save.freedomdebtrelief.com Open in urlscan Pro
2a00:1450:4001:81f::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sdfkjsdfhsfkjhsdf.page.link/rniX
Effective URL:
https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f...
Submission: On December 09 via api (December 9th 2019, 4:01:52 am UTC) from BE

Summary HTTP 64 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 35 IPs in 10 countries across 36 domains to perform 64 HTTP transactions. The main IP is 2a00:1450:4001:81f::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE - Google LLC, US. The main domain is save.freedomdebtrelief.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on March 20th 2017. Valid for: 3 years.

This is the only time save.freedomdebtrelief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	185.56.169.92 185.56.169.92	3242 (ASN-ITNET) (ASN-ITNET)
2	45.57.250.250 45.57.250.250	36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing)
1 1	3.217.49.197 3.217.49.197	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:81f::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81e::2010	15169 (GOOGLE) (GOOGLE - Google LLC)
1	94.31.29.96 94.31.29.96	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.66.159 151.101.66.159	54113 (FASTLY) (FASTLY - Fastly)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.84.181 147.75.84.181	54825 (PACKET) (PACKET - Packet Host)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
2	2606:4700::68... 2606:4700::6812:eb0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 9	2.21.37.45 2.21.37.45	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.169.242 52.222.169.242	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN - Outbrain)
1	34.196.234.34 34.196.234.34	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	147.75.84.33 147.75.84.33	54825 (PACKET) (PACKET - Packet Host)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO - Criteo Corp.)
2	151.101.112.84 151.101.112.84	54113 (FASTLY) (FASTLY - Fastly)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a02:26f0:6c0... 2a02:26f0:6c00:181::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	156.154.136.32 156.154.136.32	7786 (NPAC) (NPAC - NeuStar)
1	35.177.239.109 35.177.239.109	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	52.5.117.21 52.5.117.21	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	143.204.101.58 143.204.101.58	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	147.75.33.59 147.75.33.59	54825 (PACKET) (PACKET - Packet Host)
1	2600:9000:21f... 2600:9000:21f3:0:1e:9742:1680:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	13.224.196.19 13.224.196.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE - Google LLC)
2	3.225.17.244 3.225.17.244	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
64	35

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

sdfkjsdfhsfkjhsdf.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.56.169.92 (Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)
PTR: vker14.hj

rainbowsell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.57.250.250 (Stoney Creek, Canada)

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)

deluxeaward.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.49.197 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-217-49-197.compute-1.amazonaws.com

fsmccbll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

save.freedomdebtrelief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.96 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.96.IPYX-077437-ZYO.above.net

3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.159 (United States)

ASN54113 (FASTLY - Fastly, US)

overflowworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.181 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:eb0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.21.37.45 (France) 2 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-37-45.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.169.242 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-169-242.fra54.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.234.34 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-196-234-34.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.33 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.150 (United States)

ASN19750 (AS-CRITEO - Criteo Corp., US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:181::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.154.136.32 (United States) 1 redirects

ASN7786 (NPAC - NeuStar, Inc., US)

adadvisor.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.239.109 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-177-239-109.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.5.117.21 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-5-117-21.compute-1.amazonaws.com

rdata.modernpostcard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.58 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-58.fra50.r.cloudfront.net

tag.getdrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.59 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-4

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:0:1e:9742:1680:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d14jnfavjicsbe.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.196.19 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-19.fra2.r.cloudfront.net

api.getdrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.17.244 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-225-17-244.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mathtag.com 2 redirects pixel.mathtag.com	9 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	getdrip.com tag.getdrip.com api.getdrip.com	12 KB
3	modernpostcard.com rdata.modernpostcard.com	3 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	99 KB
3	criteo.com 1 redirects sslwidget.criteo.com widget.us.criteo.com	2 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
3	googleapis.com fonts.googleapis.com storage.googleapis.com	10 KB
3	cloudflare.com cdnjs.cloudflare.com	34 KB
3	freedomdebtrelief.com save.freedomdebtrelief.com	251 KB
2	snapchat.com tr.snapchat.com
2	facebook.com www.facebook.com	502 B
2	pinterest.com ct.pinterest.com	217 B
2	yimg.com s.yimg.com	5 KB
2	facebook.net connect.facebook.net	50 KB
2	bing.com bat.bing.com	7 KB
2	pinimg.com s.pinimg.com	16 KB
2	google.de www.google.de	218 B
2	google.com 2 redirects www.google.com	362 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	322 B
2	googletagmanager.com www.googletagmanager.com	79 KB
2	deluxeaward.com deluxeaward.com	5 KB
1	cloudfront.net d14jnfavjicsbe.cloudfront.net	14 KB
1	agkn.com aa.agkn.com	373 B
1	adadvisor.net 1 redirects adadvisor.net	292 B
1	gstatic.com fonts.gstatic.com	9 KB
1	quora.com q.quora.com	457 B
1	outbrain.com amplifypixel.outbrain.com	314 B
1	sc-static.net sc-static.net	5 KB
1	criteo.net static.criteo.net	10 KB
1	taboola.com cdn.taboola.com	19 KB
1	overflowworks.com overflowworks.com	26 KB
1	netdna-ssl.com 3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com	9 KB
1	fsmccbll.com 1 redirects fsmccbll.com	912 B
1	rainbowsell.com 1 redirects rainbowsell.com	330 B
1	page.link 1 redirects sdfkjsdfhsfkjhsdf.page.link	849 B
64	36

	Domain	Requested by
9	pixel.mathtag.com	2 redirects save.freedomdebtrelief.com pixel.mathtag.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com save.freedomdebtrelief.com
3	rdata.modernpostcard.com	overflowworks.com
3	cdnjs.cloudflare.com	save.freedomdebtrelief.com
3	save.freedomdebtrelief.com	deluxeaward.com save.freedomdebtrelief.com
2	errors.client.optimizely.com	cdn.optimizely.com
2	tr.snapchat.com	sc-static.net
2	api.getdrip.com	d14jnfavjicsbe.cloudfront.net
2	www.facebook.com	save.freedomdebtrelief.com
2	ct.pinterest.com	s.pinimg.com save.freedomdebtrelief.com
2	widget.us.criteo.com	save.freedomdebtrelief.com static.criteo.net
2	s.yimg.com	deluxeaward.com s.yimg.com
2	connect.facebook.net	deluxeaward.com connect.facebook.net
2	bat.bing.com	deluxeaward.com save.freedomdebtrelief.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google.de	save.freedomdebtrelief.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	www.googletagmanager.com	save.freedomdebtrelief.com www.googletagmanager.com
2	storage.googleapis.com	save.freedomdebtrelief.com
2	deluxeaward.com	deluxeaward.com
1	d14jnfavjicsbe.cloudfront.net	tag.getdrip.com
1	vars.hotjar.com	static.hotjar.com
1	tag.getdrip.com	deluxeaward.com
1	aa.agkn.com	save.freedomdebtrelief.com
1	adadvisor.net	1 redirects
1	fonts.gstatic.com	save.freedomdebtrelief.com
1	cdn.optimizely.com	save.freedomdebtrelief.com
1	sslwidget.criteo.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	q.quora.com	save.freedomdebtrelief.com
1	amplifypixel.outbrain.com	save.freedomdebtrelief.com
1	sc-static.net	deluxeaward.com
1	static.criteo.net	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	overflowworks.com	www.googletagmanager.com
1	3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com	save.freedomdebtrelief.com
1	fonts.googleapis.com	save.freedomdebtrelief.com
1	fsmccbll.com	1 redirects
1	rainbowsell.com	1 redirects
1	sdfkjsdfhsfkjhsdf.page.link	1 redirects
64	42

This site contains links to these domains. Also see Links.

Domain
www.freedomdebtrelief.com

Subject Issuer	Validity	Valid
*.freedomdebtrelief.com COMODO RSA Domain Validation Secure Server CA	`2017-03-20` - `2020-04-05`	3 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-18` - `2020-02-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
overflowworks.com Let's Encrypt Authority X3	`2019-12-07` - `2020-03-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.pinimg.com DigiCert SHA2 High Assurance Server CA	`2019-05-29` - `2020-06-03`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-11-23` - `2020-01-07`	a month	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2019-01-25` - `2020-04-25`	a year	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.quora.com Let's Encrypt Authority X3	`2019-12-01` - `2020-02-29`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
*.us.criteo.com DigiCert ECC Secure Server CA	`2019-06-12` - `2020-06-16`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
cdn.optimizely.com DigiCert ECC Secure Server CA	`2018-11-24` - `2020-02-23`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2018-06-21` - `2020-09-16`	2 years	crt.sh
cdata.modernpostcard.com Amazon	`2019-05-16` - `2020-06-16`	a year	crt.sh
*.getdrip.com Amazon	`2019-04-25` - `2020-05-25`	a year	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Frame ID: 8AB59B0E59EF984045B8B3334BEB81AC
Requests: 59 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=caf25ded-bc42-4000-8a17-982e4541adac&no_iframe=1&mt_adid=209922&mt_lim=20
Frame ID: 7C1067086DB89CE174D135BF2ECD55D6
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: C896BB23942FBB960AE064A5A30E6398
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i
Frame ID: 9E525A005999BCF928513F0D8716327E
Requests: 1 HTTP requests in this frame

Frame: https://widget.us.criteo.com/dis/dis.aspx?p=35231&cb=54788624603&ref=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&sc_r=1600x1200&sc_d=24
Frame ID: 2B535F0F64C2432A931ED0505E178611
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 23BF37BBC84C7C6F5BC35B244581FC8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sdfkjsdfhsfkjhsdf.page.link/rniX HTTP 302
http://rainbowsell.com/PiPoN-r!*VwV*X0707*VwV*a*VwV*(7~(xS7*VwV*a*VwV*(~7:S*VwV*0*VwV*0*VwV*a*VwV*)... HTTP 302
http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_16... Page URL
https://fsmccbll.com/?a=4&c=1658&s1=107546&s2=987a30649ac8f0abd2a751c95e1c615c&s3=25736_1_13&s4=8... HTTP 302
https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_a... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Page Statistics

64
Requests

97 %
HTTPS

43 %
IPv6

36
Domains

42
Subdomains

35
IPs

10
Countries

765 kB
Transfer

2924 kB
Size

9
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.freedomdebtrelief.com/

Search URL Search Domain Scan URL

URL: https://www.freedomdebtrelief.com/privacy-policy
Title: Privacy Policy|

Search URL Search Domain Scan URL

URL: https://www.freedomdebtrelief.com/terms/
Title: Terms of Use|

Search URL Search Domain Scan URL

URL: https://www.freedomdebtrelief.com/contact
Title: Contact Us|

Search URL Search Domain Scan URL

URL: https://www.freedomdebtrelief.com/politica-de-privacidad
Title: Política de privacidad|

Search URL Search Domain Scan URL

URL: https://www.freedomdebtrelief.com/terminos-de-servicio
Title: Terminos de servicio|

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sdfkjsdfhsfkjhsdf.page.link/rniX HTTP 302
http://rainbowsell.com/PiPoN-r!*VwV*X0707*VwV*a*VwV*(7~(xS7*VwV*a*VwV*(~7:S*VwV*0*VwV*0*VwV*a*VwV*)0*VwV*Sa*VwV*a:*VwV*~)S*VwV*aS)0*VwV*)x)xx*VwV*a0 HTTP 302
http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40 Page URL
https://fsmccbll.com/?a=4&c=1658&s1=107546&s2=987a30649ac8f0abd2a751c95e1c615c&s3=25736_1_13&s4=80707_1_0_0_1_2752967_40_1640_49499_1_10_546 HTTP 302
https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://sdfkjsdfhsfkjhsdf.page.link/rniX HTTP 302
http://rainbowsell.com/PiPoN-r!*VwV*X0707*VwV*a*VwV*(7~(xS7*VwV*a*VwV*(~7:S*VwV*0*VwV*0*VwV*a*VwV*)0*VwV*Sa*VwV*a:*VwV*~)S*VwV*aS)0*VwV*)x)xx*VwV*a0 HTTP 302
http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40

Request Chain 17

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-131129682-3&cid=1895539749.1575864095&jid=1152518732&gjid=1078806303&_gid=1765100697.1575864095&_u=aGBAgUAj~&z=742433105 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1895539749.1575864095&jid=1152518732&_v=j79&z=742433105 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1895539749.1575864095&jid=1152518732&_v=j79&z=742433105&slf_rd=1&random=1494095715

Request Chain 25

https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=209922 HTTP 302
https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=209922&mm_bnc&mm_bct&UUID=caf25ded-bc42-4000-8a17-982e4541adac

Request Chain 33

https://sslwidget.criteo.com/event?a=35231&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fdeluxeaward.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=7e1564b4-6b98-442d-a3ea-865f6c8ecd66&tld=freedomdebtrelief.com&dtycbr=69012 HTTP 302
https://widget.us.criteo.com/event?a=35231&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fdeluxeaward.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=7e1564b4-6b98-442d-a3ea-865f6c8ecd66&tld=freedomdebtrelief.com&dtycbr=69012

Request Chain 43

https://adadvisor.net/adscores/g.jsonp?sid=9202274878&userid=4EF6DC-FBD64F7A-083A-425B-B3A7-C286982A9555 HTTP 302
https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=4EF6DC-FBD64F7A-083A-425B-B3A7-C286982A9555&&bounced=1

Request Chain 47

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-131129682-3&cid=2082711223.1575864096&jid=579127889&gjid=192646847&_gid=1993040497.1575864096&_u=aGBAgUAj~&z=1357412082 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=2082711223.1575864096&jid=579127889&_v=j79&z=1357412082 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=2082711223.1575864096&jid=579127889&_v=j79&z=1357412082&slf_rd=1&random=3321475800

Request Chain 48

https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&previous_url=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&industry=Business%20Services&mt_adid=209922&event_type=catchall&mt_id=1326827&mt_lim=20&UUID=caf25ded-bc42-4000-8a17-982e4541adac&document_title=Will%20Debt%20Relief%20Help%3F&location=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545%23%2F&document_path=%2F4o4&mt_cb=1575864096105 HTTP 302
https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&previous_url=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&industry=Business%20Services&mt_adid=209922&event_type=catchall&mt_id=1326827&mt_lim=20&UUID=caf25ded-bc42-4000-8a17-982e4541adac&document_title=Will%20Debt%20Relief%20Help%3F&location=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545%23%2F&document_path=%2F4o4&mt_cb=1575864096105&mm_bnc&mm_bct&UUID=caf25ded-bc42-4000-8a17-982e4541adac

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

clicks Show response
deluxeaward.com/
Redirect Chain

https://sdfkjsdfhsfkjhsdf.page.link/rniX
http://rainbowsell.com/PiPoN-r!*VwV*X0707*VwV*a*VwV*(7~(xS7*VwV*a*VwV*(~7:S*VwV*0*VwV*0*VwV*a*VwV*)0*VwV*Sa*VwV*a:*VwV*~)S*VwV*aS)0*VwV*)x)xx*VwV*a0
http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40

4 KB
5 KB

466ms
163ms

Document
text/html

45.57.250.250
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40
Protocol: HTTP/1.1
Server: 45.57.250.250 Stoney Creek, Canada, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
Software: nginx /
Resource Hash: bf06c64a8b15567c0c44c4c0dc84a2ac87d4d996b7d602784c0ef784fea7cefb

Request headers

Host: deluxeaward.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Server: nginx
Date: Mon, 09 Dec 2019 04:00:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

Redirect headers

Date: Mon, 09 Dec 2019 04:01:32 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
location: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK index.php
deluxeaward.com/ 216 B
390 B 530ms
529ms XHR
text/html 45.57.250.250
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://deluxeaward.com/index.php
Requested by: Host: deluxeaward.com
URL: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40
Protocol: HTTP/1.1
Server: 45.57.250.250 Stoney Creek, Canada, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40
Origin: http://deluxeaward.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 09 Dec 2019 04:00:19 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request 4o4 Show response
save.freedomdebtrelief.com/
Redirect Chain

https://fsmccbll.com/?a=4&c=1658&s1=107546&s2=987a30649ac8f0abd2a751c95e1c615c&s3=25736_1_13&s4=80707_1_0_0_1_2752967_40_1640_49499_1_10_546
https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_...

10 KB
4 KB

534ms
453ms

Document
text/html

2a00:1450:4001:81f::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Requested by: Host: deluxeaward.com
URL: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: c17ce2a905cb8cf01127ad0042491c71f233f3d8e8b2d848f7c570af051e29d7

Request headers

:method: GET
:authority: save.freedomdebtrelief.com
:scheme: https
:path: /4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40

Response headers

status: 200
date: Mon, 09 Dec 2019 04:01:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: private
access-control-allow-origin: *
etag: W/"283c-+cBFHweEq9PaaE9icXoHcXZZFXM"
content-encoding: gzip
via: 1.1 google

Redirect headers

Cache-Control: private
Content-Length: 397
Content-Type: text/html; charset=utf-8
Date: Mon, 09 Dec 2019 04:01:21 GMT
Location: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=9n1Bf1sZIghu0UXVRtfu23U6CtVXXHvtFaPpriSbnLsdYB7hZBH6yw==; domain=.fsmccbll.com; path=/; HttpOnly trk=+N3q1J9xcX5u0UXVRtfu23U6CtVXXHvtFaPpriSbnLsdYB7hZBH6yw==; domain=.fsmccbll.com; expires=Sun, 08-Dec-2024 20:01:21 GMT; path=/; HttpOnly c477=9n1Bf1sZIgj5CIQmI33MD2eO5fJb2l/j50k4r9iFjvU=; domain=.fsmccbll.com; expires=Wed, 08-Jan-2020 04:01:21 GMT; path=/; HttpOnly
Connection: close

GET
H2 200 custom-elements-es5-adapter.js Show response
cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/ 924 B
566 B 17ms
16ms Script
application/javascript 2606:4700::6811:4104
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/custom-elements-es5-adapter.js

Requested by

Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e68fa68924149dfb8c3f703ed3a823a419e9ab40ca6ee1810b64797369c5db26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 9691138
cf-ray: 54241422c8418cc2-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 19 Apr 2019 23:15:55 GMT
server: cloudflare
etag: W/"5cba56ab-39c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 28 Nov 2020 04:01:35 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.000

GET
H2 200 webcomponents-loader.js Show response
cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/ 6 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700::6811:4104
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/webcomponents-loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 13402182
cf-ray: 54241422c8428cc2-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 19 Apr 2019 23:15:53 GMT
server: cloudflare
etag: W/"5cba56a9-1880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 28 Nov 2020 04:01:35 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 webcomponents-bundle.js Show response
cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/ 109 KB
32 KB 23ms
21ms Script
application/javascript 2606:4700::6811:4104
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.2.10/webcomponents-bundle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

695046c5e4f10b710a74a13166979d6bac1a4a5c4845ea95e298b49db9583bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 17442246
cf-ray: 54241422c8438cc2-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 19 Apr 2019 23:15:55 GMT
server: cloudflare
etag: W/"5cba56ab-1b2b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 28 Nov 2020 04:01:35 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.003

GET
H2 200 css
fonts.googleapis.com/ 9 KB
794 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 09 Dec 2019 04:01:35 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 09 Dec 2019 04:01:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 09 Dec 2019 04:01:35 GMT

GET
H2 200 style.58856.css
save.freedomdebtrelief.com/ 172 KB
29 KB 518ms
517ms Stylesheet
text/css 2a00:1450:4001:81f::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://save.freedomdebtrelief.com/style.58856.css
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: e3641aa0c31ca79f9980d3fc3a11afffc7d243502a52e7524f16fdcddb395cde

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: gzip
etag: W/"2b1c5-16edf0b9225"
last-modified: Sat, 07 Dec 2019 06:28:27 GMT
access-control-allow-origin: *
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
status: 200
cache-control: private
via: 1.1 google

GET
H2 200 freedom_logo.svg
storage.googleapis.com/fdr-static/ 6 KB
7 KB 161ms
138ms Image
image/svg+xml 2a00:1450:4001:81e::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/fdr-static/freedom_logo.svg
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 64b7d52bdefcc8d47feca9cfc8fa87db9c0eb328efb4202c991b7ed6971cc07d

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
status: 200
x-guploader-uploadid: AEnB2Ur3_choWsZezZ0cwdp6tN_Ict5nFfpUTp4daOJos2DRC2K978WIrvpc3gAbmbjTaETTtL62DAKyfA8o_Uvb-nFyVxuBvQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6651
last-modified: Thu, 20 Sep 2018 21:13:25 GMT
server: UploadServer
etag: "8d245e4e3ca9901e1515879001633f2f"
x-goog-hash: crc32c=cBe3sw==, md5=jSReTjypkB4VFYeQAWM/Lw==
x-goog-generation: 1537478005222156
cache-control: public, max-age=3600
x-goog-stored-content-length: 6651
accept-ranges: bytes
content-type: image/svg+xml
expires: Mon, 09 Dec 2019 05:01:35 GMT

GET
H2 200 phone.png
storage.googleapis.com/fdr-save-dev.appspot.com/ 1 KB
2 KB 168ms
145ms Image
image/png 2a00:1450:4001:81e::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/fdr-save-dev.appspot.com/phone.png
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4aa1627f50d39f26bb0787baca119ee10426ad10bb71443457de24386cee737d

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
status: 200
x-guploader-uploadid: AEnB2Upe1Q8v3-EvBSz_Dc91z_sQkbo1bKiDJDHgFteOk2n61LaxCdN_a9alF3w1WVJzhcZdL_tDKfVxg2Ip_Ql12256gCINBQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1437
last-modified: Fri, 06 Jul 2018 21:21:34 GMT
server: UploadServer
etag: "2b650b8601cfd2dbb403316ebef56bc3"
x-goog-hash: crc32c=Nx+kHw==, md5=K2ULhgHP0tu0AzFuvvVrww==
x-goog-generation: 1530912094014429
cache-control: public, max-age=3600
x-goog-stored-content-length: 1437
accept-ranges: bytes
content-type: image/png
expires: Mon, 09 Dec 2019 05:01:35 GMT

GET
H2 200 bundle.b5760.js Show response
save.freedomdebtrelief.com/ 737 KB
218 KB 533ms
532ms Script
application/javascript 2a00:1450:4001:81f::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://save.freedomdebtrelief.com/bundle.b5760.js
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: 64bbb2adde8145dcdc0e1b172913b6af209a954d7344eeb8428126b50c1ba5fd

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: gzip
etag: W/"b848f-16edf07bae5"
last-modified: Sat, 07 Dec 2019 06:24:16 GMT
access-control-allow-origin: *
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private
via: 1.1 google

GET
H2 200 afcc_logo.png
3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com/wp-content/uploads/2018/04/ 9 KB
9 KB 32ms
6ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com/wp-content/uploads/2018/04/afcc_logo.png
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 0c05647269824e0b6793e4470d927dda61f930760addf060d175662cb82cf064

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
last-modified: Thu, 11 Jul 2019 00:40:32 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5d268580-2255"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8789

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 87 KB
28 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K94RSCD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59e727261bde9c5214913717a4322228d183df6e54d4f6d2b1dc2fa8bd049b17

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: br
last-modified: Mon, 09 Dec 2019 03:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28079
x-xss-protection: 0
expires: Mon, 09 Dec 2019 04:01:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94RSCD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5278
date: Mon, 09 Dec 2019 02:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 09 Dec 2019 04:33:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 301 KB
51 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-XPW2&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94RSCD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7758b9c1a2b4b545ab89b75cfe290567de5792d1f50e2621bf58a4e2e66a641

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: br
last-modified: Mon, 09 Dec 2019 03:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 52223
x-xss-protection: 0
expires: Mon, 09 Dec 2019 04:01:35 GMT

GET
H2 200 ofw-freedomdebt.js Show response
overflowworks.com/ofw-trace/ 72 KB
26 KB 40ms
7ms Script
application/javascript 151.101.66.159
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://overflowworks.com/ofw-trace/ofw-freedomdebt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94RSCD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.159 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

a3d202c4ba1ae9e682e8d4f02f28c9a77928e13c3b7ca5d9cc19444f30639384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
status: 200
x-cache-hits: 3
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4037-HHN
x-fw-type: VISIT
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Sep 2019 17:31:52 GMT
server: Flywheel/5.1.0
x-timer: S1575864095.238932,VS0,VE1
etag: W/"5d768c88-11f3c"
x-fw-hash: 3mxh9itr3c
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: max-age=2592000
content-length: 26127
expires: Sun, 05 Jan 2020 04:09:01 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
929 B 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 03:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1018
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Mon, 09 Dec 2019 04:44:37 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
110 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=190238245&t=pageview&_s=1&dl=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545&dr=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&dp=%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545&ul=en-us&de=UTF-8&dt=Will%20Debt%20Relief%20Help%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAj~&jid=1152518732&gjid=1078806303&cid=1895539749.1575864095&tid=UA-131129682-3&_gid=1765100697.1575864095&gtm=2wgav9K94RSCD&cd1=GTM-K94RSCD&cd2=15&cd3=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&cd4=1575864095196.nlkpmmyk&cd5=GA%20Page%20View%20-%20Core%20Page%20View&cd6=1895539749.1575864095&z=20912976

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 09:48:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1707169
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-131129682-3&cid=1895539749.1575864095&jid=1152518732&gjid=1078806303&_gid=1765100697.1575864095&_u=aGBAgUAj~&z=742433105
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1895539749.1575864095&jid=1152518732&_v=j79&z=742433105
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1895539749.1575864095&jid=1152518732&_v=j79&z=742433105&slf_rd=1&random=1494095715

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1895539749.1575864095&jid=1152518732&_v=j79&z=742433105&slf_rd=1&random=1494095715

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Dec 2019 04:01:35 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Dec 2019 04:01:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=1895539749.1575864095&jid=1152518732&_v=j79&z=742433105&slf_rd=1&random=1494095715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-671675.js Show response
static.hotjar.com/c/ 4 KB
2 KB 46ms
18ms Script
application/javascript 147.75.84.181
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-671675.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XPW2&l=dataLayer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.181 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

Software

openresty /

Resource Hash

e54baaed23e93d14bd8ce872d6f953eb50ecbe4f1bacee414f6c701e48f05fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 156
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1861
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/d2b722607b8a47a7d1382d1d284ced70
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.072
accept-ranges: bytes
section-io-id: eeea173add03a826d7b4b2213159cc5d

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1006637/ 57 KB
19 KB 111ms
110ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1006637/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XPW2&l=dataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ebffe5b38ea0b93839b4e7931a8b91c88ff71880eedcbadd88d9044e5c43059

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: EGqIUqsiN6UYCLM7EMCevfN7a3hGp1zg
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
date: Mon, 09 Dec 2019 04:01:35 GMT
x-amz-replication-status: COMPLETED
content-length: 19611
x-amz-id-2: GuzSCAtK3V7MEDBr0JIgNs4f17psrivCkqKCIg0jJZoVJWfDKLsau1ziZzxDD+bSD83CTnUh+5g=
x-served-by: cache-hhn4059-HHN
last-modified: Thu, 05 Dec 2019 11:21:11 GMT
server: AmazonS3
x-timer: S1575864095.276333,VS0,VE104
etag: "6d461dd34bc4e7d9183385bbb6114153"
vary: Accept-Encoding
x-amz-request-id: 6A8F20C76D2F9DB2
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 75
x-cache-hits: 1

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
587 B 20ms
19ms Script
application/javascript 2606:4700::6812:eb0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XPW2&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd9de3afabf343e13c305fa182024238ff8e24025e5c88c6c5d56b0a88480cd

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: br
x-cdn: cloudflare
access-control-allow-origin: *
etag: W/"1e214e15ac165378f0589400974edd54"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
status: 200
access-control-expose-headers: x-cdn
cache-control: max-age=1209600
cf-ray: 542414238a94cbac-VIE
server: cloudflare

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 46ms
46ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: deluxeaward.com
URL: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:34 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: EDC9381341D445989FBA700883A775BA Ref B: VIEEDGE1120 Ref C: 2019-12-09T04:01:35Z
access-control-allow-origin: *
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: deluxeaward.com
URL: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26702
x-xss-protection: 0
pragma: public
x-fb-debug: Nc5T7aXuSf9pUzKHGLL1X0sfbaLh9AitCby3o8Bq5AmIyyggpkJa5q9kRMoqKTamlOeifTh6bR0RCkK4jb34LA==
x-fb-trip-id: 1475214379
date: Mon, 09 Dec 2019 04:01:35 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
5 KB 12ms
12ms Script
application/javascript 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: deluxeaward.com
URL: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 09 Dec 2019 03:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1438
x-amz-server-side-encryption: AES256
status: 200
strict-transport-security: max-age=15552000
content-length: 5150
x-amz-id-2: gr/fpNUnnpuW+CaHdKMVJj6K2PxX/Cdowfk6crXPD1e67TJf9ncbMljUqBoAwWcfREnu/Wt8Juc=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Oct 2019 10:16:59 GMT
server: ATS
etag: "254a43f994019deb4ca1830f04bd5d32-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-request-id: D68476F30E010AE8
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 30 KB
10 KB 18ms
17ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XPW2&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 08f46166ba8f17f10bcf12e4cb5307eee649495f36b4561aa86ae2fde668f99f

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: gzip
last-modified: Fri, 11 Oct 2019 10:45:26 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5da05d46-7682"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 10 Dec 2019 04:01:35 GMT

GET
H/1.1

200
OK

js Show response
pixel.mathtag.com/event/
Redirect Chain

https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=209922
https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=209922&mm_bnc&mm_bct&UUID=caf25ded-bc42-4000-8a17-982e4541adac

2 KB
3 KB

36ms
36ms

Script
text/javascript

2.21.37.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=209922&mm_bnc&mm_bct&UUID=caf25ded-bc42-4000-8a17-982e4541adac
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-45.deploy.static.akamaitechnologies.com
Software: MT3 1913 979072d master cdg-pixel-x14 /
Resource Hash: 0f95f1a92281359fceb19419670a5d511dd568b6de253b622069fc775f2e6835

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 04:01:35 GMT
Server: MT3 1913 979072d master cdg-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 2549
Expires: Mon, 09 Dec 2019 04:01:34 GMT

Redirect headers

Date: Mon, 09 Dec 2019 04:01:35 GMT
Server: MT3 1913 979072d master cdg-pixel-x23
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=209922&mm_bnc&mm_bct&UUID=caf25ded-bc42-4000-8a17-982e4541adac
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
Expires: Mon, 09 Dec 2019 04:01:34 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 13 KB
5 KB 23ms
6ms Script
application/javascript 52.222.169.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: deluxeaward.com
URL: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.169.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-169-242.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce955c2abb1b3639be7d38357b192b262f73576e7c2408c75200f3d8cda33913

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 23:05:45 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 23:04:13 GMT
server: AmazonS3
age: 17750
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: FRA54
x-amz-cf-id: rMy9Uln4KWThIDz5hJUllKly7w3Jx2N1HkdsdAAMTEWpf9puaImgug==
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
314 B 345ms
86ms Image
image/gif 70.42.32.31
Outbrain

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amplifypixel.outbrain.com/pixel?mid=00cd0285f018e483e33896581b6ef0c1da&gtmcb=1530163087

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 04:01:35 GMT
Cache-Control: no-cache
X-TraceId: 3ad4ccebb1d72d3f1616e1497d4adee1
content-encoding: gzip
Content-Length: 60
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/594aaee948534d3b8e0a8e4182b5b01e/ 43 B
457 B 352ms
90ms Image
image/gif 34.196.234.34
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q.quora.com/_/ad/594aaee948534d3b8e0a8e4182b5b01e/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.234.34 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-196-234-34.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 04:01:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: 81,a96fb23c723d0dd34f72af59319b1f2d,10.0.0.107,45904,144.76.109.30,,14502160345,1,1575864095.608,0.003,,.,0,0,0.000,0.004,-,0,0,304,217,108,10,26847,,,,,,,
Content-Type: image/gif

GET
H2 200 main.532239b0.js Show response
s.pinimg.com/ct/lib/ 45 KB
15 KB 21ms
21ms Script
application/javascript 2606:4700::6812:eb0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.532239b0.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c3b1b8d9b03f13651f16b74cddff7a133468381315b1dcef26afdca5df8958

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: br
x-cdn: cloudflare
access-control-allow-origin: *
etag: W/"42f2d9232667759ed210155c5be8d336"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
status: 200
access-control-expose-headers: x-cdn
cache-control: max-age=1209600
cf-ray: 54241423bad4cbac-VIE
server: cloudflare

GET
H2 200 10007046.json Show response
s.yimg.com/wi/config/ 2 B
149 B 434ms
432ms XHR
application/json 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10007046.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Origin: https://save.freedomdebtrelief.com

Response headers

date: Mon, 09 Dec 2019 04:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: A24CC7D3EB921369
x-amz-id-2: sX1rjPbyJKkIjX1dcLbvYt9pWWJxj2kC3vp22clEXO2P0JvLAgxUdMh3+nl0AxHw
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 200 219272468277337 Show response
connect.facebook.net/signals/config/ 97 KB
24 KB 116ms
116ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/219272468277337?v=2.9.14&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

ac11cc52e4a9596d0fcc4fc67d6ae6af523d05dfd0c05d77a6831efda18409ff

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 1XwTFWcKxmC5Ic9Jp4Lobz3S2itySbVDD+7PE+yoHRXNvkFfz6cS8rJbJBGPy+XvqViOvjNcw8FBb/NfNH7wXQ==
x-fb-trip-id: 1475214379
date: Mon, 09 Dec 2019 04:01:35 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.1563bfc088652f728ad5.js Show response
script.hotjar.com/ 399 KB
70 KB 42ms
13ms Script
application/javascript 147.75.84.33
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.1563bfc088652f728ad5.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-671675.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.33 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software: /
Resource Hash: 464f98ed0cc4bd0a6f0858a99c60f2e018645009265ed955a0a2eb0f5ca81e00

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
content-encoding: br
last-modified: Thu, 28 Nov 2019 17:38:37 GMT
access-control-allow-origin: *
etag: "6f4d0398872f50ffe1212d1d3fe37a64"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.027
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 47824ed18d86e3db9020c766845cf35d
content-length: 70909

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=35231&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fdeluxeaward.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=7e1564b4-6b98-442d-a3ea-865f6c8ecd6...
https://widget.us.criteo.com/event?a=35231&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fdeluxeaward.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=7e1564b4-6b98-442d-a3ea-865f6c8ecd6...

1 KB
1 KB

102ms
102ms

Script
application/x-javascript

74.119.119.150
Criteo Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=35231&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fdeluxeaward.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=7e1564b4-6b98-442d-a3ea-865f6c8ecd66&tld=freedomdebtrelief.com&dtycbr=69012
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: acbee2b4d7a66c0dddfb65ee50b07440e1309d41b051d8b164283a30fe765002

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Dec 2019 04:01:34 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
status: 200
cache-control: no-cache
timing-allow-origin: *
content-length: 844
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 09 Dec 2019 04:01:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
location: https://widget.us.criteo.com/event?a=35231&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fdeluxeaward.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=7e1564b4-6b98-442d-a3ea-865f6c8ecd66&tld=freedomdebtrelief.com&dtycbr=69012
status: 302
cache-control: no-cache
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 204 0
bat.bing.com/action/ 0
93 B 47ms
46ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4075976&Ver=2&mid=99ce5dfe-3f10-d224-c08c-10197bbcd658&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Will%20Debt%20Relief%20Help%3F&p=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545&r=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&evt=pageLoad&msclkid=N&rn=840660
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 09 Dec 2019 04:01:34 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2DB5B24C07F9410ABAD5DED4BAA66D64 Ref B: VIEEDGE1120 Ref C: 2019-12-09T04:01:35Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 35 B
132 B 30ms
29ms XHR
image/gif 151.101.112.84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2618847060959&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1575864095344
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.532239b0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Origin: https://save.freedomdebtrelief.com

Response headers

pragma: no-cache
date: Mon, 09 Dec 2019 04:01:35 GMT
x-cdn: fastly
status: 200
content-type: image/gif
access-control-allow-origin: https://save.freedomdebtrelief.com
access-control-expose-headers: Epik
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-pinterest-rid: 0234432731812642
x-envoy-upstream-service-time: 1
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
85 B 36ms
36ms Image
image/gif 151.101.112.84
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2618847060959&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545%22%2C%22ref%22%3A%22http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1575864095347
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Dec 2019 04:01:35 GMT
x-cdn: fastly
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 6
content-length: 35
x-pinterest-rid: 3626631742720868
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 24ms
24ms Script
text/javascript 2.21.37.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&previous_url=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&industry=Business%20Services&mt_adid=209922&event_type=catchall&mt_id=1326827&mt_lim=20&UUID=caf25ded-bc42-4000-8a17-982e4541adac&document_title=Will%20Debt%20Relief%20Help%3F&location=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545&document_path=%2F4o4&mt_cb=1575864095373
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=209922&mm_bnc&mm_bct&UUID=caf25ded-bc42-4000-8a17-982e4541adac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-45.deploy.static.akamaitechnologies.com
Software: MT3 1913 979072d master cdg-pixel-x20 /
Resource Hash: 319b52fb8d5a3662a55998c9b9c9992548b9fa704dcd80a530ca5b95e40db8f1

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 04:01:35 GMT
Server: MT3 1913 979072d master cdg-pixel-x20
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1363
Expires: Mon, 09 Dec 2019 04:01:34 GMT

GET
H/1.1 200
OK iframe
pixel.mathtag.com/sync/ Frame 7C10 0
0 32ms
20ms Document
text/html 2.21.37.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=caf25ded-bc42-4000-8a17-982e4541adac&no_iframe=1&mt_adid=209922&mt_lim=20
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&previous_url=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&industry=Business%20Services&mt_adid=209922&event_type=catchall&mt_id=1326827&mt_lim=20&UUID=caf25ded-bc42-4000-8a17-982e4541adac&document_title=Will%20Debt%20Relief%20Help%3F&location=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545&document_path=%2F4o4&mt_cb=1575864095373
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-45.deploy.static.akamaitechnologies.com
Software: MT3 1913 979072d master cdg-pixel-x3 /
Resource Hash

Request headers

Host: pixel.mathtag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Accept-Encoding: gzip, deflate, br
Cookie: uuid=caf25ded-bc42-4000-8a17-982e4541adac; uuidc=uWjJEtB15hgRLvrD7+4TmkIwD66jL4JzYUzrm9AcOlhU/bIT9YhtrrgWhY5AZge8Gvy9htCC4cvRFCUldfd8SXEmtd8YLtvY2H6xPeoGdZw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545

Response headers

Content-Type: text/html
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1913 979072d master cdg-pixel-x3
Expires: Mon, 09 Dec 2019 04:01:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1766
Date: Mon, 09 Dec 2019 04:01:35 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
472 B 18ms
17ms Image
image/gif 2.21.37.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-45.deploy.static.akamaitechnologies.com
Software: MT3 1913 979072d master cdg-pixel-x11 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 04:01:35 GMT
Server: MT3 1913 979072d master cdg-pixel-x11
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 09 Dec 2019 04:01:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=219272468277337&ev=PageView&dl=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545&rl=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&if=false&ts=1575864095441&sw=1600&sh=1200&v=2.9.14&r=stable&ec=0&o=28&fbp=fb.1.1575864095440.548601325&it=1575864095317&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 09 Dec 2019 04:01:35 GMT

GET
H2 200 11053195933.js Show response
cdn.optimizely.com/js/ 361 KB
99 KB 410ms
388ms Script
text/javascript 2a02:26f0:6c00:181::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/11053195933.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b52c0d4f24ad3d883256405402908cba93fa56198e6b729753ff666ded3a975b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: tSvCyncaTrwWLZnIf8BWVfpXGyd0gHnQ
content-encoding: gzip
x-amz-request-id: 80B5C61504ED4B82
status: 200
access-control-max-age: 86400
date: Mon, 09 Dec 2019 04:01:36 GMT
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
content-length: 100239
x-amz-id-2: k0/5wtqqRE7OFyStmAazhXf9lWEWEASlGqOaZC5LdOMrx7Ikdrt0acCZSuS3AY1haHaCZwA8aAw=
last-modified: Thu, 05 Dec 2019 19:29:18 GMT
server: AmazonS3
etag: "8f634bf32d4a401d6b4c042008598af1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 4490
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://save.freedomdebtrelief.com

Response headers

date: Thu, 21 Nov 2019 20:31:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 1495834
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9016
x-xss-protection: 0
expires: Fri, 20 Nov 2020 20:31:01 GMT

GET
H2

200

g.jsonp Show response
aa.agkn.com/adscores/
Redirect Chain

https://adadvisor.net/adscores/g.jsonp?sid=9202274878&userid=4EF6DC-FBD64F7A-083A-425B-B3A7-C286982A9555
https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=4EF6DC-FBD64F7A-083A-425B-B3A7-C286982A9555&&bounced=1

82 B
373 B

62ms
19ms

Script
application/json

35.177.239.109
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=4EF6DC-FBD64F7A-083A-425B-B3A7-C286982A9555&&bounced=1
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.239.109 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-177-239-109.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 9e446e75dc20b6dc693b247aaf7704112e55ef434588368aa0761fc76b3a29a5

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Dec 2019 04:01:36 GMT
server: AAWebServer
p3p: policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 82
expires: 0

Redirect headers

Location: https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=4EF6DC-FBD64F7A-083A-425B-B3A7-C286982A9555&&bounced=1
Date: Mon, 09 Dec 2019 04:01:36 GMT
Server: AAWebServer
Connection: close
P3P: policyref="http://www.adadvisor.net/w3c/p3p.xml",CP="NOI NID"

GET
H/1.1 200
OK A7FB2E4EF6DC Show response
rdata.modernpostcard.com/v1/C/RawData/ 208 B
1 KB 374ms
88ms Script
application/x-javascript 52.5.117.21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rdata.modernpostcard.com/v1/C/RawData/A7FB2E4EF6DC?v=fbd64f7a-083a-425b-b3a7-c286982a9555&m=1443f5c6-2ea6-4133-b644-de3a0ea66e1a&se=77f961a8-460a-41b6-bf87-8a9d6295adc7&d=eyJ2IjoiZmJkNjRmN2EtMDgzYS00MjViLWIzYTctYzI4Njk4MmE5NTU1IiwibSI6IjE0NDNmNWM2LTJlYTYtNDEzMy1iNjQ0LWRlM2EwZWE2NmUxYSIsImNzaSI6MTg0OTA0OTY4OSwic2UiOiI3N2Y5NjFhOC00NjBhLTQxYjYtYmY4Ny04YTlkNjI5NWFkYzciLCJuIjoxLCJwIjoiYWExNmE2MGMtMDg1OC00NTYyLTllMDEtOTlmMDg4MTUxZWU0IiwidSI6Imh0dHBzOi8vc2F2ZS5mcmVlZG9tZGVidHJlbGllZi5jb20vNG80P3V0bV9zb3VyY2U9NCZ1dG1fbWVkaXVtPWFmZmlsaWF0ZSZ1dG1fY2FtcGFpZ249NDc3JnV0bV90ZXJtPTEwNzU0NiZ1dG1fYWRncm91cD05ODdhMzA2NDlhYzhmMGFiZDJhNzUxYzk1ZTFjNjE1YyZtYXRjaF90eXBlPTI1NzM2XzFfMTMmdXRtX3B1Ymxpc2hlcj04MDcwN18xXzBfMF8xXzI3NTI5NjdfNDBfMTY0MF80OTQ5OV8xXzEwXzU0NiZ1dG1fY29udGVudD03NDMxMzU0NSIsInBuIjoiLzRvNCIsInIiOiJodHRwOi8vZGVsdXhlYXdhcmQuY29tL2NsaWNrcz9jaWQ9MjQxMDUmcHViPTEwNzU0NiZzaWQxPTI1NzM2XzFfMTMmc2lkMj04MDcwN18xXzBfMF8xXzI3NTI5NjdfNDBfMTY0MF80OTQ5OV8xXzEwXzU0NiZzaWQzPTQwIiwidCI6IldpbGwgRGVidCBSZWxpZWYgSGVscD8iLCJjIjoiaHR0cHM6Ly9zYXZlLmZyZWVkb21kZWJ0cmVsaWVmLmNvbS80bzQ%2FdXRtX3NvdXJjZT00JnV0bV9tZWRpdW09YWZmaWxpYXRlJnV0bV9jYW1wYWlnbj00NzcmdXRtX3Rlcm09MTA3NTQ2JnV0bV9hZGdyb3VwPTk4N2EzMDY0OWFjOGYwYWJkMmE3NTFjOTVlMWM2MTVjJm1hdGNoX3R5cGU9MjU3MzZfMV8xMyZ1dG1fcHVibGlzaGVyPTgwNzA3XzFfMF8wXzFfMjc1Mjk2N180MF8xNjQwXzQ5NDk5XzFfMTBfNTQ2JnV0bV9jb250ZW50PTc0MzEzNTQ1IiwicHIiOiI0RUY2REMiLCJ1dG1fcyI6IjQiLCJ1dG1fbSI6ImFmZmlsaWF0ZSIsInV0bV9jIjoiNDc3IiwicyI6MSwidnMiOjEsImwiOiJQYWdlTG9hZCJ9&callback=cb001e07665960d
Requested by: Host: overflowworks.com
URL: https://overflowworks.com/ofw-trace/ofw-freedomdebt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.117.21 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-5-117-21.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3dee4491bf41565a6c72a64b32237ae50ff7a5029f3919da33d8712ab1df1775

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 04:01:33 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Connection: keep-alive
Content-Length: 302

GET
H2 200 6773858.js Show response
tag.getdrip.com/ 127 KB
10 KB 389ms
362ms Script
application/javascript 143.204.101.58
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.getdrip.com/6773858.js
Requested by: Host: deluxeaward.com
URL: http://deluxeaward.com/clicks?cid=24105&pub=107546&sid1=25736_1_13&sid2=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&sid3=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.58 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bbc92a07d9680f1610ed87828de058950aae63d2ef5da161bb1921a7d82bbb2

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:37 GMT
content-encoding: gzip
last-modified: Mon, 09 Dec 2019 03:41:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: w8fAWnINNqFC0HgkHrTg7dg4lKXuFurbVmxxM6MUPkxIIRais3Sxfw==
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)

GET
H2 200 collect
www.google-analytics.com/ 35 B
110 B 6ms
5ms Image
image/gif 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=190238245&t=pageview&_s=1&dl=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545&dr=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&dp=%2F&ul=en-us&de=UTF-8&dt=Will%20Debt%20Relief%20Help%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAj~&jid=579127889&gjid=192646847&cid=2082711223.1575864096&tid=UA-131129682-3&_gid=1993040497.1575864096&gtm=2wgav9K94RSCD&cd1=GTM-K94RSCD&cd2=15&cd3=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&cd4=1575864096078.3g0lh1p&cd5=GA%20Page%20View%20-%20Virtual%20Page%20View&cd6=2082711223.1575864096&z=1994047270

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 09:48:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1707170
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-131129682-3&cid=2082711223.1575864096&jid=579127889&gjid=192646847&_gid=1993040497.1575864096&_u=aGBAgUAj~&z=1357412082
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=2082711223.1575864096&jid=579127889&_v=j79&z=1357412082
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=2082711223.1575864096&jid=579127889&_v=j79&z=1357412082&slf_rd=1&random=3321475800

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=2082711223.1575864096&jid=579127889&_v=j79&z=1357412082&slf_rd=1&random=3321475800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Dec 2019 04:01:36 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Dec 2019 04:01:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131129682-3&cid=2082711223.1575864096&jid=579127889&_v=j79&z=1357412082&slf_rd=1&random=3321475800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

js Show response
pixel.mathtag.com/event/
Redirect Chain

https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&previous_url=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%...
https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&previous_url=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%...

597 B
921 B

23ms
23ms

Script
text/javascript

2.21.37.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&previous_url=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&industry=Business%20Services&mt_adid=209922&event_type=catchall&mt_id=1326827&mt_lim=20&UUID=caf25ded-bc42-4000-8a17-982e4541adac&document_title=Will%20Debt%20Relief%20Help%3F&location=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545%23%2F&document_path=%2F4o4&mt_cb=1575864096105&mm_bnc&mm_bct&UUID=caf25ded-bc42-4000-8a17-982e4541adac
Requested by: Host: save.freedomdebtrelief.com
URL: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-45.deploy.static.akamaitechnologies.com
Software: MT3 1913 979072d master cdg-pixel-x16 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 04:01:36 GMT
Server: MT3 1913 979072d master cdg-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 09 Dec 2019 04:01:35 GMT

Redirect headers

Date: Mon, 09 Dec 2019 04:01:36 GMT
Server: MT3 1913 979072d master cdg-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&previous_url=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&industry=Business%20Services&mt_adid=209922&event_type=catchall&mt_id=1326827&mt_lim=20&UUID=caf25ded-bc42-4000-8a17-982e4541adac&document_title=Will%20Debt%20Relief%20Help%3F&location=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545%23%2F&document_path=%2F4o4&mt_cb=1575864096105&mm_bnc&mm_bct&UUID=caf25ded-bc42-4000-8a17-982e4541adac
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
Expires: Mon, 09 Dec 2019 04:01:35 GMT

GET
H2 200 box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame C896 0
0 38ms
12ms Document
text/html 147.75.33.59
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-671675.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.59 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-4
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-b736908ce6b0e933fad3a2e45df61b38.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545

Response headers

status: 200
date: Mon, 09 Dec 2019 04:01:35 GMT
content-type: text/html
content-length: 808
cache-control: max-age=31536000
content-encoding: br
last-modified: Thu, 28 Nov 2019 17:38:31 GMT
etag: "ed7551919779fd07dbfe6d776c643379"
section-io-origin-status: 200
section-io-origin-time-seconds: 0.028
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: b7fe998c0fdb6e181c83e84290368ec5

GET
H/1.1 200
OK A7FB2E4EF6DC Show response
rdata.modernpostcard.com/v1/C/RawData/ 208 B
1 KB 89ms
88ms Script
application/x-javascript 52.5.117.21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rdata.modernpostcard.com/v1/C/RawData/A7FB2E4EF6DC?v=fbd64f7a-083a-425b-b3a7-c286982a9555&m=1443f5c6-2ea6-4133-b644-de3a0ea66e1a&se=77f961a8-460a-41b6-bf87-8a9d6295adc7&d=eyJ2IjoiZmJkNjRmN2EtMDgzYS00MjViLWIzYTctYzI4Njk4MmE5NTU1IiwibSI6IjE0NDNmNWM2LTJlYTYtNDEzMy1iNjQ0LWRlM2EwZWE2NmUxYSIsImNzaSI6MTg0OTA0OTY4OSwic2UiOiI3N2Y5NjFhOC00NjBhLTQxYjYtYmY4Ny04YTlkNjI5NWFkYzciLCJwIjoiYWExNmE2MGMtMDg1OC00NTYyLTllMDEtOTlmMDg4MTUxZWU0IiwidSI6Imh0dHBzOi8vc2F2ZS5mcmVlZG9tZGVidHJlbGllZi5jb20vNG80P3V0bV9zb3VyY2U9NCZ1dG1fbWVkaXVtPWFmZmlsaWF0ZSZ1dG1fY2FtcGFpZ249NDc3JnV0bV90ZXJtPTEwNzU0NiZ1dG1fYWRncm91cD05ODdhMzA2NDlhYzhmMGFiZDJhNzUxYzk1ZTFjNjE1YyZtYXRjaF90eXBlPTI1NzM2XzFfMTMmdXRtX3B1Ymxpc2hlcj04MDcwN18xXzBfMF8xXzI3NTI5NjdfNDBfMTY0MF80OTQ5OV8xXzEwXzU0NiZ1dG1fY29udGVudD03NDMxMzU0NSMvIiwicG4iOiIvNG80IiwiciI6Imh0dHA6Ly9kZWx1eGVhd2FyZC5jb20vY2xpY2tzP2NpZD0yNDEwNSZwdWI9MTA3NTQ2JnNpZDE9MjU3MzZfMV8xMyZzaWQyPTgwNzA3XzFfMF8wXzFfMjc1Mjk2N180MF8xNjQwXzQ5NDk5XzFfMTBfNTQ2JnNpZDM9NDAiLCJ0IjoiV2lsbCBEZWJ0IFJlbGllZiBIZWxwPyIsImMiOiJodHRwczovL3NhdmUuZnJlZWRvbWRlYnRyZWxpZWYuY29tLzRvND91dG1fc291cmNlPTQmdXRtX21lZGl1bT1hZmZpbGlhdGUmdXRtX2NhbXBhaWduPTQ3NyZ1dG1fdGVybT0xMDc1NDYmdXRtX2FkZ3JvdXA9OTg3YTMwNjQ5YWM4ZjBhYmQyYTc1MWM5NWUxYzYxNWMmbWF0Y2hfdHlwZT0yNTczNl8xXzEzJnV0bV9wdWJsaXNoZXI9ODA3MDdfMV8wXzBfMV8yNzUyOTY3XzQwXzE2NDBfNDk0OTlfMV8xMF81NDYmdXRtX2NvbnRlbnQ9NzQzMTM1NDUjLyIsInByIjoiNEVGNkRDIiwiZWlkIjoibnNfc2VnXzAwMCIsInV0bV9zIjoiNCIsInV0bV9tIjoiYWZmaWxpYXRlIiwidXRtX2MiOiI0NzciLCJzIjoyLCJ2cyI6MSwibCI6IkFjdGlvbiIsInYwMSI6IkVpZCIsInYwMiI6Im5zX3NlZ18wMDAifQ%3D%3D&callback=cb283eb19931dbb
Requested by: Host: overflowworks.com
URL: https://overflowworks.com/ofw-trace/ofw-freedomdebt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.117.21 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-5-117-21.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3d34e9193c5c726ad28f753342161205766076640cc285078201dfea9e4f2211

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 04:01:34 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Connection: keep-alive
Content-Length: 301

GET
H2 200 client.js Show response
d14jnfavjicsbe.cloudfront.net/ 42 KB
14 KB 34ms
7ms Script
text/javascript 2600:9000:21f3:0:1e:9742:1680:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d14jnfavjicsbe.cloudfront.net/client.js
Requested by: Host: tag.getdrip.com
URL: https://tag.getdrip.com/6773858.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:0:1e:9742:1680:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 248f5469715d8d2dc4df41966d63546508b1443c299c789f5b44d06a048a1f0b

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:00:56 GMT
content-encoding: gzip
last-modified: Wed, 25 Sep 2019 15:49:35 GMT
server: AmazonS3
age: 41
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
x-amz-meta-md5sum: IQoKBJvqB0AB2DM6SKx5CQ==
x-amz-cf-id: 2wzCPWKrepmx9BGFcYpyx0OVcCSZyCs93qStfJ-zGjB1xOPjjs5M0w==

GET
H2 200 visit Show response
api.getdrip.com/client/events/ 84 B
995 B 317ms
288ms Script
text/javascript 13.224.196.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/events/visit?drip_account_id=6773858&referrer=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&url=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545%23%2F&domain=save.freedomdebtrelief.com&time_zone=Europe%2FBerlin&enable_third_party_cookies=t&callback=Drip_898145858

Requested by

Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.196.19 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-224-196-19.fra2.r.cloudfront.net

Software

Resource Hash

bc83415d9b53c199114167020f7ad03ef9e7a218eedc70fbd722f00f92df644f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:37 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 84
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 18742156-5947-4a9a-af35-4fce58f6deb3
x-cache: Miss from cloudfront
status: 200
x-amzn-remapped-date: Mon, 09 Dec 2019 04:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-apigw-id: EawNLEjdoAMFkQw=
content-length: 84
x-xss-protection: 1; mode=block
x-request-id: b804ce89-3e71-44c1-973e-af7b504cabf8
x-amz-cf-id: a-3EUveqO5Dk8RV6PyVTWUoXCyQNTWb5rimICRXtjQXr3wzV7anAeg==
x-runtime: 0.012610
referrer-policy: strict-origin-when-cross-origin
etag: W/"bc83415d9b53c199114167020f7ad03e"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-server: nginx
x-amzn-remapped-connection: keep-alive

GET
H/1.1 200
OK A7FB2E4EF6DC Show response
rdata.modernpostcard.com/v1/C/RawData/ 208 B
1 KB 89ms
89ms Script
application/x-javascript 52.5.117.21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rdata.modernpostcard.com/v1/C/RawData/A7FB2E4EF6DC?v=fbd64f7a-083a-425b-b3a7-c286982a9555&m=1443f5c6-2ea6-4133-b644-de3a0ea66e1a&se=77f961a8-460a-41b6-bf87-8a9d6295adc7&d=eyJ2IjoiZmJkNjRmN2EtMDgzYS00MjViLWIzYTctYzI4Njk4MmE5NTU1IiwibSI6IjE0NDNmNWM2LTJlYTYtNDEzMy1iNjQ0LWRlM2EwZWE2NmUxYSIsImNzaSI6MTg0OTA0OTY4OSwic2UiOiI3N2Y5NjFhOC00NjBhLTQxYjYtYmY4Ny04YTlkNjI5NWFkYzciLCJwIjoiYWExNmE2MGMtMDg1OC00NTYyLTllMDEtOTlmMDg4MTUxZWU0IiwidSI6Imh0dHBzOi8vc2F2ZS5mcmVlZG9tZGVidHJlbGllZi5jb20vNG80P3V0bV9zb3VyY2U9NCZ1dG1fbWVkaXVtPWFmZmlsaWF0ZSZ1dG1fY2FtcGFpZ249NDc3JnV0bV90ZXJtPTEwNzU0NiZ1dG1fYWRncm91cD05ODdhMzA2NDlhYzhmMGFiZDJhNzUxYzk1ZTFjNjE1YyZtYXRjaF90eXBlPTI1NzM2XzFfMTMmdXRtX3B1Ymxpc2hlcj04MDcwN18xXzBfMF8xXzI3NTI5NjdfNDBfMTY0MF80OTQ5OV8xXzEwXzU0NiZ1dG1fY29udGVudD03NDMxMzU0NSMvIiwicG4iOiIvNG80IiwiciI6Imh0dHA6Ly9kZWx1eGVhd2FyZC5jb20vY2xpY2tzP2NpZD0yNDEwNSZwdWI9MTA3NTQ2JnNpZDE9MjU3MzZfMV8xMyZzaWQyPTgwNzA3XzFfMF8wXzFfMjc1Mjk2N180MF8xNjQwXzQ5NDk5XzFfMTBfNTQ2JnNpZDM9NDAiLCJ0IjoiV2lsbCBEZWJ0IFJlbGllZiBIZWxwPyIsImMiOiJodHRwczovL3NhdmUuZnJlZWRvbWRlYnRyZWxpZWYuY29tLzRvND91dG1fc291cmNlPTQmdXRtX21lZGl1bT1hZmZpbGlhdGUmdXRtX2NhbXBhaWduPTQ3NyZ1dG1fdGVybT0xMDc1NDYmdXRtX2FkZ3JvdXA9OTg3YTMwNjQ5YWM4ZjBhYmQyYTc1MWM5NWUxYzYxNWMmbWF0Y2hfdHlwZT0yNTczNl8xXzEzJnV0bV9wdWJsaXNoZXI9ODA3MDdfMV8wXzBfMV8yNzUyOTY3XzQwXzE2NDBfNDk0OTlfMV8xMF81NDYmdXRtX2NvbnRlbnQ9NzQzMTM1NDUjLyIsInByIjoiNEVGNkRDIiwiZWlkIjoibnNfc2VnXzAwMCIsInV0bV9zIjoiNCIsInV0bV9tIjoiYWZmaWxpYXRlIiwidXRtX2MiOiI0NzciLCJzIjozLCJ2cyI6MSwibCI6IkFjdGlvbiIsInYwMSI6IkVzMSJ9&callback=cbdf5fb4251b00f
Requested by: Host: overflowworks.com
URL: https://overflowworks.com/ofw-trace/ofw-freedomdebt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.117.21 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-5-117-21.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6fc0917c33ed6beb901d9eb6c900486bcb3316addb529472985d6d89bbf87afc

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 04:01:37 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Connection: keep-alive
Content-Length: 299

GET
H2 200 track Show response
api.getdrip.com/client/ 48 B
801 B 297ms
297ms Script
text/javascript 13.224.196.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/track?url=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545%23%2F&visitor_uuid=1a933c9aa2ce4ac2aa7e3edc8e389fff&_action=Started%20a%20new%20session&source=drip&drip_account_id=6773858&callback=Drip_805081243

Requested by

Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.196.19 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-224-196-19.fra2.r.cloudfront.net

Software

Resource Hash

4daefe457a3a15ea68d6fcc7aa49d5ace498a5fac251556321904092f1c9f116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:37 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 48
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 6d259816-47a7-439e-a82f-bc904c6190fe
x-cache: Miss from cloudfront
status: 200
x-amzn-remapped-date: Mon, 09 Dec 2019 04:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-apigw-id: EawNOHUmIAMFezw=
content-length: 48
x-xss-protection: 1; mode=block
x-request-id: e3845575-3518-4176-bb10-ca225e738971
x-amz-cf-id: J0h44srihy_wG_PWEbLjq7iuDf_aX3Z3BDQB-G5VtCgOvNhKY56KQQ==
x-runtime: 0.022359
referrer-policy: strict-origin-when-cross-origin
etag: W/"4daefe457a3a15ea68d6fcc7aa49d5ac"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-server: nginx
x-amzn-remapped-connection: keep-alive

GET
H2 200 i
tr.snapchat.com/cm/ Frame 9E52 0
0 127ms
113ms Document
text/html 35.186.226.184
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545

Response headers

status: 200
server: nginx/1.17.3
date: Mon, 09 Dec 2019 04:01:37 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 dis.aspx
widget.us.criteo.com/dis/ Frame 2B53 0
0 96ms
96ms Document
text/html 74.119.119.150
Criteo Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/dis/dis.aspx?p=35231&cb=54788624603&ref=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&sc_r=1600x1200&sc_d=24
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: widget.us.criteo.com
:scheme: https
:path: /dis/dis.aspx?p=35231&cb=54788624603&ref=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&sc_r=1600x1200&sc_d=24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545

Response headers

status: 200
cache-control: no-cache
pragma: no-cache
content-type: text/html
content-encoding: gzip
expires: Mon, 26 Jul 1997 05:00:00 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
p3p: CP='CUR ADM OUR NOR STA NID'
timing-allow-origin: *
set-cookie: uid=8a322b58-5a56-43e4-972f-179e1c24b24a; expires=Sat, 02 Jan 2021 04:01:37 GMT; domain=.criteo.com; path=/; secure; samesite=none
x-powered-by: ASP.NET
date: Mon, 09 Dec 2019 04:01:36 GMT
content-length: 147

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
418 B 356ms
88ms XHR
text/plain 3.225.17.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11053195933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.17.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-17-244.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://save.freedomdebtrelief.com
Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 09 Dec 2019 04:01:37 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://save.freedomdebtrelief.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=219272468277337&ev=PageView&dl=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545%23%2F&rl=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&if=false&ts=1575864097416&sw=1600&sh=1200&v=2.9.14&r=stable&ec=1&o=28&fbp=fb.1.1575864097416.1855731467&it=1575864095317&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 04:01:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 09 Dec 2019 04:01:37 GMT

POST
H2 200 p
tr.snapchat.com/ Frame 23BF 0
0 193ms
192ms Document
text/html 35.186.226.184
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 644
pragma: no-cache
cache-control: no-cache
origin: https://save.freedomdebtrelief.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
accept-encoding: gzip, deflate, br
Origin: https://save.freedomdebtrelief.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545

Response headers

status: 200
server: nginx/1.17.3
date: Mon, 09 Dec 2019 04:01:37 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3IwQ3AMAgDwImQTBpMMg6o3oLh23seVeAiLaphOzKsl2SvOpR6vBwz/v/hxs3BB9KeJqoyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
252 B 88ms
87ms XHR
text/plain 3.225.17.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.17.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-17-244.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
Origin: https://save.freedomdebtrelief.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://save.freedomdebtrelief.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Mon, 09 Dec 2019 04:01:37 GMT
Content-Type: text/plain

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
619 B 16ms
16ms Image
image/gif 2.21.37.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-45.deploy.static.akamaitechnologies.com
Software: MT3 1913 979072d master zrh-pixel-x23 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 04:01:45 GMT
Server: MT3 1913 979072d master zrh-pixel-x23
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 09 Dec 2019 04:01:44 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
619 B 19ms
19ms Image
image/gif 2.21.37.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&previous_url=http%3A%2F%2Fdeluxeaward.com%2Fclicks%3Fcid%3D24105%26pub%3D107546%26sid1%3D25736_1_13%26sid2%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26sid3%3D40&industry=Business%20Services&mt_adid=209922&event_type=catchall&mt_id=1326827&mt_lim=20&UUID=caf25ded-bc42-4000-8a17-982e4541adac&document_title=Will%20Debt%20Relief%20Help%3F&location=https%3A%2F%2Fsave.freedomdebtrelief.com%2F4o4%3Futm_source%3D4%26utm_medium%3Daffiliate%26utm_campaign%3D477%26utm_term%3D107546%26utm_adgroup%3D987a30649ac8f0abd2a751c95e1c615c%26match_type%3D25736_1_13%26utm_publisher%3D80707_1_0_0_1_2752967_40_1640_49499_1_10_546%26utm_content%3D74313545%23%2F&document_path=%2F4o4&mt_cb=1575864096105&mm_bnc&mm_bct&UUID=caf25ded-bc42-4000-8a17-982e4541adac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-45.deploy.static.akamaitechnologies.com
Software: MT3 1913 979072d master zrh-pixel-x23 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://save.freedomdebtrelief.com/4o4?utm_source=4&utm_medium=affiliate&utm_campaign=477&utm_term=107546&utm_adgroup=987a30649ac8f0abd2a751c95e1c615c&match_type=25736_1_13&utm_publisher=80707_1_0_0_1_2752967_40_1640_49499_1_10_546&utm_content=74313545
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 04:01:46 GMT
Server: MT3 1913 979072d master zrh-pixel-x23
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 09 Dec 2019 04:01:45 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mathtag.com/	1970-01-19 06:27:36	Name: mt_mop Value: 4:1575864096
.mathtag.com/	1970-01-19 15:10:19	Name: uuid Value: b1805ded-ba74-4d00-a99e-9c88fb6765dd
.freedomdebtrelief.com/	1970-01-19 07:54:00	Name: _fbp Value: fb.1.1575864097416.1855731467
.mathtag.com/	1970-01-19 15:10:19	Name: uuidc Value: 9UtDAGADAv7Jdyq64Ougicl2wLxq/JCKu9RAE5ibTrzGxogt+oObx9yIGV6RmQjTvYCQwAyOJX7yj0+ZCP3zo6NmHO+uR87m/S34DzOVGKI=
.freedomdebtrelief.com/	1970-01-19 05:45:50	Name: _gid Value: GA1.2.1993040497.1575864096
.freedomdebtrelief.com/	1970-01-19 14:30:00	Name: MGX_UC Value: JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyZmJkNjRmN2EtMDgzYS00MjViLWIzYTctYzI4Njk4MmE5NTU1JTIyJTJDJTIyZSUyMiUzQTE1NzYzODk2OTUyOTklN0QlMkMlMjJNR1hfVSUyMiUzQSU3QiUyMnYlMjIlM0ElMjIxNDQzZjVjNi0yZWE2LTQxMzMtYjY0NC1kZTNhMGVhNjZlMWElMjIlMkMlMjJlJTIyJTNBMTU3NjM4OTY5NTMwMCU3RCUyQyUyMk1HWF9QWCUyMiUzQSU3QiUyMnYlMjIlM0ElMjI3N2Y5NjFhOC00NjBhLTQxYjYtYmY4Ny04YTlkNjI5NWFkYzclMjIlMkMlMjJzJTIyJTNBdHJ1ZSUyQyUyMmUlMjIlM0ExNTc1ODY1ODk2NjgwJTdEJTJDJTIyTUdYX0NJRCUyMiUzQSU3QiUyMnYlMjIlM0ElMjJhNWYxNTk1ZC0xZTU2LTQyN2EtOGY1Mi0yM2IxNTE5NWVlMDclMjIlMkMlMjJlJTIyJTNBMTU3NjM4OTY5NTMwMSU3RCUyQyUyMk1HWF9WUyUyMiUzQSU3QiUyMnYlMjIlM0ExJTJDJTIycyUyMiUzQXRydWUlMkMlMjJlJTIyJTNBMTU3NTg2NTg5NjY4MCU3RCUyQyUyMk1HWF9FSUQlMjIlM0ElN0IlMjJ2JTIyJTNBJTIybnNfc2VnXzAwMCUyMiUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE1NzU4NjU4OTY2ODAlN0QlN0Q=
.freedomdebtrelief.com/	1970-01-19 23:15:36	Name: _drip_client_6773858 Value: vid%253D1a933c9aa2ce4ac2aa7e3edc8e389fff%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1575864097098%2526weeklySessionCount%253D1%2526lastSessionAt%253D1575864097098
.freedomdebtrelief.com/	1970-01-19 05:44:24	Name: _dc_gtm_UA-131129682-3 Value: 1
.freedomdebtrelief.com/	1970-01-19 23:15:36	Name: _ga Value: GA1.2.2082711223.1575864096

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/unip/1006637/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","id":"1006637","name":"page_view","tim":1575864095394}'. TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://save.freedomdebtrelief.com/bundle.b5760.js(Line 1) Message: Error Saving State TypeError: Cannot read property 'setItem' of null
console-api	log	URL: https://save.freedomdebtrelief.com/bundle.b5760.js(Line 1) Message: params [object Object]
console-api	log	URL: https://save.freedomdebtrelief.com/bundle.b5760.js(Line 1) Message: params [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3h7fyx43w00w3vbn1k41xb3w-wpengine.netdna-ssl.com
aa.agkn.com
adadvisor.net
amplifypixel.outbrain.com
api.getdrip.com
bat.bing.com
cdn.optimizely.com
cdn.taboola.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
d14jnfavjicsbe.cloudfront.net
deluxeaward.com
errors.client.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
fsmccbll.com
overflowworks.com
pixel.mathtag.com
q.quora.com
rainbowsell.com
rdata.modernpostcard.com
s.pinimg.com
s.yimg.com
save.freedomdebtrelief.com
sc-static.net
script.hotjar.com
sdfkjsdfhsfkjhsdf.page.link
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
tag.getdrip.com
tr.snapchat.com
vars.hotjar.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.196.19
143.204.101.58
147.75.33.59
147.75.84.181
147.75.84.33
151.101.112.84
151.101.114.2
151.101.66.159
156.154.136.32
178.250.0.130
178.250.2.151
185.56.169.92
2.21.37.45
2600:9000:21f3:0:1e:9742:1680:21
2606:4700::6811:4104
2606:4700::6812:eb0
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:806::200e
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:817::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:81e::2010
2a00:1450:4001:81f::2013
2a00:1450:4001:824::200a
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9b
2a02:26f0:6c00:181::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.217.49.197
3.225.17.244
34.196.234.34
35.177.239.109
35.186.226.184
45.57.250.250
52.222.169.242
52.5.117.21
70.42.32.31
74.119.119.150
94.31.29.96
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
08f46166ba8f17f10bcf12e4cb5307eee649495f36b4561aa86ae2fde668f99f
0c05647269824e0b6793e4470d927dda61f930760addf060d175662cb82cf064
0f95f1a92281359fceb19419670a5d511dd568b6de253b622069fc775f2e6835
10c3b1b8d9b03f13651f16b74cddff7a133468381315b1dcef26afdca5df8958
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
248f5469715d8d2dc4df41966d63546508b1443c299c789f5b44d06a048a1f0b
319b52fb8d5a3662a55998c9b9c9992548b9fa704dcd80a530ca5b95e40db8f1
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3d34e9193c5c726ad28f753342161205766076640cc285078201dfea9e4f2211
3dee4491bf41565a6c72a64b32237ae50ff7a5029f3919da33d8712ab1df1775
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464f98ed0cc4bd0a6f0858a99c60f2e018645009265ed955a0a2eb0f5ca81e00
4aa1627f50d39f26bb0787baca119ee10426ad10bb71443457de24386cee737d
4daefe457a3a15ea68d6fcc7aa49d5ace498a5fac251556321904092f1c9f116
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59e727261bde9c5214913717a4322228d183df6e54d4f6d2b1dc2fa8bd049b17
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5ebffe5b38ea0b93839b4e7931a8b91c88ff71880eedcbadd88d9044e5c43059
64b7d52bdefcc8d47feca9cfc8fa87db9c0eb328efb4202c991b7ed6971cc07d
64bbb2adde8145dcdc0e1b172913b6af209a954d7344eeb8428126b50c1ba5fd
695046c5e4f10b710a74a13166979d6bac1a4a5c4845ea95e298b49db9583bba
6fc0917c33ed6beb901d9eb6c900486bcb3316addb529472985d6d89bbf87afc
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
7bbc92a07d9680f1610ed87828de058950aae63d2ef5da161bb1921a7d82bbb2
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9e446e75dc20b6dc693b247aaf7704112e55ef434588368aa0761fc76b3a29a5
a3d202c4ba1ae9e682e8d4f02f28c9a77928e13c3b7ca5d9cc19444f30639384
ac11cc52e4a9596d0fcc4fc67d6ae6af523d05dfd0c05d77a6831efda18409ff
acbee2b4d7a66c0dddfb65ee50b07440e1309d41b051d8b164283a30fe765002
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b52c0d4f24ad3d883256405402908cba93fa56198e6b729753ff666ded3a975b
bc83415d9b53c199114167020f7ad03ef9e7a218eedc70fbd722f00f92df644f
bf06c64a8b15567c0c44c4c0dc84a2ac87d4d996b7d602784c0ef784fea7cefb
c17ce2a905cb8cf01127ad0042491c71f233f3d8e8b2d848f7c570af051e29d7
ce955c2abb1b3639be7d38357b192b262f73576e7c2408c75200f3d8cda33913
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3641aa0c31ca79f9980d3fc3a11afffc7d243502a52e7524f16fdcddb395cde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54baaed23e93d14bd8ce872d6f953eb50ecbe4f1bacee414f6c701e48f05fd9
e68fa68924149dfb8c3f703ed3a823a419e9ab40ca6ee1810b64797369c5db26
e7758b9c1a2b4b545ab89b75cfe290567de5792d1f50e2621bf58a4e2e66a641
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd9de3afabf343e13c305fa182024238ff8e24025e5c88c6c5d56b0a88480cd

save.freedomdebtrelief.com Open in urlscan Pro 2a00:1450:4001:81f::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

97 %HTTPS

43 %IPv6

36 Domains

42 Subdomains

35 IPs

10 Countries

765 kBTransfer

2924 kBSize

9 Cookies

6 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

save.freedomdebtrelief.com Open in urlscan Pro
2a00:1450:4001:81f::2013 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

97 %
HTTPS

43 %
IPv6

36
Domains

42
Subdomains

35
IPs

10
Countries

765 kB
Transfer

2924 kB
Size

9
Cookies

64 HTTP transactions
0 data transactions