save.freedomdebtrelief.com Open in urlscan Pro
2a00:1450:4001:809::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_...
Effective URL:
https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_...
Submission: On August 24 via manual (August 24th 2019, 10:53:31 pm UTC) from US

Summary HTTP 38 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 22 IPs in 9 countries across 24 domains to perform 38 HTTP transactions. The main IP is 2a00:1450:4001:809::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE - Google LLC, US. The main domain is save.freedomdebtrelief.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on March 20th 2017. Valid for: 3 years.

This is the only time save.freedomdebtrelief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a00:1450:400... 2a00:1450:4001:809::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700::68... 2606:4700::6813:c797	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:816::2010	15169 (GOOGLE) (GOOGLE - Google LLC)
1	94.31.29.96 94.31.29.96	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.104.26 147.75.104.26	54825 (PACKET) (PACKET - Packet Host)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	178.250.2.130 178.250.2.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a04:4e42:3::84 2a04:4e42:3::84	54113 (FASTLY) (FASTLY - Fastly)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2.21.37.27 2.21.37.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a02:26f0:f1:... 2a02:26f0:f1:183::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.197.59 147.75.197.59	54825 (PACKET) (PACKET - Packet Host)
1	147.75.76.93 147.75.76.93	54825 (PACKET) (PACKET - Packet Host)
38	22

3 2a00:1450:4001:809::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

save.freedomdebtrelief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.96 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.96.IPYX-077437-ZYO.above.net

3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.104.26 (Central, Hong Kong)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ewr-k1-26

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::84 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.37.27 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-37-27.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:183::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.197.59 (Tokyo, Japan)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ewr-k1-21

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.76.93 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	74 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	googleapis.com fonts.googleapis.com storage.googleapis.com	9 KB
3	cloudflare.com cdnjs.cloudflare.com	35 KB
3	freedomdebtrelief.com save.freedomdebtrelief.com	250 KB
2	pinterest.com ct.pinterest.com	642 B
2	pinimg.com s.pinimg.com	46 KB
2	yimg.com s.yimg.com	6 KB
2	facebook.net connect.facebook.net	34 KB
2	bing.com bat.bing.com	7 KB
2	googletagmanager.com www.googletagmanager.com	63 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	optimizely.com cdn.optimizely.com	98 KB
1	facebook.com www.facebook.com	245 B
1	google.de www.google.de	374 B
1	google.com 1 redirects www.google.com	456 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	351 B
1	taboola.com trc.taboola.com	431 B
1	criteo.net static.criteo.net	10 KB
1	netdna-ssl.com 3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com	9 KB
0	criteo.com Failed sslwidget.criteo.com Failed
0	outbrain.com Failed amplifypixel.outbrain.com Failed
0	sc-static.net Failed sc-static.net Failed
0	mathtag.com Failed pixel.mathtag.com Failed
38	24

	Domain	Requested by
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com save.freedomdebtrelief.com
3	cdnjs.cloudflare.com	save.freedomdebtrelief.com
3	save.freedomdebtrelief.com	save.freedomdebtrelief.com
2	ct.pinterest.com	s.pinimg.com save.freedomdebtrelief.com
2	s.pinimg.com	save.freedomdebtrelief.com s.pinimg.com
2	s.yimg.com	save.freedomdebtrelief.com s.yimg.com
2	connect.facebook.net	save.freedomdebtrelief.com connect.facebook.net
2	bat.bing.com	save.freedomdebtrelief.com
2	www.googletagmanager.com	save.freedomdebtrelief.com www.googletagmanager.com
2	storage.googleapis.com	save.freedomdebtrelief.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	fonts.gstatic.com	save.freedomdebtrelief.com
1	cdn.optimizely.com	save.freedomdebtrelief.com
1	www.facebook.com	save.freedomdebtrelief.com
1	www.google.de	save.freedomdebtrelief.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	trc.taboola.com	save.freedomdebtrelief.com
1	static.criteo.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com	save.freedomdebtrelief.com
1	fonts.googleapis.com	save.freedomdebtrelief.com
0	sslwidget.criteo.com Failed	static.criteo.net
0	amplifypixel.outbrain.com Failed	save.freedomdebtrelief.com
0	sc-static.net Failed	save.freedomdebtrelief.com
0	pixel.mathtag.com Failed	www.googletagmanager.com
38	27

This site contains links to these domains. Also see Links.

Domain
www.freedomdebtrelief.com

Subject Issuer	Validity	Valid
*.freedomdebtrelief.com COMODO RSA Domain Validation Secure Server CA	`2017-03-20` - `2020-04-05`	3 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.storage.googleapis.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-18` - `2020-02-27`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-08-13` - `2019-09-27`	a month	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
www.google.de Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
cdn.optimizely.com DigiCert ECC Secure Server CA	`2018-11-24` - `2020-02-23`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
Frame ID: 8CA476F6842DA7F907913912AEA0E7EE
Requests: 37 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 84F7538D53C822B0C0270D90D0B46FFD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

38
Requests

89 %
HTTPS

70 %
IPv6

24
Domains

27
Subdomains

22
IPs

9
Countries

670 kB
Transfer

2453 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.freedomdebtrelief.com/

Search URL Search Domain Scan URL

URL: https://www.freedomdebtrelief.com/privacy-policy
Title: Privacy Policy|

Search URL Search Domain Scan URL

URL: https://www.freedomdebtrelief.com/terms/
Title: Terms of Use|

Search URL Search Domain Scan URL

URL: https://www.freedomdebtrelief.com/contact
Title: Contact Us|

Search URL Search Domain Scan URL

URL: https://www.freedomdebtrelief.com/politica-de-privacidad
Title: Política de privacidad|

Search URL Search Domain Scan URL

URL: https://www.freedomdebtrelief.com/terminos-de-servicio
Title: Terminos de servicio|

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-131129682-3&cid=1785134305.1566687175&jid=1964272365&gjid=1142137598&_gid=1223419660.1566687175&_u=aGBAgUAj~&z=683355187 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1785134305.1566687175&jid=1964272365&_v=j79&z=683355187 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1785134305.1566687175&jid=1964272365&_v=j79&z=683355187&slf_rd=1&random=476411137

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mm Show response
save.freedomdebtrelief.com/ 10 KB
4 KB 560ms
488ms Document
text/html 2a00:1450:4001:809::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: 47c0bf4a6d62d9b5acb593bd4b3fb6b528f75a087a5868d50c07fb69b4d126bd

Request headers

:method: GET
:authority: save.freedomdebtrelief.com
:scheme: https
:path: /mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Sat, 24 Aug 2019 22:52:54 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"283d-scL4PLZcWGhbRfOQHrgPezOhy8s"
content-encoding: gzip
via: 1.1 google

GET
H2 200 custom-elements-es5-adapter.js Show response
cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/ 924 B
519 B 93ms
18ms Script
application/javascript 2606:4700::6813:c797
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/custom-elements-es5-adapter.js

Requested by

Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e68fa68924149dfb8c3f703ed3a823a419e9ab40ca6ee1810b64797369c5db26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 514217
status: 200
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Fri, 19 Apr 2019 23:15:55 GMT
server: cloudflare
etag: W/"5cba56ab-39c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 50b8e63b0834cba4-VIE
expires: Thu, 13 Aug 2020 22:52:54 GMT

GET
H2 200 webcomponents-loader.js Show response
cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/ 6 KB
2 KB 91ms
18ms Script
application/javascript 2606:4700::6813:c797
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/webcomponents-loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4225261
status: 200
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Fri, 19 Apr 2019 23:15:53 GMT
server: cloudflare
etag: W/"5cba56a9-1880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 50b8e63b1836cba4-VIE
expires: Thu, 13 Aug 2020 22:52:54 GMT

GET
H2 200 webcomponents-bundle.js Show response
cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/ 109 KB
32 KB 43ms
22ms Script
application/javascript 2606:4700::6813:c797
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/webcomponents-bundle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

695046c5e4f10b710a74a13166979d6bac1a4a5c4845ea95e298b49db9583bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8265325
status: 200
served-in-seconds: 0.003
timing-allow-origin: *
last-modified: Fri, 19 Apr 2019 23:15:55 GMT
server: cloudflare
etag: W/"5cba56ab-1b2b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 50b8e63b1838cba4-VIE
expires: Thu, 13 Aug 2020 22:52:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
794 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 24 Aug 2019 22:52:54 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sat, 24 Aug 2019 22:52:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Sat, 24 Aug 2019 22:52:54 GMT

GET
H2 200 style.4abe8.css
save.freedomdebtrelief.com/ 172 KB
29 KB 532ms
532ms Stylesheet
text/css 2a00:1450:4001:809::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://save.freedomdebtrelief.com/style.4abe8.css
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: 1c649093dfa1281de572fc3d6a50d030765c12f5fef9b06c751721bbbbf3c0b1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:55 GMT
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 17:35:56 GMT
status: 200
x-powered-by: Express
etag: W/"2b17b-16cb0197d15"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
via: 1.1 google

GET
H2 200 freedom_logo.svg
storage.googleapis.com/fdr-static/ 6 KB
7 KB 32ms
7ms Image
image/svg+xml 2a00:1450:4001:816::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/fdr-static/freedom_logo.svg
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 64b7d52bdefcc8d47feca9cfc8fa87db9c0eb328efb4202c991b7ed6971cc07d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:34:13 GMT
age: 1121
x-guploader-uploadid: AEnB2UrEkhRYi0xI4xObyqmVuo2Fs0_ZfdDMq_D5bWAiFWlBDsk45s_uFeeg_3a9JcUEwiKrZelIUwb9ZBIKKzO3aNeHdHggVA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 6651
last-modified: Thu, 20 Sep 2018 21:13:25 GMT
server: UploadServer
etag: "8d245e4e3ca9901e1515879001633f2f"
x-goog-hash: crc32c=cBe3sw==, md5=jSReTjypkB4VFYeQAWM/Lw==
x-goog-generation: 1537478005222156
cache-control: public, max-age=3600
x-goog-stored-content-length: 6651
accept-ranges: bytes
content-type: image/svg+xml
expires: Sat, 24 Aug 2019 23:34:13 GMT

GET
H2 200 phone.png
storage.googleapis.com/fdr-save-dev.appspot.com/ 1 KB
2 KB 200ms
177ms Image
image/png 2a00:1450:4001:816::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/fdr-save-dev.appspot.com/phone.png
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4aa1627f50d39f26bb0787baca119ee10426ad10bb71443457de24386cee737d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:55 GMT
x-guploader-uploadid: AEnB2Ur-wTHKAw0RpJoGpFbZ48FKys0YMnHecVODKsQPJV18mkxOAVb5VlW5dipgh2h2QEbqzQ_S3YqkEmhXfJHeSd6vK7psXw
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1437
last-modified: Fri, 06 Jul 2018 21:21:34 GMT
server: UploadServer
etag: "2b650b8601cfd2dbb403316ebef56bc3"
x-goog-hash: crc32c=Nx+kHw==, md5=K2ULhgHP0tu0AzFuvvVrww==
x-goog-generation: 1530912094014429
cache-control: public, max-age=3600
x-goog-stored-content-length: 1437
accept-ranges: bytes
content-type: image/png
expires: Sat, 24 Aug 2019 23:52:55 GMT

GET
H2 200 bundle.3ab76.js Show response
save.freedomdebtrelief.com/ 734 KB
217 KB 537ms
535ms Script
application/javascript 2a00:1450:4001:809::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://save.freedomdebtrelief.com/bundle.3ab76.js
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: 1747a6b9d2d93ba3655f85e728d5f7111742e035e3c2e898db3b1b5566f55034

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:55 GMT
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 17:35:56 GMT
status: 200
x-powered-by: Express
etag: W/"b7960-16cb0197d15"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
via: 1.1 google

GET
H2 200 afcc_logo.png
3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com/wp-content/uploads/2018/04/ 9 KB
9 KB 1091ms
18ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com/wp-content/uploads/2018/04/afcc_logo.png
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 0c05647269824e0b6793e4470d927dda61f930760addf060d175662cb82cf064

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:55 GMT
last-modified: Thu, 11 Jul 2019 00:40:32 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5d268580-2255"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 8789

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 84 KB
27 KB 72ms
46ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K94RSCD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c2dffed35c3524f89a3bffd4944b3456a2f85ff54c8e335b9aeba17e29d1c13

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:54 GMT
content-encoding: br
last-modified: Sat, 24 Aug 2019 21:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 27102
x-xss-protection: 0
expires: Sat, 24 Aug 2019 22:52:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
18 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94RSCD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5216
date: Sat, 24 Aug 2019 21:25:58 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Sat, 24 Aug 2019 23:25:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
36 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-XPW2&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94RSCD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c12b6faca90dcb67ba5770ba20fccb0b41e3879d01116040aa4e9569400c614

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:54 GMT
content-encoding: br
last-modified: Sat, 24 Aug 2019 21:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 36512
x-xss-protection: 0
expires: Sat, 24 Aug 2019 22:52:54 GMT

GET
H2 200 hotjar-671675.js Show response
static.hotjar.com/c/ 4 KB
2 KB 3413ms
193ms Script
application/javascript 147.75.104.26
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-671675.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XPW2&l=dataLayer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.104.26 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ewr-k1-26

Software

openresty /

Resource Hash

17af8b5aa22e188484cbfe9b7115ef56ce87dd43d09cba77a2a8dd0196b12ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
section-io-tag: hotjar
age: 59
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 1869
server: openresty
cache-control: max-age=60
x-frame-options: SAMEORIGIN
etag: W/b8d95c5febe635338a0d18d583617600
access-control-max-age: 600
section-io-origin-status: 304
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.348
section-io-id: 7b19863571cb264433d3c65d9dcebada
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 47ms
46ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 6b4c72b8214beaceed57a85c54eed2c61cfc4911b3d677db9a6e00849ef6be05

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:54 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 18:53:49 GMT
x-msedge-ref: Ref A: 1D0B823BB6C2412F9E731F8B00704BC4 Ref B: VIEEDGE1320 Ref C: 2019-08-24T22:52:55Z
status: 200
etag: "809cac9e6349d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7126

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 23404
x-xss-protection: 0
pragma: public
x-fb-debug: LIh7eVcJ02CgtfyvmBTpfhekv9atY1lqC5qW6OC4T90YnpV4bveTvoYs3uAq2E9XAiNViJ8l0YqYGbtDzWtf4A==
x-fb-trip-id: 365799557
x-frame-options: DENY
date: Sat, 24 Aug 2019 22:52:55 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
5 KB 41ms
13ms Script
application/javascript 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

97fd47b2a2bc905922463b3ba0b0d726eaf214cd02540466cebc102a32348e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 999
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: 746A1494A9FE895C
x-amz-id-2: jQc0mP/yCgh0ubFl/zq/4VBTZeEu0UVvsayI8DSN5UZOo4zCErPZ7l8S/UPGFYh9FEEReOB/ScU=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 28 Aug 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 24 Jul 2019 11:33:24 GMT
server: ATS
etag: "f0737c96607a897bd5c4b86e364b3e28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: O__PgtPqBm2npiKf3ZYV0ppfblQUYlnj
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 4934
content-type: application/javascript

GET
H/1.1 200
OK ld.js Show response
static.criteo.net/js/ld/ 29 KB
10 KB 509ms
20ms Script
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XPW2&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: d4cd0793770cdc3a88d0960bb1655ea2fab4b6f828bdb6a31f90bce008a9ed01

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 22:52:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jul 2019 16:15:10 GMT
Server: nginx
ETag: W/"5d406d0e-75ed"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Timing-Allow-Origin: *
Expires: Sun, 25 Aug 2019 22:52:55 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 22ms
6ms Script
application/javascript 2a04:4e42:3::84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: efd9de3afabf343e13c305fa182024238ff8e24025e5c88c6c5d56b0a88480cd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:55 GMT
fastly-restarts: 1
x-cdn: fastly
status: 200
etag: "1e214e15ac165378f0589400974edd54"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1097
access-control-expose-headers: X-CDN

GET js
pixel.mathtag.com/event/ 0
0

GET scevent.min.js
sc-static.net/ 0
0

GET pixel
amplifypixel.outbrain.com/ 0
0

GET
H2 204 mark
trc.taboola.com/bills-slw-debt/log/3/ 0
431 B 15380ms
61ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/bills-slw-debt/log/3/mark?marking-type=Retargeting_06_26&item-url={encoded_page_url}&gtmcb=832826883
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 22:53:10 GMT
via: 1.1 varnish
server: nginx
x-timer: S1566687190.385315,VS0,VE8
x-served-by: cache-hhn4025-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1009 B 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 13
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 856
x-xss-protection: 0
expires: Sat, 24 Aug 2019 23:52:42 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
197 B 6ms
6ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1310434521&t=pageview&_s=1&dl=https%3A%2F%2Fsave.freedomdebtrelief.com%2Fmm%23%2Fmm%2Festimated_debt%3Futm_medium%3Ddisplay%26utm_source%3Dmm%26utm_account%3DFDR%26utm_campaign%3D547671%26utm_adgroup%3D4820419%26utm_term%3D1443016199664600019%26utm_content%3D6473760&dr=&dp=%2Fmmmm%2Festimated_debt%3Futm_medium%3Ddisplay%26utm_source%3Dmm%26utm_account%3DFDR%26utm_campaign%3D547671%26utm_adgroup%3D4820419%26utm_term%3D1443016199664600019%26utm_content%3D6473760&ul=en-us&de=UTF-8&dt=Will%20Debt%20Relief%20Help%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAj~&jid=1964272365&gjid=1142137598&cid=1785134305.1566687175&tid=UA-131129682-3&_gid=1223419660.1566687175&gtm=2wg8e1K94RSCD&cd1=GTM-K94RSCD&cd2=14&cd3=&cd4=1566687174952.j2oe9ajq&cd5=GA%20Page%20View%20-%20Core%20Page%20View&cd6=1785134305.1566687175&z=1105113564

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2019 01:34:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1027083
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-131129682-3&cid=1785134305.1566687175&jid=1964272365&gjid=1142137598&_gid=1223419660.1566687175&_u=aGBAgUAj~&z=683355187
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1785134305.1566687175&jid=1964272365&_v=j79&z=683355187
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1785134305.1566687175&jid=1964272365&_v=j79&z=683355187&slf_rd=1&random=476411137

42 B
374 B

47ms
18ms

Image
image/gif

2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1785134305.1566687175&jid=1964272365&_v=j79&z=683355187&slf_rd=1&random=476411137

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 22:52:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Aug 2019 22:52:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1785134305.1566687175&jid=1964272365&_v=j79&z=683355187&slf_rd=1&random=476411137
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 219272468277337 Show response
connect.facebook.net/signals/config/ 34 KB
10 KB 49ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/219272468277337?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

daecbf29bdb3450f5eddb76e089682de4b2a2dd126ff243c10af0cbf0e8fb28a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-xss-protection: 0
pragma: public
x-fb-debug: 25evQX1rkxIoAQ1iE+XcEhFsAizqUjRh556B1HZeEIeJDUUhFY0N0CVkgyaBu+nI97EeIBcRI4yAyRTlZc41mg==
x-fb-trip-id: 365799557
x-frame-options: DENY
date: Sat, 24 Aug 2019 22:52:55 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.532239b0.js Show response
s.pinimg.com/ct/lib/ 45 KB
45 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.532239b0.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 10c3b1b8d9b03f13651f16b74cddff7a133468381315b1dcef26afdca5df8958

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:55 GMT
fastly-restarts: 1
x-cdn: fastly
status: 200
etag: "42f2d9232667759ed210155c5be8d336"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 45836
access-control-expose-headers: X-CDN

GET
H2 200 10007046.json Show response
s.yimg.com/wi/config/ 2 B
481 B 249ms
224ms XHR
application/json 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10007046.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 5895A80EACFBD682
x-amz-id-2: xRJN7C/SRrujQkoP2Vr2jwPxyaH6CJwXm2hOsNh+mNprrvMieGsBOzVGTFqp/pl0YNIglE1YiAE=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 200 / Show response
ct.pinterest.com/user/ 35 B
360 B 15686ms
140ms XHR
image/gif 2.21.37.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2618847060959&pd=%7B%22em%22%3A%22eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c%22%7D&cb=1566687175065

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.532239b0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.21.37.27 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-37-27.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Sec-Fetch-Mode: cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 22:53:10 GMT
x-cdn: akamai
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: https://save.freedomdebtrelief.com
access-control-expose-headers: Epik
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 5513325941933870
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
282 B 15755ms
210ms Image
image/gif 2.21.37.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2618847060959&pd=%7B%22em%22%3A%22eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsave.freedomdebtrelief.com%2Fmm%3Futm_medium%3Ddisplay%26utm_source%3Dmm%26utm_account%3DFDR%26utm_campaign%3D547671%26utm_adgroup%3D4820419%26utm_term%3D1443016199664600019%26utm_content%3D6473760%23%2Fmm%2Festimated_debt%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1566687175065

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.21.37.27 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-37-27.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 22:53:10 GMT
x-cdn: akamai
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 3363561943423937
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
117 B 48ms
47ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4075976&Ver=2&mid=6f8137e7-096a-eda1-198e-e2b28f7a9700&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Will%20Debt%20Relief%20Help%3F&p=https%3A%2F%2Fsave.freedomdebtrelief.com%2Fmm%3Futm_medium%3Ddisplay%26utm_source%3Dmm%26utm_account%3DFDR%26utm_campaign%3D547671%26utm_adgroup%3D4820419%26utm_term%3D1443016199664600019%26utm_content%3D6473760%23%2Fmm%2Festimated_debt&r=&evt=pageLoad&msclkid=N&rn=203803
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Sat, 24 Aug 2019 22:52:55 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D5CECAFCE52D484D8F0468B0327D7AEC Ref B: VIEEDGE1320 Ref C: 2019-08-24T22:52:55Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
245 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=219272468277337&ev=PageView&dl=https%3A%2F%2Fsave.freedomdebtrelief.com%2Fmm%3Futm_medium%3Ddisplay%26utm_source%3Dmm%26utm_account%3DFDR%26utm_campaign%3D547671%26utm_adgroup%3D4820419%26utm_term%3D1443016199664600019%26utm_content%3D6473760%23%2Fmm%2Festimated_debt&rl=&if=false&ts=1566687175140&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=28&fbp=fb.1.1566687175134.189002651&it=1566687175044&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sat, 24 Aug 2019 22:52:55 GMT

GET
H2 200 11053195933.js Show response
cdn.optimizely.com/js/ 358 KB
98 KB 155ms
124ms Script
text/javascript 2a02:26f0:f1:183::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/11053195933.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:f1:183::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c66de58adf3d6a2e9d4cfc86b957a8fc4d5989e52abccf7b9e7129656ea49459

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: AJIpYIv8FUn2sfufO0wioinBqdhfqmvt
content-encoding: gzip
etag: "0314e83ea2265e1650a98d8a1a913cdb"
x-amz-request-id: 89F9BEAE7E5218A4
status: 200
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:f1:183::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 99637
x-amz-id-2: XaTk8Ghi+AZCpqoPcAmjfWceWx6YTEgSyV9UiVaR7XnhDZ5L62GFeu231SbGst3/DG/PsmGI5Ug=
last-modified: Thu, 22 Aug 2019 21:44:17 GMT
server: AmazonS3
date: Sat, 24 Aug 2019 22:52:55 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 3709
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://save.freedomdebtrelief.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 15:10:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 27758
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9016
x-xss-protection: 0
expires: Sun, 23 Aug 2020 15:10:17 GMT

GET event
sslwidget.criteo.com/ 0
0

GET
H2 200 modules.3096394dd91fea2701b7.js Show response
script.hotjar.com/ 427 KB
71 KB 1317ms
96ms Script
application/javascript 147.75.197.59
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.3096394dd91fea2701b7.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-671675.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.197.59 Tokyo, Japan, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ewr-k1-21
Software: /
Resource Hash: 202f5fb9cabfb53807795ed9468261a41fcfc65ca459dc7f73dcdbdf989e129d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 22:52:59 GMT
content-encoding: br
last-modified: Fri, 23 Aug 2019 13:48:03 GMT
status: 200
etag: "def7d6e28b4f0f230cf56c7872f9e63e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.189
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: f0a9b6431eb830c1d42a0418b62ee037
content-length: 72787

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 84F7 0
0 7841ms
185ms Document
text/html 147.75.76.93
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-671675.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.76.93 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://save.freedomdebtrelief.com/mm?utm_medium=display&utm_source=mm&utm_account=FDR&utm_campaign=547671&utm_adgroup=4820419&utm_term=1443016199664600019&utm_content=6473760

Response headers

status: 200
date: Sat, 24 Aug 2019 22:53:06 GMT
content-type: text/html
content-length: 787
cache-control: max-age=31536000
content-encoding: br
last-modified: Thu, 15 Aug 2019 09:43:18 GMT
etag: "5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status: 200
section-io-origin-time-seconds: 0.093
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: 9c94d326ba884d64f20a73d7aa329501

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=209922

Domain: sc-static.net
URL: https://sc-static.net/scevent.min.js

Domain: amplifypixel.outbrain.com
URL: https://amplifypixel.outbrain.com/pixel?mid=00cd0285f018e483e33896581b6ef0c1da&gtmcb=959718068

Domain: sslwidget.criteo.com
URL: https://sslwidget.criteo.com/event?a=35231&v=5.3.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=62c5f3e1-34ee-4ce7-a5bb-db429c8f7794&tld=freedomdebtrelief.com&dtycbr=76864

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://save.freedomdebtrelief.com/bundle.3ab76.js(Line 1) Message: Error Saving State

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com
amplifypixel.outbrain.com
bat.bing.com
cdn.optimizely.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
fonts.googleapis.com
fonts.gstatic.com
pixel.mathtag.com
s.pinimg.com
s.yimg.com
save.freedomdebtrelief.com
sc-static.net
script.hotjar.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
trc.taboola.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
amplifypixel.outbrain.com
pixel.mathtag.com
sc-static.net
sslwidget.criteo.com
147.75.104.26
147.75.197.59
147.75.76.93
151.101.114.2
178.250.2.130
2.21.37.27
2606:4700::6813:c797
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:809::2013
2a00:1450:4001:814::2003
2a00:1450:4001:814::200e
2a00:1450:4001:816::2010
2a00:1450:4001:81a::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::200a
2a00:1450:400c:c00::9b
2a02:26f0:f1:183::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:3::84
94.31.29.96
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
0c05647269824e0b6793e4470d927dda61f930760addf060d175662cb82cf064
0c2dffed35c3524f89a3bffd4944b3456a2f85ff54c8e335b9aeba17e29d1c13
10c3b1b8d9b03f13651f16b74cddff7a133468381315b1dcef26afdca5df8958
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1747a6b9d2d93ba3655f85e728d5f7111742e035e3c2e898db3b1b5566f55034
17af8b5aa22e188484cbfe9b7115ef56ce87dd43d09cba77a2a8dd0196b12ef3
1c649093dfa1281de572fc3d6a50d030765c12f5fef9b06c751721bbbbf3c0b1
202f5fb9cabfb53807795ed9468261a41fcfc65ca459dc7f73dcdbdf989e129d
373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47c0bf4a6d62d9b5acb593bd4b3fb6b528f75a087a5868d50c07fb69b4d126bd
4aa1627f50d39f26bb0787baca119ee10426ad10bb71443457de24386cee737d
4c12b6faca90dcb67ba5770ba20fccb0b41e3879d01116040aa4e9569400c614
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
64b7d52bdefcc8d47feca9cfc8fa87db9c0eb328efb4202c991b7ed6971cc07d
695046c5e4f10b710a74a13166979d6bac1a4a5c4845ea95e298b49db9583bba
6b4c72b8214beaceed57a85c54eed2c61cfc4911b3d677db9a6e00849ef6be05
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97fd47b2a2bc905922463b3ba0b0d726eaf214cd02540466cebc102a32348e98
c66de58adf3d6a2e9d4cfc86b957a8fc4d5989e52abccf7b9e7129656ea49459
d4cd0793770cdc3a88d0960bb1655ea2fab4b6f828bdb6a31f90bce008a9ed01
daecbf29bdb3450f5eddb76e089682de4b2a2dd126ff243c10af0cbf0e8fb28a
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68fa68924149dfb8c3f703ed3a823a419e9ab40ca6ee1810b64797369c5db26
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd9de3afabf343e13c305fa182024238ff8e24025e5c88c6c5d56b0a88480cd
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec

save.freedomdebtrelief.com Open in urlscan Pro 2a00:1450:4001:809::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

38 Requests

89 %HTTPS

70 %IPv6

24 Domains

27 Subdomains

22 IPs

9 Countries

670 kBTransfer

2453 kBSize

0 Cookies

6 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

save.freedomdebtrelief.com Open in urlscan Pro
2a00:1450:4001:809::2013 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

89 %
HTTPS

70 %
IPv6

24
Domains

27
Subdomains

22
IPs

9
Countries

670 kB
Transfer

2453 kB
Size

0
Cookies

38 HTTP transactions
0 data transactions