested by

Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.196 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 03:53:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/797576520/ 42 B
64 B 151ms
150ms Image
image/gif 216.58.220.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/797576520/?random=1732247619679&cv=11&fst=1732244400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dq1fsvUz0HtE3pM6mDj9tAbigNOrFSw&random=1348201946&rmt_tld=1&ipr=y

Requested by

Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 03:53:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
201 B 195ms
194ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.marshallfreeman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D82ACCA8E821408289E7AA6D1A30571E Ref B: SYD03EDGE1921 Ref C: 2024-11-22T03:53:40Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYneFQQ8bWlO0eghqWBSQ==
x-li-proto: http/2
access-control-allow-origin: https://www.marshallfreeman.com
x-cache: CONFIG_NOCACHE
date: Fri, 22 Nov 2024 03:53:39 GMT
vary: Origin

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=29686D2BC8CE470CAA7245FE428AF928&RedC=c.clarity.ms&MXFR=29EAFADF2C6B6FC63763EFE0286B6103
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=29686D2BC8CE470CAA7245FE428AF928&MUID=3614174830836D6F1558027731866C6D

42 B
442 B

217ms
217ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=29686D2BC8CE470CAA7245FE428AF928&MUID=3614174830836D6F1558027731866C6D
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Fri, 22 Nov 2024 03:53:40 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=29686D2BC8CE470CAA7245FE428AF928&MUID=3614174830836D6F1558027731866C6D
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 20540F3CFEB344B28D8E99A3763BD647 Ref B: SYD03EDGE2008 Ref C: 2024-11-22T03:53:41Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Fri, 22 Nov 2024 03:53:40 GMT
x-powered-by: ASP.NET

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/797576520/ 6 KB
2 KB 159ms
159ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/797576520/?random=1732247620244&cv=11&fst=1732247620244&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=mf_dynx_itemid%3Dmf_home%3Bmf_dynx_itemid2%3D0%3Bmf_dynx_pagetype%3Dmf_home%3Bmf_dynx_totalvalue%3D0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-797576520&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10df036b83a064770e1abaefec2e694a1686980a8379db4920fe098b4c601b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2395
date: Fri, 22 Nov 2024 03:53:40 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 797576520
td.doubleclick.net/td/rul/ Frame 7838 0
0 151ms
150ms Document
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/797576520?random=1732247620244&cv=11&fst=1732247620244&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=mf_dynx_itemid%3Dmf_home%3Bmf_dynx_itemid2%3D0%3Bmf_dynx_pagetype%3Dmf_home%3Bmf_dynx_totalvalue%3D0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-797576520&l=dataLayer&cx=c&gtm=45He4bk0v71016632za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.marshallfreeman.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 03:53:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK favicon.ico
www.marshallfreeman.com/assets/favicon/ 15 KB
15 KB 3ms
3ms Other
image/x-icon 122.201.97.175
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marshallfreeman.com/assets/favicon/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 122.201.97.175 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ip7ac961af.ipv4.syd02.ds.network
Software: Apache /
Resource Hash: a5135bef3f102e0a2bc3fc1644e250efad305df15d9b3b4ae5b6d515957c1937

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

Cache-Control: max-age=2592000
Connection: Keep-Alive
Expires: Sun, 22 Dec 2024 03:53:40 GMT
Accept-Ranges: bytes
Content-Length: 15086
Keep-Alive: timeout=5, max=89
Date: Fri, 22 Nov 2024 03:53:40 GMT
Last-Modified: Mon, 20 May 2019 02:25:35 GMT
Vary: User-Agent
Server: Apache
Content-Type: image/x-icon

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
28 KB 754ms
235ms Script
text/javascript 108.158.32.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.marshallfreeman.com
URL: https://www.marshallfreeman.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-57.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: XRapE5DFdXRGc5myIfsDq4zGHQVtai2E
Etag: W/"792eca3181a87960d692c005437f63e0"
Age: 3269
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: fbY8E32hueGp0UuI7YMytZ0YeM2Eh4C_vIEY-lAWUAATx2uBIdfeVA==
Date: Fri, 22 Nov 2024 02:59:12 GMT
Content-Type: text/javascript
Vary: accept-encoding
Last-Modified: Tue, 15 Oct 2024 15:51:52 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 26131a3cde08b60652129237128292a2.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SYD3-P2
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H3 200 /
www.google.com/pagead/1p-user-list/797576520/ 42 B
64 B 145ms
144ms Image
image/gif 142.251.42.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/797576520/?random=1732247620244&cv=11&fst=1732244400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=mf_dynx_itemid%3Dmf_home%3Bmf_dynx_itemid2%3D0%3Bmf_dynx_pagetype%3Dmf_home%3Bmf_dynx_totalvalue%3D0&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d-96TRPJAskLfL3VS1OvqNtWSGRLFMieFYyIqeWJ_fa-dYPDk&random=3832975023&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.196 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marshallfreeman.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 03:53:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/797576520/ 42 B
64 B 147ms
147ms Image
image/gif 216.58.220.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/797576520/?random=1732247620244&cv=11&fst=1732244400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871016632za201zb71016632&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marshallfreeman.com%2F&hn=www.googleadservices.com&frm=0&tiba=Debt%20Collection%20Experts%20-%20Marshall%20Freeman&npa=0&pscdl=noapi&auid=121486096.1732247619&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=mf_dynx_itemid%3Dmf_home%3Bmf_dynx_itemid2%3D0%3Bmf_dynx_pagetype%3Dmf_home%3Bmf_dynx_totalvalue%3D0&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d-96TRPJAskLfL3VS1OvqNtWSGRLFMieFYyIqeWJ_fa-dYPDk&random=3832975023&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS