flip2freedom.kartra.com Open in urlscan Pro
2606:4700::6811:d025 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://getreichat.com/
Effective URL:
https://flip2freedom.kartra.com/page/EuJ627
Submission: On April 15 via api (April 15th 2023, 4:22:29 am UTC) from US — Scanned from DE

Summary HTTP 69 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 23 domains to perform 69 HTTP transactions. The main IP is 2606:4700::6811:d025, located in United States and belongs to CLOUDFLARENET, US. The main domain is flip2freedom.kartra.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2022. Valid for: a year.

This is the only time flip2freedom.kartra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
2 6	2606:4700::68... 2606:4700::6811:d225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 16	2606:4700::68... 2606:4700::6811:d025	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
5	2600:9000:223... 2600:9000:223d:200:1c:2135:3780:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:d600:6:a951:7b00:21	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2600:9000:223... 2600:9000:223c:2e00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
4	52.19.101.153 52.19.101.153	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:2248:3a00:13:c079:7880:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.156.254.128 54.156.254.128	14618 (AMAZON-AES) (AMAZON-AES)
3	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
3 4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b140:318:4480:a19a:ad9	14618 (AMAZON-AES) (AMAZON-AES)
1	44.194.121.192 44.194.121.192	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
69	26

1 3.33.152.147 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

getreichat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:d225 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.getreichat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6811:d025 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

flip2freedom.kartra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.kartra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:223d:200:1c:2135:3780:21 (United States)

ASN16509 (AMAZON-02, US)

d2uolguxr56s4e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:d600:6:a951:7b00:21 (United States)

ASN16509 (AMAZON-02, US)

d1aettbyeyfilo.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:2e00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.19.101.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-101-153.eu-west-1.compute.amazonaws.com

tracking.clickstripe1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2248:3a00:13:c079:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.254.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-254-128.compute-1.amazonaws.com

intof.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:318:4480:a19a:ad9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.121.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-121-192.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	kartra.com 2 redirects flip2freedom.kartra.com app.kartra.com — Cisco Umbrella Rank: 137507	94 KB
7	getreichat.com 3 redirects getreichat.com www.getreichat.com	76 KB
6	cloudfront.net d2uolguxr56s4e.cloudfront.net d1aettbyeyfilo.cloudfront.net	1 MB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 974 trc.taboola.com — Cisco Umbrella Rank: 693 trc-events.taboola.com — Cisco Umbrella Rank: 1900	20 KB
5	gstatic.com fonts.gstatic.com	105 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6074	778 B
4	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	2 KB
4	clickstripe1.com tracking.clickstripe1.com	1 KB
4	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 80	3 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2663 rp.liadm.com — Cisco Umbrella Rank: 1532 rp4.liadm.com — Cisco Umbrella Rank: 6924	15 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	13 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	216 B
2	intof.io intof.io — Cisco Umbrella Rank: 201157	1 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 497	7 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 421	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	137 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 895	12 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	5 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1154	632 B
1	oribi.io cdn.oribi.io — Cisco Umbrella Rank: 17508	601 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 182	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	84 KB
0	conversionfly.com Failed conversionfly.com — Cisco Umbrella Rank: 899663 Failed bans.conversionfly.com Failed
69	23

	Domain	Requested by
11	app.kartra.com	1 redirects www.getreichat.com flip2freedom.kartra.com
6	www.getreichat.com	2 redirects www.getreichat.com
5	fonts.gstatic.com	fonts.googleapis.com
5	d2uolguxr56s4e.cloudfront.net	www.getreichat.com flip2freedom.kartra.com app.kartra.com
5	flip2freedom.kartra.com	1 redirects app.kartra.com flip2freedom.kartra.com
4	www.google.de	flip2freedom.kartra.com
4	www.google.com	3 redirects flip2freedom.kartra.com
4	tracking.clickstripe1.com	www.googletagmanager.com
3	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com flip2freedom.kartra.com
2	trc-events.taboola.com	cdn.taboola.com
2	trc.taboola.com	cdn.taboola.com
2	www.facebook.com	flip2freedom.kartra.com
2	intof.io	www.googletagmanager.com flip2freedom.kartra.com
2	s.yimg.com	www.getreichat.com s.yimg.com
2	ssl.google-analytics.com	1 redirects www.googletagmanager.com
2	connect.facebook.net	flip2freedom.kartra.com connect.facebook.net
2	static.cloudflareinsights.com	www.getreichat.com flip2freedom.kartra.com
2	fonts.googleapis.com	www.getreichat.com flip2freedom.kartra.com
1	sp.analytics.yahoo.com	flip2freedom.kartra.com
1	rp4.liadm.com	flip2freedom.kartra.com
1	rp.liadm.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	cdn.taboola.com	www.getreichat.com
1	cdn.oribi.io	www.getreichat.com
1	b-code.liadm.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	d1aettbyeyfilo.cloudfront.net	flip2freedom.kartra.com
1	www.googletagmanager.com	flip2freedom.kartra.com
1	getreichat.com	1 redirects
0	bans.conversionfly.com Failed	flip2freedom.kartra.com
0	conversionfly.com Failed	flip2freedom.kartra.com
69	32

This site contains links to these domains. Also see Links.

Domain
www.flip2freedom.com
members.flip2freedom.com

Subject Issuer	Validity	Valid
www.getreichat.com Cloudflare Inc ECC CA-3	`2023-02-16` - `2024-02-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-22` - `2023-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
tracking.clickstripe1.com Amazon RSA 2048 M01	`2023-03-16` - `2024-04-13`	a year	crt.sh
oribi.io Amazon RSA 2048 M02	`2023-02-27` - `2023-06-17`	4 months	crt.sh
*.intof.io GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-21` - `2023-04-22`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh

This page contains 5 frames:

Primary Page: https://flip2freedom.kartra.com/page/EuJ627
Frame ID: 69F0492F680B4B7035AE9F921FD89932
Requests: 73 HTTP requests in this frame

Frame: https://tracking.clickstripe1.com/aff_l?offer_id=581
Frame ID: 525745458BCECBC96B6DE399695E415C
Requests: 1 HTTP requests in this frame

Frame: https://tracking.clickstripe1.com/aff_l?offer_id=588
Frame ID: 159C3E1C54A613F6BCC7B1894A219B08
Requests: 1 HTTP requests in this frame

Frame: https://tracking.clickstripe1.com/aff_l?offer_id=586
Frame ID: 782B8347F8CE30059A168B05FB6B2765
Requests: 1 HTTP requests in this frame

Frame: https://tracking.clickstripe1.com/aff_l?offer_id=582&transaction_id=TRANSACTION_ID
Frame ID: FAB5EC6EE2C4BEFAB613ACF9AF2C369E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

REIChatLeads-SOLD OUT

Page URL History Show full URLs

http://getreichat.com/ HTTP 301
https://www.getreichat.com/ HTTP 302
https://www.getreichat.com/front/domain_validation?step=1&domain=www.getreichat.com&url=https%3A%2F%2Fw... HTTP 307
https://flip2freedom.kartra.com/front/domain_validation?step=2&domain=www.getreichat.com&url=https%3A%2F%2Fw... HTTP 307
https://www.getreichat.com/?r_done=1 Page URL
https://app.kartra.com/redirect_to/?asset=page&id=S6XLTGDBs7dT HTTP 307
https://flip2freedom.kartra.com/page/EuJ627 Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Checkout

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Oribi (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.oribi\.io

Page Statistics

69
Requests

90 %
HTTPS

71 %
IPv6

23
Domains

32
Subdomains

26
IPs

6
Countries

1695 kB
Transfer

6855 kB
Size

17
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.flip2freedom.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://members.flip2freedom.com/terms-and-conditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: http://www.flip2freedom.com/earnings-disclaimer/
Title: Earnings Disclaimer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://getreichat.com/ HTTP 301
https://www.getreichat.com/ HTTP 302
https://www.getreichat.com/front/domain_validation?step=1&domain=www.getreichat.com&url=https%3A%2F%2Fwww.getreichat.com%2F HTTP 307
https://flip2freedom.kartra.com/front/domain_validation?step=2&domain=www.getreichat.com&url=https%3A%2F%2Fwww.getreichat.com%2F HTTP 307
https://www.getreichat.com/?r_done=1 Page URL
https://app.kartra.com/redirect_to/?asset=page&id=S6XLTGDBs7dT HTTP 307
https://flip2freedom.kartra.com/page/EuJ627 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://getreichat.com/ HTTP 301
https://www.getreichat.com/ HTTP 302
https://www.getreichat.com/front/domain_validation?step=1&domain=www.getreichat.com&url=https%3A%2F%2Fwww.getreichat.com%2F HTTP 307
https://flip2freedom.kartra.com/front/domain_validation?step=2&domain=www.getreichat.com&url=https%3A%2F%2Fwww.getreichat.com%2F HTTP 307
https://www.getreichat.com/?r_done=1

Request Chain 35

https://conversionfly.com/fliptrax2/urlcheckJson.php?callback=_conversionflyMagic.redirectCallback&url=https://flip2freedom.kartra.com/page/EuJ627 HTTP 301
https://bans.conversionfly.com/

Request Chain 36

https://conversionfly.com/fliptrax2/a.php?tc=75700590290012270000 HTTP 301
https://bans.conversionfly.com/

Request Chain 58

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/666561988/?random=1681532543971&cv=11&fst=1681532543971&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&hn=www.googleadservices.com&frm=0&tiba=REIChatLeads-SOLD%20OUT&auid=782945844.1681532544&uamb=0&uaw=0 HTTP 302
https://www.google.com/pagead/1p-user-list/666561988/?random=1681532543971&cv=11&fst=1681531200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&frm=0&tiba=REIChatLeads-SOLD%20OUT&is_vtc=1&random=2953942776 HTTP 302
https://www.google.de/pagead/1p-user-list/666561988/?random=1681532543971&cv=11&fst=1681531200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&frm=0&tiba=REIChatLeads-SOLD%20OUT&is_vtc=1&random=2953942776&ipr=y

Request Chain 60

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1762422158&utmhn=flip2freedom.kartra.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=REIChatLeads-SOLD%20OUT&utmhid=79727586&utmr=https%3A%2F%2Fwww.getreichat.com%2F&utmp=%2Fpage%2FEuJ627&utmht=1681532544018&utmac=UA-64718437-5&utmgtm=45He34c0n81K5CPTB4&utmcc=__utma%3D38349300.2127904446.1681532544.1681532544.1681532544.1%3B%2B__utmz%3D38349300.1681532544.1.1.utmcsr%3Dgetreichat.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=715500464&utmredir=1&utmu=qmAgAABAAAGBAAAAAgAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64718437-5&cid=2127904446.1681532544&jid=715500464&_v=5.7.2&z=1762422158 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64718437-5&cid=2127904446.1681532544&jid=715500464&_v=5.7.2&z=1762422158 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64718437-5&cid=2127904446.1681532544&jid=715500464&_v=5.7.2&z=1762422158&slf_rd=1&random=1662098392

Request Chain 61

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/666561988/?random=172324908&cv=11&fst=1681532543967&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&label=u-t7CLXFxcQBEMTb670C&hn=www.googleadservices.com&frm=0&tiba=REIChatLeads-SOLD%20OUT&value=0&auid=782945844.1681532544&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=gCY6ZKw6ubL27w-DrZmoAg&sscte=1&crd=&eitems=ChAI8PPjoQYQxNSVnLH30KZjEh0AEr7TtDbeZXKT-a4Q7oSkOyGeEzXgnI3CPev0SA&pscrd=EkxDaEFJOFBQam9RWVFwc1dKX3NhenlkaE5FaVVBSHp1Wnh5RGs0OUdHZTJfenhIWjgzQnVLYUpha01CYlRRRTNSNU1mQmEzY05KdzZfGlhDaEVJOFBQam9RWVF3TkRmNllmODQ2MmxBUkl0QUxxTS1xRUJaUVY0bnZtbERSend5OHgtbEtJUThxbEJ5aWpGWTlVQTBxVnpaWFpPQjh2T0FTcENmTVFE HTTP 302
https://www.google.com/pagead/1p-conversion/666561988/?random=172324908&cv=11&fst=1681532543967&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&label=u-t7CLXFxcQBEMTb670C&hn=www.googleadservices.com&frm=0&tiba=REIChatLeads-SOLD%20OUT&value=0&auid=782945844.1681532544&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFBQam9RWVFwc1dKX3NhenlkaE5FaVVBSHp1Wnh5RGs0OUdHZTJfenhIWjgzQnVLYUpha01CYlRRRTNSNU1mQmEzY05KdzZfGlhDaEVJOFBQam9RWVF3TkRmNllmODQ2MmxBUkl0QUxxTS1xRUJaUVY0bnZtbERSend5OHgtbEtJUThxbEJ5aWpGWTlVQTBxVnpaWFpPQjh2T0FTcENmTVFE&is_vtc=1&ocp_id=gCY6ZKw6ubL27w-DrZmoAg&eitems=ChAI8PPjoQYQxNSVnLH30KZjEh0AEr7TtHmnUHTL-EkwRHiseANd1Wh9jFGkexeiNA&random=1299542801 HTTP 302
https://www.google.de/pagead/1p-conversion/666561988/?random=172324908&cv=11&fst=1681532543967&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&label=u-t7CLXFxcQBEMTb670C&hn=www.googleadservices.com&frm=0&tiba=REIChatLeads-SOLD%20OUT&value=0&auid=782945844.1681532544&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFBQam9RWVFwc1dKX3NhenlkaE5FaVVBSHp1Wnh5RGs0OUdHZTJfenhIWjgzQnVLYUpha01CYlRRRTNSNU1mQmEzY05KdzZfGlhDaEVJOFBQam9RWVF3TkRmNllmODQ2MmxBUkl0QUxxTS1xRUJaUVY0bnZtbERSend5OHgtbEtJUThxbEJ5aWpGWTlVQTBxVnpaWFpPQjh2T0FTcENmTVFE&is_vtc=1&ocp_id=gCY6ZKw6ubL27w-DrZmoAg&eitems=ChAI8PPjoQYQxNSVnLH30KZjEh0AEr7TtHmnUHTL-EkwRHiseANd1Wh9jFGkexeiNA&random=1299542801&ipr=y&prhg=0

Request Chain 62

https://rp.liadm.com/j?dtstmp=1681532544035&aid=a-045q&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZW1haWxfc2lnbnVwIn0&duid=5fe2e9cc51c8--01gy1jcs10vsk990s88x1mq5zc&tna=v2.7.1&pu=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&wpn=lc-bundle&refr=https%3A%2F%2Fwww.getreichat.com%2F&c=PHRpdGxlPlJFSUNoYXRMZWFkcy1TT0xEIE9VVDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1681532544035&aid=a-045q&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZW1haWxfc2lnbnVwIn0&duid=5fe2e9cc51c8--01gy1jcs10vsk990s88x1mq5zc&tna=v2.7.1&pu=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&wpn=lc-bundle&refr=https%3A%2F%2Fwww.getreichat.com%2F&c=PHRpdGxlPlJFSUNoYXRMZWFkcy1TT0xEIE9VVDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMTo0YTA6MmI6OjQ%3D&n3pc=true

69 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
www.getreichat.com/
Redirect Chain

http://getreichat.com/
https://www.getreichat.com/
https://www.getreichat.com/front/domain_validation?step=1&domain=www.getreichat.com&url=https%3A%2F%2Fwww.getreichat.com%2F
https://flip2freedom.kartra.com/front/domain_validation?step=2&domain=www.getreichat.com&url=https%3A%2F%2Fwww.getreichat.com%2F
https://www.getreichat.com/?r_done=1

73 KB
12 KB

516ms
515ms

Document
text/html

2606:4700::6811:d225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7b81683578c89199-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 04:22:22 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7b8168346e7a5bf5-FRA
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 04:22:22 GMT
location: https://www.getreichat.com/?r_done=1
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 css
fonts.googleapis.com/ 95 KB
3 KB 48ms
23ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Raleway:300,300i,400,400i,600,600i,700,700i,900,900i|Carter+One:300,300i,400,400i,600,600i,700,700i,900,900i|Roboto+Condensed:300,300i,400,400i,600,600i,700,700i,900,900i|Arimo:300,300i,400,400i,600,600i,700,700i,900,900i|Nunito:300,300i,400,400i,600,600i,700,700i,900,900i|Asap:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap

Requested by

Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36326d1020c84f0392cf30d8129dacd9f0f08e386f8378c78b42c41ae0792c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 04:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 04:22:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 04:22:22 GMT

GET
H2 200 new_bootstrap.css
d2uolguxr56s4e.cloudfront.net/internal/pages/css/ 73 KB
12 KB 56ms
7ms Stylesheet
text/css 2600:9000:223d:200:1c:2135:3780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2uolguxr56s4e.cloudfront.net/internal/pages/css/new_bootstrap.css
Requested by: Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:200:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 814e07ce4b86b98561bb51234aa301976649db739888369aaf4a0ad23516c3ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 05:28:09 GMT
x-amz-version-id: vLfdsUZ5RzhvHBCzTiObx6N8q7D5wwlp
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 05:28:05 GMT
server: AmazonS3
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"8e0a539245669145f7b308fb3b855b55"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 82454
x-amz-cf-id: E--tXehBvPm7_ILuyNnt_NptCEDXRKRAFCRsNYkvnKq-OlvTqrSFcA==

GET
H2 200 kartra_components.css
d2uolguxr56s4e.cloudfront.net/internal/pages/css/ 2 MB
166 KB 63ms
14ms Stylesheet
text/css 2600:9000:223d:200:1c:2135:3780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2uolguxr56s4e.cloudfront.net/internal/pages/css/kartra_components.css
Requested by: Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:200:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 429a3173904fe4a9d62fc0d1307bcd7f1817453b39c39f91d1ad6e072a91db04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 05:28:09 GMT
x-amz-version-id: 2WJAOmJu0rO.NJgk7FBZFFqWj5grr7Dq
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 05:28:05 GMT
server: AmazonS3
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"1823b1dc1f1711a92ea95ebbb4a8873a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 82454
x-amz-cf-id: fg-t9k7g86BW_YcBPFR4ZWbNZnwoY9x1VZJmC99CHpDTRnpRFwV-iw==

GET
H2 200 font-awesome.css
app.kartra.com/css/new/css/pages/ 29 KB
7 KB 30ms
21ms Stylesheet
text/css 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kartra.com/css/new/css/pages/font-awesome.css

Requested by

Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f06038feadb1937748ae1a141874cc049bf2cf10e7dd290fd2aa3097483cc791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 22 Feb 2023 07:49:27 GMT
server: cloudflare
age: 3015
cf-polished: origSize=29983
etag: W/"63f5c907-751f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 7b816838b9ee5bf5-FRA
expires: Sat, 15 Apr 2023 04:27:22 GMT

GET
H2 200 skeleton-above.js
www.getreichat.com/js/build/front/pages/ 178 KB
56 KB 129ms
128ms Script
application/javascript 2606:4700::6811:d225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getreichat.com/js/build/front/pages/skeleton-above.js

Requested by

Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/?r_done=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 20 Feb 2023 08:21:24 GMT
server: cloudflare
etag: W/"63f32d84-2c9d6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
cf-ray: 7b816838bb399199-FRA
expires: Sat, 15 Apr 2023 04:27:22 GMT

GET
H2 200 redirect.js Show response
app.kartra.com//js/build/front/pages/ 3 KB
1 KB 28ms
20ms Script
application/javascript 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kartra.com//js/build/front/pages/redirect.js

Requested by

Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7664cfe8a3c6d5b1015b6cc4300fdaa2ac275c4020fd4ac410dcd35b31b648e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Feb 2022 09:43:17 GMT
server: cloudflare
age: 4863
cf-polished: origSize=4926
etag: W/"620cc735-133e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
cf-ray: 7b816838b9ef5bf5-FRA
expires: Sat, 15 Apr 2023 04:27:22 GMT

GET
H2 200 popup
app.kartra.com/resources/js/ 14 KB
4 KB 182ms
181ms Script
application/javascript 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kartra.com/resources/js/popup

Requested by

Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7b816839caf05bf5-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 skeleton-immediate.js
www.getreichat.com/js/build/front/pages/ 7 KB
3 KB 128ms
127ms Script
application/javascript 2606:4700::6811:d225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getreichat.com/js/build/front/pages/skeleton-immediate.js

Requested by

Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/?r_done=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 16 Feb 2022 09:43:17 GMT
server: cloudflare
etag: W/"620cc735-1c52"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
cf-ray: 7b816839cc059199-FRA
expires: Sat, 15 Apr 2023 04:27:23 GMT

GET
H2 200 skeleton-below.js
www.getreichat.com/js/build/front/pages/ 13 KB
4 KB 364ms
363ms Script
application/javascript 2606:4700::6811:d225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getreichat.com/js/build/front/pages/skeleton-below.js

Requested by

Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/?r_done=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 28 Mar 2023 07:27:33 GMT
server: cloudflare
etag: W/"642296e5-326d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
cf-ray: 7b81683aecbe9199-FRA
expires: Sat, 15 Apr 2023 04:27:23 GMT

GET
H2 200 9rM9WOrq
app.kartra.com/resources/js/analytics/ 6 KB
2 KB 158ms
157ms Script
application/javascript 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kartra.com/resources/js/analytics/9rM9WOrq

Requested by

Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b81683b0be75bf5-FRA
content-type: application/javascript; charset=UTF-8

GET
H2 200 page_check
app.kartra.com/resources/js/ 127 B
167 B 167ms
167ms Script
application/javascript 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kartra.com/resources/js/page_check?page_id=1In2jylgrXCp

Requested by

Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b81683c0cb15bf5-FRA
content-type: application/javascript; charset=UTF-8

GET
H2 200 kartra_embed_wild_card
app.kartra.com/resources/js/ 6 KB
2 KB 196ms
196ms Script
application/javascript 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kartra.com/resources/js/kartra_embed_wild_card?type=kartra_page&owner=9rM9WOrq

Requested by

Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getreichat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b816839caf15bf5-FRA
content-type: application/javascript; charset=UTF-8

GET
H2 200 v2b4487d741ca48dcbadcaf954e159fc61680799950996
static.cloudflareinsights.com/beacon.min.js/ 16 KB
6 KB 88ms
52ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996
Requested by: Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.getreichat.com/
Origin: https://www.getreichat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 16:52:30 GMT
server: cloudflare
etag: W/2023.4.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7b81683d48d70482-FRA

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2

200

Primary Request EuJ627 Show response
flip2freedom.kartra.com/page/
Redirect Chain

https://app.kartra.com/redirect_to/?asset=page&id=S6XLTGDBs7dT
https://flip2freedom.kartra.com/page/EuJ627

18 KB
6 KB

468ms
467ms

Document
text/html

2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flip2freedom.kartra.com/page/EuJ627

Requested by

Host: app.kartra.com
URL: https://app.kartra.com//js/build/front/pages/redirect.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efebacf04c5cd1617f97d6f0d34f06228b51e5e4d6785c1e4e9f58783f35def0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getreichat.com/?r_done=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7b81683b2c1b5bf5-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 04:22:23 GMT
last-modified: Tue, 21 Mar 2023 15:26:19 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7b81683a1b255bf5-FRA
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 04:22:23 GMT
location: https://flip2freedom.kartra.com/page/EuJ627
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 css
fonts.googleapis.com/ 48 KB
2 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93070cafce2eb961aa90b64aba60fc11cee628d9ab48ea7019efead1a17cadcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 04:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 04:22:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 04:22:23 GMT

GET
H2 200 new_bootstrap.css
d2uolguxr56s4e.cloudfront.net/internal/pages/css/ 73 KB
12 KB 9ms
8ms Stylesheet
text/css 2600:9000:223d:200:1c:2135:3780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2uolguxr56s4e.cloudfront.net/internal/pages/css/new_bootstrap.css
Requested by: Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:200:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 814e07ce4b86b98561bb51234aa301976649db739888369aaf4a0ad23516c3ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 05:28:09 GMT
x-amz-version-id: vLfdsUZ5RzhvHBCzTiObx6N8q7D5wwlp
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 05:28:05 GMT
server: AmazonS3
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"8e0a539245669145f7b308fb3b855b55"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 82455
x-amz-cf-id: 0AdcYA0nVBJNeot-eYe5ZxEOOZ5uv6nn5vHdUiRxOZRLwNfa74lRzg==

GET
H2 200 kartra_components.css
d2uolguxr56s4e.cloudfront.net/internal/pages/css/ 2 MB
166 KB 10ms
9ms Stylesheet
text/css 2600:9000:223d:200:1c:2135:3780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2uolguxr56s4e.cloudfront.net/internal/pages/css/kartra_components.css
Requested by: Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:200:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 429a3173904fe4a9d62fc0d1307bcd7f1817453b39c39f91d1ad6e072a91db04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 05:28:09 GMT
x-amz-version-id: 2WJAOmJu0rO.NJgk7FBZFFqWj5grr7Dq
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 05:28:05 GMT
server: AmazonS3
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"1823b1dc1f1711a92ea95ebbb4a8873a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 82455
x-amz-cf-id: VF5S8poLKdS5QlYopT4dt4VAwYzfWGz5f31YPJYzUzP6LR2GghVd-Q==

GET
H2 200 font-awesome.css
app.kartra.com/css/new/css/pages/ 29 KB
7 KB 25ms
24ms Stylesheet
text/css 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kartra.com/css/new/css/pages/font-awesome.css

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f06038feadb1937748ae1a141874cc049bf2cf10e7dd290fd2aa3097483cc791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 22 Feb 2023 07:49:27 GMT
server: cloudflare
age: 3016
cf-polished: origSize=29983
etag: W/"63f5c907-751f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 7b81683e2e515bf5-FRA
expires: Sat, 15 Apr 2023 04:27:23 GMT

GET
H2 200 skeleton-above.js Show response
flip2freedom.kartra.com/js/build/front/pages/ 178 KB
56 KB 134ms
133ms Script
application/javascript 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flip2freedom.kartra.com/js/build/front/pages/skeleton-above.js

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0521a306b0d39523779b1076423cba47a1625bf3fc8a0c4cf213bd5edb364572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/page/EuJ627
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 20 Feb 2023 08:21:24 GMT
server: cloudflare
etag: W/"63f32d84-2c9d6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
cf-ray: 7b81683e2e535bf5-FRA
expires: Sat, 15 Apr 2023 04:27:23 GMT

GET a.php
conversionfly.com/fliptrax2/ 0
0

GET
H2 200 skeleton-immediate.js Show response
flip2freedom.kartra.com/js/build/front/pages/ 7 KB
3 KB 121ms
121ms Script
application/javascript 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flip2freedom.kartra.com/js/build/front/pages/skeleton-immediate.js

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fda0820478381b07d4294f2cb508287a705bfbdb0f9a7d425d4258913221da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/page/EuJ627
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 16 Feb 2022 09:43:17 GMT
server: cloudflare
etag: W/"620cc735-1c52"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
cf-ray: 7b81683e5e785bf5-FRA
expires: Sat, 15 Apr 2023 04:27:23 GMT

GET
H2 200 skeleton-below.js Show response
flip2freedom.kartra.com/js/build/front/pages/ 13 KB
4 KB 130ms
129ms Script
application/javascript 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flip2freedom.kartra.com/js/build/front/pages/skeleton-below.js

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0efa7883808f073909fecd55652d2c43e658a414d4eaca6b9398032486ac5b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/page/EuJ627
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 28 Mar 2023 07:27:33 GMT
server: cloudflare
etag: W/"642296e5-326d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
cf-ray: 7b81683f3f4d5bf5-FRA
expires: Sat, 15 Apr 2023 04:27:23 GMT

GET
H2 200 9rM9WOrq Show response
app.kartra.com/resources/js/analytics/ 6 KB
2 KB 168ms
167ms Script
application/javascript 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kartra.com/resources/js/analytics/9rM9WOrq

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592a8b27e9a69bbaf008ada9590dfde98d161a1d5e489a8a9d51f66c5cc242f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b81683f3f4f5bf5-FRA
content-type: application/javascript; charset=UTF-8

GET
H2 200 page_check Show response
app.kartra.com/resources/js/ 127 B
176 B 171ms
171ms Script
application/javascript 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kartra.com/resources/js/page_check?page_id=S6XLTGDBs7dT

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04ba9191a34da1249205be89a6290068726ffc1d18bd809ddabb2d3ef2fe2405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b81683f3f505bf5-FRA
content-type: application/javascript; charset=UTF-8

GET
H2 200 kartra_embed_wild_card Show response
app.kartra.com/resources/js/ 6 KB
2 KB 189ms
189ms Script
application/javascript 2606:4700::6811:d025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kartra.com/resources/js/kartra_embed_wild_card?type=kartra_page&owner=9rM9WOrq

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abd9ac2d548cc9e1cdbb6a733576fcaca110918c8754e19cfb2e49c01e4d8f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b81683f0f335bf5-FRA
content-type: application/javascript; charset=UTF-8

GET
H2 200 v2b4487d741ca48dcbadcaf954e159fc61680799950996 Show response
static.cloudflareinsights.com/beacon.min.js/ 16 KB
6 KB 36ms
36ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996
Requested by: Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4860695983e79ae4c596701d7203945837da206d3fdba56684661a5cd60b16c2

Request headers

Referer: https://flip2freedom.kartra.com/
Origin: https://flip2freedom.kartra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 16:52:30 GMT
server: cloudflare
etag: W/2023.4.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7b81683f3a620482-FRA

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 250 KB
84 KB 54ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5CPTB4

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

444f5fd66bebc325260160e56d48e5d9cb696f936fa538ae5988b6fcb0491dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85878
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Apr 2023 04:22:23 GMT

GET

/
bans.conversionfly.com/
Redirect Chain

https://conversionfly.com/fliptrax2/urlcheckJson.php?callback=_conversionflyMagic.redirectCallback&url=https://flip2freedom.kartra.com/page/EuJ627
https://bans.conversionfly.com/

0
0

GET

/
bans.conversionfly.com/
Redirect Chain

https://conversionfly.com/fliptrax2/a.php?tc=75700590290012270000
https://bans.conversionfly.com/

0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 36ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 04:22:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: iR7c2aXbH9SvJ8boKLoLdEPnxpsMuVJ3xRkJ9oA4xbTMBdTrMTqbcdaOz21Mv9Rtwsq1pD4zy1ttj2vQnkp9gw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 47ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Raleway:300,300i,400,400i,600,600i,700,700i,900,900i|Lora:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flip2freedom.kartra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:30:58 GMT
x-content-type-options: nosniff
age: 323485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:30:58 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
35 KB 42ms
16ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flip2freedom.kartra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:48:31 GMT
x-content-type-options: nosniff
age: 322432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:48:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flip2freedom.kartra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:47:09 GMT
x-content-type-options: nosniff
age: 2114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Apr 2024 03:47:09 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 36ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flip2freedom.kartra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 20:42:08 GMT
x-content-type-options: nosniff
age: 27615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 20:42:08 GMT

GET
H2 200 kartra_fontawesome-webfont.woff2
d2uolguxr56s4e.cloudfront.net/icons/v5/fa/ 83 KB
83 KB 439ms
423ms Font
font/woff2 2600:9000:223d:200:1c:2135:3780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2uolguxr56s4e.cloudfront.net/icons/v5/fa/kartra_fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: app.kartra.com
URL: https://app.kartra.com/css/new/css/pages/font-awesome.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:200:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9020c7835f03b8385e450882efcabb240fcc72c4a5d680fa405b15ec3e0989cc

Request headers

Referer: https://app.kartra.com/
Origin: https://flip2freedom.kartra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:25 GMT
x-amz-version-id: uipmmqVVxVI6T3PXdLbjcoGvOletLjhN
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 84504
last-modified: Wed, 18 Jan 2023 07:47:32 GMT
server: AmazonS3
etag: "4b477c84c2593312228e74b6d8c40e4d"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header
x-amz-meta-version-id: mR06E1U_tqrdHR2534m7.2.fiYCl0kgI
accept-ranges: bytes
x-amz-cf-id: vat8RW0azpaCVXuqkoR_TfuVfbKuKhyXS0nzFSn6OfxqHcyhFyRKpg==

GET
H2 200 4936293_1562965517071Growth_FriAM_19Oct2018_7V9A1069.webp
d1aettbyeyfilo.cloudfront.net/flip2freedom/ 662 KB
663 KB 520ms
468ms Image
image/webp 2600:9000:21f3:d600:6:a951:7b00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1aettbyeyfilo.cloudfront.net/flip2freedom/4936293_1562965517071Growth_FriAM_19Oct2018_7V9A1069.webp
Requested by: Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d600:6:a951:7b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e346cabb5ff3c5ae736c485a385848b47da3f8b790205eb4d313317be785cdd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:25 GMT
x-amz-version-id: FhnuzCmNWAzK.K.Fm2vfjlLQFbvaeVzG
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
last-modified: Thu, 26 Mar 2020 17:30:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "a4117cdd07e07b364e384c6650ea7a70"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 678028
x-amz-cf-id: jt8WwFo2_NJNVBGKsoOTX25H7a3l6Wp1xKg_O64u3Iro2hKCjaaRKQ==

GET
H2 200 2333328440116555 Show response
connect.facebook.net/signals/config/ 379 KB
109 KB 175ms
174ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2333328440116555?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c6604d6c4b1aa6dc1e44e52fa18293f2ad17d487e54f21f8abc645a78c77b2a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 15 Apr 2023 04:22:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SUQYR/wSdvp93KproNUTa/GEkRgIGM/uKpLYYWmh4pNl+C41opCGm+Ko3zfiiW62eQs8+tVJveUIYcZ8MQaf6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 78ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPTB4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 15 Apr 2023 04:22:23 GMT
last-modified: Thu, 13 Apr 2023 18:46:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5836731DA4B149EFB5E08F0543F8E635 Ref B: FRA31EDGE0114 Ref C: 2023-04-15T04:22:24Z
etag: "8013f653386ed91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12030

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPTB4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 03:33:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2953
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 15 Apr 2023 05:33:11 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/666561988/ 3 KB
2 KB 49ms
19ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/666561988/?random=1681532543967&cv=11&fst=1681532543967&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&label=u-t7CLXFxcQBEMTb670C&hn=www.googleadservices.com&frm=0&tiba=REIChatLeads-SOLD%20OUT&value=0&bttype=purchase&auid=782945844.1681532544&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPTB4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

456b8c78bfb3846abdf79e1409ae7f8dab0735bdb5a9a4e6a12992452188a97f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1619
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/666561988/ 3 KB
1 KB 77ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/666561988/?random=1681532543971&cv=11&fst=1681532543971&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&hn=www.googleadservices.com&frm=0&tiba=REIChatLeads-SOLD%20OUT&auid=782945844.1681532544&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPTB4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4243aacfb66b8cd5f73e4e0ce6f7c59e30b2c41bd1c89c52f54bb8cf8d80307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 461ms
10ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:17 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 17QC6MKZFRWS1SQP
age: 8
x-amz-server-side-encryption: AES256
x-amz-id-2: ke12mZGC7XDl0lPO55+u93ZXiPjfUAEgJTuzU5yhQk+NMBQbino8PIvTkfaYTM0FlnONGiCWXcWlIhjDul9mXID4YTwDpu2a08z9LzryzP8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 a-045q.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 37ms
9ms Script
application/javascript 2600:9000:223c:2e00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-045q.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPTB4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 07232e3b41b6d12755dbac5b25640988ed5c7b3a949b80e011863126808a5db4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 06:59:22 GMT
content-encoding: gzip
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 76982
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: lPqFUowS5XO-xwLELthxtJ47Jg45vQIDsTRhb0JXtVbLyAaRoeLmYQ==

GET
H/1.1 200
OK aff_l Show response
tracking.clickstripe1.com/ Frame 5257 0
352 B 477ms
30ms Document
text/plain 52.19.101.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.clickstripe1.com/aff_l?offer_id=581
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPTB4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.101.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-101-153.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flip2freedom.kartra.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Apr 2023 04:22:24 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
X-Request-Id: 1b03faf79d211723380dd378c95552a7

GET
H2 200 oribi.js Show response
cdn.oribi.io/Xy0zODg5NTg1ODk/ 338 B
601 B 92ms
39ms Script
application/javascript 2600:9000:2248:3a00:13:c079:7880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.oribi.io/Xy0zODg5NTg1ODk/oribi.js
Requested by: Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:3a00:13:c079:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: d40eae5a0305754ca9eab8fa2f9f94d52194c8e1f74fde91c51de5557ef785c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:41:31 GMT
via: 1.1 e0062aca9ee6d0119808cbfccfdda9da.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: MXP63-P3
age: 2453
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
content-length: 338
x-amz-cf-id: ujOimpsZSSxaYQD9KuOhXaUieiI2rMXxLEDftOPb1FQleF6Idl2Z-A==

GET
H/1.1 200
OK aff_l Show response
tracking.clickstripe1.com/ Frame 159C 0
352 B 480ms
31ms Document
text/plain 52.19.101.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.clickstripe1.com/aff_l?offer_id=588
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPTB4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.101.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-101-153.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flip2freedom.kartra.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Apr 2023 04:22:24 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
X-Request-Id: 791a2c380947dabe2363b1ee5f3ce14f

GET
H/1.1 200
OK aff_l Show response
tracking.clickstripe1.com/ Frame 782B 0
352 B 478ms
31ms Document
text/plain 52.19.101.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.clickstripe1.com/aff_l?offer_id=586
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPTB4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.101.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-101-153.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flip2freedom.kartra.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Apr 2023 04:22:24 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
X-Request-Id: 38731a8fde545f12f00193513d4d4dcf

GET
H/1.1 200
OK conversion.js Show response
intof.io/assets/ 501 B
823 B 418ms
91ms Script
text/javascript 54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://intof.io/assets/conversion.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPTB4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 /
Resource Hash: e7ac9715969c1b97facd47c56cdb48dbb30253a13710b2d83f1ceac2c219825a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 04:22:24 GMT
Last-Modified: Tue, 04 Feb 2020 20:23:42 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
ETag: "1f5-59dc5d0ebd9e8"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 501

GET
H/1.1 200
OK aff_l Show response
tracking.clickstripe1.com/ Frame FAB5 0
352 B 480ms
32ms Document
text/plain 52.19.101.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.clickstripe1.com/aff_l?offer_id=582&transaction_id=TRANSACTION_ID
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPTB4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.101.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-101-153.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flip2freedom.kartra.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Apr 2023 04:22:24 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
X-Request-Id: b6b7186acef896ce01b8053401c92248

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1276129/ 58 KB
18 KB 137ms
108ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1276129/tfa.js
Requested by: Host: www.getreichat.com
URL: https://www.getreichat.com/?r_done=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75533eb495089b5ddfa857be3d8d6e70069a9f929fa81f6e230448ff89b705bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: ViVqvgvKZBBSLFPGJWpjzN.BwTKmPAyV
content-encoding: gzip
via: 1.1 varnish
date: Sat, 15 Apr 2023 04:22:24 GMT
x-amz-request-id: 48YE65N0FMAP97T0
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18199
x-amz-id-2: UxYFOKeMoNRIFGFOeIgU1e7Vmjr1rBsKG1TRVrcGn5XpXxhsBlHwyn01LVwrgBSXibOFVjlsCZM=
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Sun, 09 Apr 2023 11:32:00 GMT
server: AmazonS3
x-timer: S1681532544.052784,VS0,VE101
etag: "e98b4cd224d560faccad8f670dc84549"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 93
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

/
www.google.de/pagead/1p-user-list/666561988/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/666561988/?random=1681532543971&cv=11&fst=1681532543971&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%...
https://www.google.com/pagead/1p-user-list/666561988/?random=1681532543971&cv=11&fst=1681531200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kart...
https://www.google.de/pagead/1p-user-list/666561988/?random=1681532543971&cv=11&fst=1681531200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartr...

42 B
108 B

18ms
18ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/666561988/?random=1681532543971&cv=11&fst=1681531200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&frm=0&tiba=REIChatLeads-SOLD%20OUT&is_vtc=1&random=2953942776&ipr=y

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/666561988/?random=1681532543971&cv=11&fst=1681531200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&frm=0&tiba=REIChatLeads-SOLD%20OUT&is_vtc=1&random=2953942776&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flip2freedom.kartra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:00 GMT
x-content-type-options: nosniff
age: 323483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1762422158&utmhn=flip2freedom.kartra.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64718437-5&cid=2127904446.1681532544&jid=715500464&_v=5.7.2&z=1762422158
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64718437-5&cid=2127904446.1681532544&jid=715500464&_v=5.7.2&z=1762422158
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64718437-5&cid=2127904446.1681532544&jid=715500464&_v=5.7.2&z=1762422158&slf_rd=1&random=1662098392

42 B
107 B

21ms
20ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64718437-5&cid=2127904446.1681532544&jid=715500464&_v=5.7.2&z=1762422158&slf_rd=1&random=1662098392

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64718437-5&cid=2127904446.1681532544&jid=715500464&_v=5.7.2&z=1762422158&slf_rd=1&random=1662098392
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/666561988/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/666561988/?random=172324908&cv=11&fst=1681532543967&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2...
https://www.google.com/pagead/1p-conversion/666561988/?random=172324908&cv=11&fst=1681532543967&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2F...
https://www.google.de/pagead/1p-conversion/666561988/?random=172324908&cv=11&fst=1681532543967&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fp...

42 B
108 B

26ms
26ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/666561988/?random=172324908&cv=11&fst=1681532543967&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&label=u-t7CLXFxcQBEMTb670C&hn=www.googleadservices.com&frm=0&tiba=REIChatLeads-SOLD%20OUT&value=0&auid=782945844.1681532544&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFBQam9RWVFwc1dKX3NhenlkaE5FaVVBSHp1Wnh5RGs0OUdHZTJfenhIWjgzQnVLYUpha01CYlRRRTNSNU1mQmEzY05KdzZfGlhDaEVJOFBQam9RWVF3TkRmNllmODQ2MmxBUkl0QUxxTS1xRUJaUVY0bnZtbERSend5OHgtbEtJUThxbEJ5aWpGWTlVQTBxVnpaWFpPQjh2T0FTcENmTVFE&is_vtc=1&ocp_id=gCY6ZKw6ubL27w-DrZmoAg&eitems=ChAI8PPjoQYQxNSVnLH30KZjEh0AEr7TtHmnUHTL-EkwRHiseANd1Wh9jFGkexeiNA&random=1299542801&ipr=y&prhg=0

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/666561988/?random=172324908&cv=11&fst=1681532543967&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&label=u-t7CLXFxcQBEMTb670C&hn=www.googleadservices.com&frm=0&tiba=REIChatLeads-SOLD%20OUT&value=0&auid=782945844.1681532544&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFBQam9RWVFwc1dKX3NhenlkaE5FaVVBSHp1Wnh5RGs0OUdHZTJfenhIWjgzQnVLYUpha01CYlRRRTNSNU1mQmEzY05KdzZfGlhDaEVJOFBQam9RWVF3TkRmNllmODQ2MmxBUkl0QUxxTS1xRUJaUVY0bnZtbERSend5OHgtbEtJUThxbEJ5aWpGWTlVQTBxVnpaWFpPQjh2T0FTcENmTVFE&is_vtc=1&ocp_id=gCY6ZKw6ubL27w-DrZmoAg&eitems=ChAI8PPjoQYQxNSVnLH30KZjEh0AEr7TtHmnUHTL-EkwRHiseANd1Wh9jFGkexeiNA&random=1299542801&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1681532544035&aid=a-045q&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZW1haWxfc2lnbnVwIn0&duid=5fe2e9cc51c8--01gy1jcs10vsk990s88x1mq5zc&tna=v2.7.1&pu=https%3A%2F%2Fflip2...
https://rp4.liadm.com/j?dtstmp=1681532544035&aid=a-045q&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZW1haWxfc2lnbnVwIn0&duid=5fe2e9cc51c8--01gy1jcs10vsk990s88x1mq5zc&tna=v2.7.1&pu=https%3A%2F%2Fflip...

13 B
552 B

349ms
99ms

XHR
application/json

44.194.121.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1681532544035&aid=a-045q&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZW1haWxfc2lnbnVwIn0&duid=5fe2e9cc51c8--01gy1jcs10vsk990s88x1mq5zc&tna=v2.7.1&pu=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&wpn=lc-bundle&refr=https%3A%2F%2Fwww.getreichat.com%2F&c=PHRpdGxlPlJFSUNoYXRMZWFkcy1TT0xEIE9VVDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMTo0YTA6MmI6OjQ%3D&n3pc=true

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Server

44.194.121.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-121-192.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:24 GMT
x-pixel-event-id: 622728d2-fd2f-47f7-93d9-a3d2da25cde2
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 6
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 91c2d27f6dd1aeca
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Sat, 15 Apr 2023 04:22:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1681532544035&aid=a-045q&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZW1haWxfc2lnbnVwIn0&duid=5fe2e9cc51c8--01gy1jcs10vsk990s88x1mq5zc&tna=v2.7.1&pu=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&wpn=lc-bundle&refr=https%3A%2F%2Fwww.getreichat.com%2F&c=PHRpdGxlPlJFSUNoYXRMZWFkcy1TT0xEIE9VVDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMTo0YTA6MmI6OjQ%3D&n3pc=true
access-control-allow-origin: https://flip2freedom.kartra.com
request-time: 0
access-control-allow-credentials: true
trace-id: d6f6a61e7ec8baee
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 204 26057517.js Show response
bat.bing.com/p/action/ 0
119 B 103ms
103ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26057517.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 15 Apr 2023 04:22:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9C3BEBC531334115BB163D5DD1BC0B1D Ref B: FRA31EDGE0114 Ref C: 2023-04-15T04:22:24Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 34ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26057517&tm=gtm002&Ver=2&mid=e16438d7-2a12-4ca9-b248-4fa62e0f59f0&sid=1f2bdb40db4511ed9b3d3734e6b6b75b&vid=1f2bd960db4511ed894171df0dc52d2f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=REIChatLeads-SOLD%20OUT&p=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&r=https%3A%2F%2Fwww.getreichat.com%2F&lt=1000&evt=pageLoad&sv=1&rn=438431

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 04:22:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B7FCBA7F6A05478CBAD01C9E56D25C1F Ref B: FRA31EDGE0114 Ref C: 2023-04-15T04:22:24Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/666561988/ 42 B
455 B 35ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/666561988/?random=1681532543971&cv=11&fst=1681531200000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&frm=0&tiba=REIChatLeads-SOLD%20OUT&fmt=3&is_vtc=1&random=2056072530&rmt_tld=0&ipr=y

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/666561988/ 42 B
455 B 41ms
18ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/666561988/?random=1681532543971&cv=11&fst=1681531200000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ref=https%3A%2F%2Fwww.getreichat.com%2F&frm=0&tiba=REIChatLeads-SOLD%20OUT&fmt=3&is_vtc=1&random=2056072530&rmt_tld=1&ipr=y

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 43ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2333328440116555&ev=PageView&dl=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&rl=https%3A%2F%2Fwww.getreichat.com%2F&if=false&ts=1681532544144&sw=1600&sh=1200&v=2.9.101&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681532544143.938801355&it=1681532543933&coo=false&rqm=GET

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Apr 2023 04:22:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 json Show response
trc.taboola.com/1276129/trc/3/ 3 KB
2 KB 46ms
29ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1276129/trc/3/json?tim=1681532544173&data=%7B%22id%22%3A448%2C%22ii%22%3A%22%2Fpage%2Feuj627%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1681532544162%2C%22cv%22%3A%2220230404-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627%3F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.getreichat.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-kbb-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1681532544172%2C%22ref%22%3A%22https%3A%2F%2Fwww.getreichat.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1276129/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f71c937b811948ba8a9f418ed8b956bb42748a74a37c55e8341c8da724608b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-vcl-time-ms: 23
date: Sat, 15 Apr 2023 04:22:24 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220048-HHN
server: nginx
x-timer: S1681532544.195590,VS0,VE23
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 unip Show response
trc.taboola.com/1276129/log/3/ 0
110 B 15ms
15ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1276129/log/3/unip?en=lead&tim=1681532544176&vi=1681532544162&ri=c3c1bab6abf5c4a4ec4a2feccf6ed004&ref=https%3A%2F%2Fwww.getreichat.com%2F&cv=20230404-24-RELEASE&item-url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&tos=59&ssd=1&scd=0&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1276129/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sat, 15 Apr 2023 04:22:24 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220048-HHN
server: nginx
x-timer: S1681532544.227422,VS0,VE8
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://flip2freedom.kartra.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK 633
intof.io/conversion/ 43 B
288 B 95ms
95ms Image
image/gif 54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intof.io/conversion/633?uri=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&832&ck=4989653648
Requested by: Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 04:22:24 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
Connection: Keep-Alive
X-Powered-By: PHP/7.0.25
Content-Length: 43
Keep-Alive: timeout=5, max=99
Content-Type: image/gif

GET
H2 200 10099098.json Show response
s.yimg.com/wi/config/ 46 B
674 B 396ms
381ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10099098.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

38ccb1f6db0504b57d1ec63d4883e2a985a498a0ba7990a7538c00c3300136c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:22:25 GMT
x-amz-version-id: pzRzDeOhtAtT7sUN6wPvUSUk8yP571GZ
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 605MA41EK7ET0PV0
age: 0
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: X+2cOElR4fbdEBSizkc8ta0oM5CDAjgHuJcYsu0JWkCn4dfVNvN0chE9sQ44UObPccGd/s5Ad/g=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 27 Sep 2022 22:00:03 GMT
server: ATS
etag: "3373228b13ea61c0002862fa85f5874e"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2333328440116555&ev=Microdata&dl=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&rl=https%3A%2F%2Fwww.getreichat.com%2F&if=false&ts=1681532544647&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22REIChatLeads-SOLD%20OUT%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.101&r=stable&ec=1&o=30&fbp=fb.1.1681532544143.938801355&it=1681532543933&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Apr 2023 04:22:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 281ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2015%20Apr%202023%2004%3A22%3A24%20GMT&n=0&b=REIChatLeads-SOLD%20OUT&.yp=10099098&f=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&e=https%3A%2F%2Fwww.getreichat.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: flip2freedom.kartra.com
URL: https://flip2freedom.kartra.com/page/EuJ627

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 04:22:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 15 Apr 2023 04:22:25 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1276129/log/3/ 0
252 B 83ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1276129/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=0&ssd=1&est=1681532544164&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1681532545722&vi=1681532544162&ri=c3c1bab6abf5c4a4ec4a2feccf6ed004&ref=https%3A%2F%2Fwww.getreichat.com%2F&cv=20230404-24-RELEASE&item-url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1276129/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://flip2freedom.kartra.com
pragma: no-cache
date: Sat, 15 Apr 2023 04:22:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1276129/log/3/ 0
251 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1276129/log/3/unip?en=pre_d_eng_tb&tos=4559&scd=0&ssd=1&est=1681532544164&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1681532548723&vi=1681532544162&ri=c3c1bab6abf5c4a4ec4a2feccf6ed004&ref=https%3A%2F%2Fwww.getreichat.com%2F&cv=20230404-24-RELEASE&item-url=https%3A%2F%2Fflip2freedom.kartra.com%2Fpage%2FEuJ627&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1276129/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flip2freedom.kartra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://flip2freedom.kartra.com
pragma: no-cache
date: Sat, 15 Apr 2023 04:22:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: conversionfly.com
URL: https://conversionfly.com/fliptrax2/a.php

Domain: bans.conversionfly.com
URL: https://bans.conversionfly.com/

Domain: bans.conversionfly.com
URL: https://bans.conversionfly.com/

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.getreichat.com/	1970-01-20 19:51:08	Name: kartra_visited Value: d37814828cdbd266fd087cffc913757fd5fb2b1c
app.kartra.com/	1970-01-20 11:05:50	Name: ci_session Value: 3vg3n1d4t9fkpvloa31lsu8m67tsfrgm
.kartra.com/	1970-01-20 13:15:08	Name: _gcl_au Value: 1.1.782945844.1681532544
.flip2freedom.kartra.com/	1970-01-20 20:41:32	Name: __utma Value: 38349300.2127904446.1681532544.1681532544.1681532544.1
.flip2freedom.kartra.com/	1969-12-31 23:59:59	Name: __utmc Value: 38349300
.flip2freedom.kartra.com/	1970-01-20 15:28:20	Name: __utmz Value: 38349300.1681532544.1.1.utmcsr=getreichat.com\|utmccn=(referral)\|utmcmd=referral\|utmcct=/
.flip2freedom.kartra.com/	1970-01-20 11:05:33	Name: __utmt_UA-64718437-5 Value: 1
.flip2freedom.kartra.com/	1970-01-20 11:05:34	Name: __utmb Value: 38349300.1.10.1681532544
.kartra.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .kartra.com
.kartra.com/	1970-01-20 20:41:32	Name: _lc2_fpi Value: 5fe2e9cc51c8--01gy1jcs10vsk990s88x1mq5zc
.doubleclick.net/	1970-01-20 11:05:33	Name: test_cookie Value: CheckForPermission
.kartra.com/	1970-01-20 11:06:58	Name: _uetsid Value: 1f2bdb40db4511ed9b3d3734e6b6b75b
.kartra.com/	1970-01-20 20:27:08	Name: _uetvid Value: 1f2bd960db4511ed894171df0dc52d2f
.bing.com/	1970-01-20 20:27:08	Name: MUID Value: 27EA4035E4056359340B52C1E5A9628A
.kartra.com/	1970-01-20 13:15:08	Name: _fbp Value: fb.1.1681532544143.938801355
.liadm.com/	1970-01-20 20:41:32	Name: lidid Value: 3f77a544-6a4a-4987-a786-ffd166c3777f
.yahoo.com/	1970-01-20 19:51:30	Name: A3 Value: d=AQABBIEmOmQCEAiCxESsJQJpvc1nCTbmeLYFEgEBAQF4O2REZAAAAAAA_eMAAA&S=AQAAAszAsmDiy0gSh79gzo43W4w

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.kartra.com
b-code.liadm.com
bans.conversionfly.com
bat.bing.com
cdn.oribi.io
cdn.taboola.com
connect.facebook.net
conversionfly.com
d1aettbyeyfilo.cloudfront.net
d2uolguxr56s4e.cloudfront.net
flip2freedom.kartra.com
fonts.googleapis.com
fonts.gstatic.com
getreichat.com
googleads.g.doubleclick.net
intof.io
rp.liadm.com
rp4.liadm.com
s.yimg.com
sp.analytics.yahoo.com
ssl.google-analytics.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tracking.clickstripe1.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.getreichat.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
bans.conversionfly.com
conversionfly.com
141.226.228.48
142.250.186.98
151.101.193.44
212.82.100.181
2600:1f18:730:b140:318:4480:a19a:ad9
2600:9000:21f3:d600:6:a951:7b00:21
2600:9000:223c:2e00:8:8845:1500:93a1
2600:9000:223d:200:1c:2135:3780:21
2600:9000:2248:3a00:13:c079:7880:93a1
2606:4700::6810:3965
2606:4700::6811:d025
2606:4700::6811:d225
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.33.152.147
44.194.121.192
52.19.101.153
54.156.254.128
04ba9191a34da1249205be89a6290068726ffc1d18bd809ddabb2d3ef2fe2405
0521a306b0d39523779b1076423cba47a1625bf3fc8a0c4cf213bd5edb364572
07232e3b41b6d12755dbac5b25640988ed5c7b3a949b80e011863126808a5db4
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
0efa7883808f073909fecd55652d2c43e658a414d4eaca6b9398032486ac5b1f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36326d1020c84f0392cf30d8129dacd9f0f08e386f8378c78b42c41ae0792c15
38ccb1f6db0504b57d1ec63d4883e2a985a498a0ba7990a7538c00c3300136c8
429a3173904fe4a9d62fc0d1307bcd7f1817453b39c39f91d1ad6e072a91db04
444f5fd66bebc325260160e56d48e5d9cb696f936fa538ae5988b6fcb0491dea
456b8c78bfb3846abdf79e1409ae7f8dab0735bdb5a9a4e6a12992452188a97f
4860695983e79ae4c596701d7203945837da206d3fdba56684661a5cd60b16c2
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
592a8b27e9a69bbaf008ada9590dfde98d161a1d5e489a8a9d51f66c5cc242f1
6c6604d6c4b1aa6dc1e44e52fa18293f2ad17d487e54f21f8abc645a78c77b2a
75533eb495089b5ddfa857be3d8d6e70069a9f929fa81f6e230448ff89b705bf
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
814e07ce4b86b98561bb51234aa301976649db739888369aaf4a0ad23516c3ec
8fda0820478381b07d4294f2cb508287a705bfbdb0f9a7d425d4258913221da7
9020c7835f03b8385e450882efcabb240fcc72c4a5d680fa405b15ec3e0989cc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93070cafce2eb961aa90b64aba60fc11cee628d9ab48ea7019efead1a17cadcc
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abd9ac2d548cc9e1cdbb6a733576fcaca110918c8754e19cfb2e49c01e4d8f86
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
d40eae5a0305754ca9eab8fa2f9f94d52194c8e1f74fde91c51de5557ef785c6
d4243aacfb66b8cd5f73e4e0ce6f7c59e30b2c41bd1c89c52f54bb8cf8d80307
e346cabb5ff3c5ae736c485a385848b47da3f8b790205eb4d313317be785cdd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7664cfe8a3c6d5b1015b6cc4300fdaa2ac275c4020fd4ac410dcd35b31b648e
e7ac9715969c1b97facd47c56cdb48dbb30253a13710b2d83f1ceac2c219825a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efebacf04c5cd1617f97d6f0d34f06228b51e5e4d6785c1e4e9f58783f35def0
f06038feadb1937748ae1a141874cc049bf2cf10e7dd290fd2aa3097483cc791
f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71c937b811948ba8a9f418ed8b956bb42748a74a37c55e8341c8da724608b77
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

flip2freedom.kartra.com Open in urlscan Pro 2606:4700::6811:d025 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

90 %HTTPS

71 %IPv6

23 Domains

32 Subdomains

26 IPs

6 Countries

1695 kBTransfer

6855 kBSize

17 Cookies

3 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

flip2freedom.kartra.com Open in urlscan Pro
2606:4700::6811:d025 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

90 %
HTTPS

71 %
IPv6

23
Domains

32
Subdomains

26
IPs

6
Countries

1695 kB
Transfer

6855 kB
Size

17
Cookies

69 HTTP transactions
8 data transactions