urlscan.io logo urlscan.io
SecurityTrails logo

ripmybills.com Open in urlscan Pro
35.240.1.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ripmybills.com/
Effective URL: https://ripmybills.com/
Submission: On November 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 5 countries across 22 domains to perform 84 HTTP transactions. The main IP is 35.240.1.10, located in Brussels, Belgium and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is ripmybills.com.
TLS certificate: Issued by R3 on October 9th 2023. Valid for: 3 months.
This is the only time ripmybills.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 35.240.1.10 396982 (GOOGLE-CL...)
16 104.126.37.177 20940 (AKAMAI-ASN1)
2 151.101.65.44 54113 (FASTLY)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
9 2a00:1450:400... 15169 (GOOGLE)
8 34.192.119.237 14618 (AMAZON-AES)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
5 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
1 18.213.83.207 14618 (AMAZON-AES)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 20.231.53.73 8075 (MICROSOFT...)
4 108.156.60.112 16509 (AMAZON-02)
1 13.32.121.55 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.49 16509 (AMAZON-02)
1 4 3.225.185.199 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
1 13.32.27.54 16509 (AMAZON-02)
2 13.32.118.159 16509 (AMAZON-02)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 141.226.228.48 200478 (TABOOLA-AS)
84 32
2    35.240.1.10 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.1.240.35.bc.googleusercontent.com
ripmybills.com
16    104.126.37.177 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-177.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    34.192.119.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-119-237.compute-1.amazonaws.com
digital-hopr.leadshook.io
2    2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)
images.dmca.com
5    2400:52e0:1e00::1055:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.convertri.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
1    18.213.83.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-83-207.compute-1.amazonaws.com
snowplow.convertri.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
4    108.156.60.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-112.ams1.r.cloudfront.net
static.leadshook.io
1    13.32.121.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-55.fra60.r.cloudfront.net
polyfill.leadshook.io
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net
static.hotjar.com
4    3.225.185.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-185-199.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:223d:e600:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
1    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
2    13.32.118.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-159.fra60.r.cloudfront.net
d2zdr2rqflfo3.cloudfront.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
16 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 742
163 KB
13 leadshook.io
digital-hopr.leadshook.io
static.leadshook.io — Cisco Umbrella Rank: 587572
polyfill.leadshook.io — Cisco Umbrella Rank: 823860
951 KB
9 gstatic.com
fonts.gstatic.com
96 KB
6 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 25271
cdn.trustedform.com — Cisco Umbrella Rank: 28978
37 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 827
q.clarity.ms — Cisco Umbrella Rank: 7495
c.clarity.ms — Cisco Umbrella Rank: 1405
28 KB
6 convertri.com
cdn.convertri.com — Cisco Umbrella Rank: 125832
snowplow.convertri.com — Cisco Umbrella Rank: 127136
174 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 366
c.bing.com — Cisco Umbrella Rank: 236
16 KB
3 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 393
fonts.googleapis.com — Cisco Umbrella Rank: 31
73 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
43 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
trc-events.taboola.com — Cisco Umbrella Rank: 2170
22 KB
2 cloudfront.net
d2zdr2rqflfo3.cloudfront.net
824 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 901
60 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
69 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6862
563 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
3 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 14674
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 ripmybills.com
ripmybills.com
46 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
81 KB
84 22
Domain Requested by
16 analytics.tiktok.com ripmybills.com
analytics.tiktok.com
9 fonts.gstatic.com ripmybills.com
fonts.googleapis.com
8 digital-hopr.leadshook.io ripmybills.com
digital-hopr.leadshook.io
static.leadshook.io
5 cdn.convertri.com ripmybills.com
4 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
4 static.leadshook.io digital-hopr.leadshook.io
3 cdnjs.cloudflare.com digital-hopr.leadshook.io
3 bat.bing.com ripmybills.com
bat.bing.com
2 c.clarity.ms 1 redirects
2 d2zdr2rqflfo3.cloudfront.net digital-hopr.leadshook.io
2 cdn.trustedform.com digital-hopr.leadshook.io
api.trustedform.com
2 maps.googleapis.com digital-hopr.leadshook.io
maps.googleapis.com
2 q.clarity.ms www.clarity.ms
2 www.youtube.com digital-hopr.leadshook.io
www.youtube.com
2 www.google.de ripmybills.com
2 www.google.com 1 redirects ripmybills.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 images.dmca.com ripmybills.com
2 connect.facebook.net ripmybills.com
connect.facebook.net
2 ripmybills.com 1 redirects
1 trc-events.taboola.com cdn.taboola.com
1 c.bing.com 1 redirects
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com digital-hopr.leadshook.io
1 fonts.googleapis.com digital-hopr.leadshook.io
1 polyfill.leadshook.io digital-hopr.leadshook.io
1 www.facebook.com ripmybills.com
1 snowplow.convertri.com ripmybills.com
1 www.googleadservices.com www.googletagmanager.com
1 trc.taboola.com cdn.taboola.com
1 www.googletagmanager.com ripmybills.com
1 cdn.taboola.com ripmybills.com
84 33

This site contains links to these domains. Also see Links.

Domain
www.dmca.com
Subject Issuer Validity Valid
ripmybills.com
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
leadshook.io
Amazon RSA 2048 M03		 2023-10-08 -
2024-11-05		 a year crt.sh
images.dmca.com
R3		 2023-10-26 -
2024-01-24		 3 months crt.sh
cdn.convertri.com
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
snowplow.convertri.com
Amazon RSA 2048 M01		 2023-01-25 -
2024-02-24		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.trustedform.com
Amazon RSA 2048 M03		 2023-08-11 -
2024-09-07		 a year crt.sh
cdn.trustedform.com
Amazon RSA 2048 M02		 2023-03-15 -
2024-04-12		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ripmybills.com/
Frame ID: 866A1CF14E3E89BCC35CC5D4A58639BA
Requests: 55 HTTP requests in this frame

Frame: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Frame ID: 1BBE1C21FB14CC8D0A3B5A949A379F5E
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Emergency Debt Relief

Page URL History Show full URLs

  1. http://ripmybills.com/ HTTP 307
    https://ripmybills.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

96 %
HTTPS

52 %
IPv6

22
Domains

33
Subdomains

32
IPs

5
Countries

1970 kB
Transfer

8866 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ripmybills.com/ HTTP 307
    https://ripmybills.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10942352708/?random=973009585&cv=11&fst=1700519280214&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fripmybills.com%2F&label=t4v8CNu_hYYYEMSa3OEo&hn=www.googleadservices.com&frm=0&tiba=Emergency%20Debt%20Relief&gtm_ee=1&auid=1937547415.1700519280&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&ocp_id=cN1bZeSAEobwgAfKt5ygBw&sscte=1&crd=&pscrd=Ek9DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUkltQUZjX296VXFRa19MZXJvcU1oNTZ1OVJNdlhBSkY3VlNkTF81clR5ZDhlV2xvMko5UXVBGlhDaEFJZ0tUc3FnWVFyX2FaeW9XSXJvQjdFaTRBZmE1VzhsSGNiVVpDQlR5bTQ3X0oyQVRaMG5EV3NVTDkwcjR3V1poeUxvT2liNFVPWmxnUTZjX2l5R1JaIhMI5PiK_c_TggMVBjjgCh3KGwd0 HTTP 302
  • https://www.google.com/pagead/1p-conversion/10942352708/?random=973009585&cv=11&fst=1700519280214&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fripmybills.com%2F&label=t4v8CNu_hYYYEMSa3OEo&hn=www.googleadservices.com&frm=0&tiba=Emergency%20Debt%20Relief&gtm_ee=1&auid=1937547415.1700519280&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUkltQUZjX296VXFRa19MZXJvcU1oNTZ1OVJNdlhBSkY3VlNkTF81clR5ZDhlV2xvMko5UXVBGlhDaEFJZ0tUc3FnWVFyX2FaeW9XSXJvQjdFaTRBZmE1VzhsSGNiVVpDQlR5bTQ3X0oyQVRaMG5EV3NVTDkwcjR3V1poeUxvT2liNFVPWmxnUTZjX2l5R1JaIhMI5PiK_c_TggMVBjjgCh3KGwd0&is_vtc=1&ocp_id=cN1bZeSAEobwgAfKt5ygBw&cid=CAQSKQDICaaN2MQHDS-y0ZUxy2kAKkfE5isCibfU_DvgKRJceLjqx_vOalCv&random=887019709 HTTP 302
  • https://www.google.de/pagead/1p-conversion/10942352708/?random=973009585&cv=11&fst=1700519280214&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fripmybills.com%2F&label=t4v8CNu_hYYYEMSa3OEo&hn=www.googleadservices.com&frm=0&tiba=Emergency%20Debt%20Relief&gtm_ee=1&auid=1937547415.1700519280&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUkltQUZjX296VXFRa19MZXJvcU1oNTZ1OVJNdlhBSkY3VlNkTF81clR5ZDhlV2xvMko5UXVBGlhDaEFJZ0tUc3FnWVFyX2FaeW9XSXJvQjdFaTRBZmE1VzhsSGNiVVpDQlR5bTQ3X0oyQVRaMG5EV3NVTDkwcjR3V1poeUxvT2liNFVPWmxnUTZjX2l5R1JaIhMI5PiK_c_TggMVBjjgCh3KGwd0&is_vtc=1&ocp_id=cN1bZeSAEobwgAfKt5ygBw&cid=CAQSKQDICaaN2MQHDS-y0ZUxy2kAKkfE5isCibfU_DvgKRJceLjqx_vOalCv&random=887019709&ipr=y
Request Chain 63
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=17005192807840.728208632691858&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=17005192807840.728208632691858&invert_field_sensitivity=false
Request Chain 74
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F748189AC93242718B5C2BB06A7C259A&RedC=c.clarity.ms&MXFR=2A63666CDC8A6874206475A3D88A66D2 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F748189AC93242718B5C2BB06A7C259A&MUID=12C24B1DB6F96CC7142158D2B72B6D7A

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ripmybills.com/
Redirect Chain
  • http://ripmybills.com/
  • https://ripmybills.com/
375 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.240.1.10 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.1.240.35.bc.googleusercontent.com
Software
/
Resource Hash
71d5feaf48d683c491122479bbfb7218388e8cd1df904d912419b742c475a831

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 22:27:59 GMT
vary
Accept-Encoding

Redirect headers

Content-Length
59
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 22:27:59 GMT
Location
https://ripmybills.com/
Vary
Accept-Encoding
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCTFL53C77U06CIB7H80&lib=ttq
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3fe46044b686602edd93e83b9b40061294b5855dbf729c71d8496bc8a48b650a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id
840f0941.7a401cd9
date
Mon, 20 Nov 2023 22:27:59 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
98,104.126.37.173
server-timing
cdn-cache; desc=MISS, edge; dur=93, origin; dur=6, inner; dur=3
content-length
1988
pragma
no-cache
server
nginx
x-tt-logid
202311202227599A8F0647ECE2D5384C22
x-cache-remote
TCP_MISS from a23-218-222-9.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.218.222.9
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b1d8fb76ad0ff1ceb53a7f7df42a9d65bab7fc4fa89b9d077488cfa9643dbd0912886c704e7d68a3030eebf0f82d2bd27395e6f9deddc9b55cf3a244040b7c6ab6fc87ff5d95ced02ca450f983e44ecfc
expires
Mon, 20 Nov 2023 22:27:59 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1544673/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1544673/tfa.js
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a57f8f24eda605a473a8893d0c945f89d27675f1f38bf347d6f2584e21a0afff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
Ql9MM4ms50oJ2TY4KUUQ4OR.pBNW_J8K
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 22:28:00 GMT
x-amz-request-id
50NWDS02Y39BFJM3
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-amz-replication-status
COMPLETED
content-length
19988
x-amz-id-2
vml46O4IWojkF6/klJa5m1CSDOQse2seEXkQw9KuxpdiPe/fJX5wFpydWJj4ugCUNMdmf/DkL6I=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Sun, 19 Nov 2023 11:45:46 GMT
server
AmazonS3
x-timer
S1700519280.848789,VS0,VE251
etag
"eb3452d1e35149d0258e112ef8afeb25"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
56
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 20 Nov 2023 22:27:59 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 998815E0CB0949BEB9096B8C3090E205 Ref B: FRAEDGE1317 Ref C: 2023-11-20T22:27:59Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
js
www.googletagmanager.com/gtag/ 		235 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10942352708
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3731a983c875b3730317fa39efe8ab07e9c7a1886d88e786eea33cdc6723514a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:27:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82881
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Nov 2023 22:27:59 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 20 Nov 2023 22:27:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
ieDEA6CKAW9/1D9RMn0X4aSCx8WNHlfgSySX+AL7VnK5fU/8ixI7msPG6XK0Ovrl0uJgyiKpSWCFTeOJxB9GMg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v20/ 		16 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlEA.ttf
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d62ef284ac53a609354be09b50d566bb18c4bb1cb8d63db8ed05d7ef8db1efe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ripmybills.com/
Origin
https://ripmybills.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 19:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10414
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 19:17:43 GMT
pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v20/ 		15 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
884d2cd5ba1b567924c3d174d5cb03f9ad49777bd3c4aa97ce01567acdcdf587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ripmybills.com/
Origin
https://ripmybills.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 15:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10455
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Nov 2024 15:10:54 GMT
pxiEyp8kv8JHgFVrJJfedw.ttf
fonts.gstatic.com/s/poppins/v20/ 		16 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfedw.ttf
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ripmybills.com/
Origin
https://ripmybills.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10577
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Nov 2024 09:18:51 GMT
pxiByp8kv8JHgFVrLDz8Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v20/ 		16 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlEA.ttf
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbeb32e5ae3eef3ded3cc187bc787c7c0fb8c59ddd49712400d16e77b450184b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ripmybills.com/
Origin
https://ripmybills.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 15:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10542
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Nov 2024 15:16:09 GMT
pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v20/ 		16 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53eaa58cf4e7fc8d68a3b557ad8f67b8b6613e7431e87a6ca896948c53ef2d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ripmybills.com/
Origin
https://ripmybills.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 19:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10630
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Nov 2024 19:14:08 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ripmybills.com/
Origin
https://ripmybills.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 20:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20776
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Nov 2024 20:29:21 GMT
js_embed
digital-hopr.leadshook.io/s/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digital-hopr.leadshook.io/s/js_embed
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.119.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-119-237.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
42316285be5fdd505800c994c6c60605edcdf7fc18f224653fe61475fa380c62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
gzip
server
nginx/1.19.9
x-powered-by
Express
x-cache-status
HIT
vary
Accept-Encoding
etag
W/"3282-YIvrGU/mtc0sX2GtjXTLPXGZnEw"
content-type
text/html; charset=utf-8
DMCA_logo-grn-btn180w.png
images.dmca.com/Badges/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/DMCA_logo-grn-btn180w.png?ID=85d6f07a-f254-47d5-948e-5f27b2830b38
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 / ASP.NET
Resource Hash
cbb580bf5c8127da1e13d447ae436c18393f7d7ab50747b125dd447052fd9443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:27:59 GMT
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
09/12/2023 22:48:30
cdn-pullzone
1574055
content-length
6854
last-modified
Thu, 22 Apr 2010 19:54:33 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"abe3aa155e2ca1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
cfaa6faf535a3f0978d1dea51e70a2cf
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
DMCABadgeHelper.min.js
images.dmca.com/Badges/ 		465 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:27:59 GMT
content-encoding
br
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
10/31/2023 19:00:40
cdn-pullzone
1574055
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"26b181f16d28d51:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
9747b44976a6e556901951eaf4cf0352
cdn-requestcountrycode
DE
link
<https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
jquery-1.12.2.min.js
cdn.convertri.com/ 		393 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/jquery-1.12.2.min.js?v=2023-10-03-08-09-59
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
4de40b01b28fbc5ad8916c6139e85cd2069195f4142ae90324c776768f580af3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:27:59 GMT
content-encoding
br
cdn-edgestorageid
756
x-amz-request-id
2D4E8QXZRNQBE7Q1
x-amz-server-side-encryption
AES256
cdn-cachedat
11/14/2023 09:49:36
cdn-pullzone
408079
x-amz-id-2
sHODXjXlkOgUZQUJP6+F2e5F69k2RQTSaMGKfpF9fZpl/cICQoHQDba41WuZQAINtWPsYj71YqI=
last-modified
Tue, 14 Nov 2023 09:48:51 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"ca9637ce880e38093b014ffcc504e6c0"
vary
Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
max-age=604800
cdn-requestid
d16db4a6dd09856fa833b5f8c4388253
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
97032516.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97032516.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1f9a5f8896b9252f0d1193dad6146c738fc08dd742e714072926c4a000843c33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Mon, 20 Nov 2023 22:27:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0EA9DE2C03BD469A9F8D2E39359E3A78 Ref B: FRAEDGE1317 Ref C: 2023-11-20T22:27:59Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10942352708/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10942352708/?random=1700519279940&cv=11&fst=1700519279940&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fripmybills.com%2F&hn=www.googleadservices.com&frm=0&tiba=Emergency%20Debt%20Relief&auid=1937547415.1700519280&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10942352708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4d34ba84cc1d9a74ee6dd1429fca0dd57f461af8deffe05d52e72157c26373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1262
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
97032516
www.clarity.ms/tag/uet/ 		828 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/97032516
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97032516.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
482be17e05c855bd609c6b3b5ea92dafebec0e39edfd2b21404b87214c934252

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
-1
date
Mon, 20 Nov 2023 22:28:00 GMT
x-azure-ref
20231120T222800Z-r26dranhpt0d90suuhmtkdtufs000000059g00000002rx9w
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
828
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
main.MTdjYzNiZDU2NQ.js
analytics.tiktok.com/i18n/pixel/static/ 		452 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCTFL53C77U06CIB7H80&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f93a2099c3616f66c36e451e221e1069827e048d77eecc0b5219de876eb715d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id
7a401f32
date
Mon, 20 Nov 2023 22:27:59 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231109073459B5D3DE8F76A17CD5994C
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
012882aa837c0508ae308f1fe06bd2b2ae7487f86f7c492b9575484b2cb38dea0c0ee86565ac5d1f6005cabb76df2d5919267051ffc187cf49465b7f48ae4a2b470c44865abb1ea977d927e2b4c018cf146feb599a238609cb4b8c3bf89a7bacca
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
116776
identify_bb163.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id
7a4020a7
date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231109073132CAEA3E9FFEC54DCDE3A4
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0198c6bc79f1bff8f15c17c516aea104477d8a7ccf44459287bc8e22335b5337f128858ffd0c6f0fa2d3b0cce18a63a37a8ea32c787deacfc4ae84e7ed913c3c81d954da15a81bd9bf86f07be72675488eb3cb6f5cff7cb438178959315e5c6901
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
36143
monitor
analytics.tiktok.com/api/v2/ 		0
792 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
e8bfece.7a4020fa
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
125,104.126.37.173
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=39, inner; dur=34
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023112022280021DEE47EEF4463C850E9
x-cache-remote
TCP_MISS from a23-48-200-51.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
39,23.48.200.51
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b7a30fd9d01c0926db98f4b8906e058c1bf07075b514a0c7044f8951b2841d055456c17156af068a41f8abefd2722c97c7d72b4ffb546bc99ef66fe5a69509be24317d53598cef912125a849f007f451d
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
794 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
c7763fd3.7a4020fb
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
123,104.126.37.173
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=34, inner; dur=31
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023112022280047623AE152503CCE36E4
x-cache-remote
TCP_MISS from a23-48-200-48.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
34,23.48.200.48
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b5c7ea3784292ef490ebe1b0bb6962bf341761e706fde28d494789f6455b570211becb22665ba151f76957571362a8ee65c694f683155017b72a143f76b39cd0777bf0e46a867b0a5f8cedac52fab166e
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
796 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
9fba7beb.7a4020fc
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
378,104.126.37.173
server-timing
cdn-cache; desc=MISS, edge; dur=109, origin; dur=275, inner; dur=271
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231120222800915E08402778B2CE879B
x-cache-remote
TCP_MISS from a23-48-200-37.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
275,23.48.200.37
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b04093c50d11338894d567feb72b8e72a6e74d3afe9b44b8a9580026e0c2a6423ad3aec704afdb0ed03a47d171d6d3f63eb509975916458beb25cd9a6f8c3aefe775455fce05c865c7f797a3470010910
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
650 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7a402113
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=9, origin; dur=98
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231120222800BD39F365D2311239673A
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
98,104.126.37.173
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b69e4a7ea32dde3f2a6a1f16f807d4908b5c66bf901dd08de18a50f249c63c29b297d6a101a87dcfc58718586a85c8af7fe19a61104d35b8d598dbbe8ad6ab5b3
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
653 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7a402114
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing
inner; dur=246, cdn-cache; desc=MISS, edge; dur=7, origin; dur=341
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202311202228002B53C153B2D25DB31BA6
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
341,104.126.37.173
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b8f4de2279cdb15b1a4e3242dee6b4d4fbb4cca4a803d0e64dc874c8147c011439ba8bbda4f7f020856567a945cad9a3c8b9c03a41887e34c2da33feae541d8ec
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
796 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
840efd68.7a402115
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
205,104.126.37.173
server-timing
cdn-cache; desc=MISS, edge; dur=101, origin; dur=111, inner; dur=108
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202311202228004102E2B6F7FB16D176FC
x-cache-remote
TCP_MISS from a23-218-222-9.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
111,23.218.222.9
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b1d8fb76ad0ff1ceb53a7f7df42a9d65b0b4240f14cd2698bb74937cd7095baabfee1c9cf2e6c5c97f3c81534141402de9efb83c24f42cef89e0602c4f506e065f6c9cf72ed1fafc06fd6ed3edf173a40
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
795 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
845d1989.7a402129
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
149,104.126.37.173
server-timing
cdn-cache; desc=MISS, edge; dur=105, origin; dur=52, inner; dur=50
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202311202228005869C3FF166CD8A592CA
x-cache-remote
TCP_MISS from a23-218-222-13.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
52,23.218.222.13
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b2ce54841a3df276173156418b903fcc597479e488c7befd6297b69696138c3a05fa235ab082f0a014f75ea9fc3c90e2db87c55ca5f2c0739288faa5f153feee404f8a6c7763ee3d3a79d27c67dde8fb5
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
796 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
bfc325fc.7a40212a
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
302,104.126.37.173
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=214, inner; dur=211
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023112022280025A3D978706D658E5F24
x-cache-remote
TCP_MISS from a23-48-200-40.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
214,23.48.200.40
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b0c7d852485101236d14d1fdc8598c5a2768d47bea7fb12e83fb19b4310869767d3d6b839e1d4cb76ace682259d8c629bc9be76617233fe60edcbfbe83f2f2e4a2824e04aaee5c0bca8130b78d99cc8d2
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
793 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
78928c75.7a402133
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
166,104.126.37.173
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=79, inner; dur=75
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231120222800E3B604FDB46B15AB1739
x-cache-remote
TCP_MISS from a23-218-222-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
79,23.218.222.11
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387bae5e941a870992f2ac3f865e1e0217e23fb2ebc650fd816f330fe3d8397e410e7c66eb2c8a34f85c7807efca763f032c118a7d4c8eaea2bc4943874d7b611809dbb1019fd77d9d209fb21900dbe154f2
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
653 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7a402134
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing
inner; dur=43, cdn-cache; desc=MISS, edge; dur=9, origin; dur=137
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202311202228009F38C830A8FA49CBB13B
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
138,104.126.37.173
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387bcc1001fc0b33bed63980ae6be230d03c7eec1fead3b7266a8861eb68e80747f1eb8b32f3d9f9018655948fd6be57e9a722f7f5dd167746e01786d79d8f45d990
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
/
www.google.com/pagead/1p-user-list/10942352708/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10942352708/?random=1700519279940&cv=11&fst=1700517600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&u_w=1600&u_h=1200&url=https%3A%2F%2Fripmybills.com%2F&frm=0&tiba=Emergency%20Debt%20Relief&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNFwQ2MLZbpE1BiAsglikwbK19EIJ5WQ&random=3122862209&rmt_tld=0&ipr=y
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 22:28:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10942352708/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10942352708/?random=1700519279940&cv=11&fst=1700517600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&u_w=1600&u_h=1200&url=https%3A%2F%2Fripmybills.com%2F&frm=0&tiba=Emergency%20Debt%20Relief&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNFwQ2MLZbpE1BiAsglikwbK19EIJ5WQ&random=3122862209&rmt_tld=1&ipr=y
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 22:28:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
792 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
9fb90ca1.7a40215d
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
101,104.126.37.173
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=12, inner; dur=4
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231120222800C2F783A69BECCEAA7FC2
x-cache-remote
TCP_MISS from a23-48-200-37.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.48.200.37
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b04093c50d11338894d567feb72b8e72aed16bb9fbb6ed59b7c753ce246a86dd2e1438a3e38aab1fe42d2085a02e51c913225d2348906bfc6b87cbd68e14ab667769bc34827019e10655371b4fb2b943d
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
2150923328410657
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2150923328410657?v=2.9.138&r=stable&domain=ripmybills.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6603d843203d61b1c975c2d2708affee86f137d3380afa7a1c1c117b0204004
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 20 Nov 2023 22:28:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
XCLOvJyMiikkt9a2Zikea2q0sDUMLbjuxBCZNHYRYLn34SrKdcwIewbRr2Fq+d2FlwJqE/1s2MBPOh3pRabHUA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
654 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7a4021cb
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing
inner; dur=145, cdn-cache; desc=MISS, edge; dur=8, origin; dur=238
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231120222800BE040D575CECB4A811D5
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
239,104.126.37.173
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b8c122d1cf082a9fb92f6588a7a08c3bd7fcd68452310ffc29a42057ff588606c945ff33a3abfabc288d55c3720fb99dbe507b8c852580720b36a86b647b9d9c6
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
json
trc.taboola.com/1544673/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1544673/trc/3/json?tim=1700519280142&data=%7B%22id%22%3A851%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1700519280115%2C%22cv%22%3A%2220231119-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fripmybills.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-usmanmalik2daygmailcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1700519280142%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fripmybills.com%2F%22%2C%22tos%22%3A24%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1544673/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bd97120c77f035dfa58310f1fc4f45857e7f1cd612ea80942c10becef76a1416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
27
date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.549375
x-fastly-to-nlb-rtt
7462
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1700519280.156210,VS0,VE27
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css_embed
digital-hopr.leadshook.io/s/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digital-hopr.leadshook.io/s/css_embed
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/s/js_embed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.119.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-119-237.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
be6550664edad3f0ebd90aa2756b4d2a98a9ffcb51ab6dcd4a8d1d043d7badd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
gzip
server
nginx/1.19.9
x-powered-by
Express
x-cache-status
HIT
vary
Accept-Encoding
etag
W/"29ea-0O33ZNIyos1goRPYQWdtYVr1Ve0"
content-type
text/css; charset=utf-8
lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C
digital-hopr.leadshook.io/survey/ Frame 1BBE 		207 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/s/js_embed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.119.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-119-237.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
55f2592d24c0569a566c50c76274edc12070ace320a02ecfebeae048a56017b1

Request headers

Referer
https://ripmybills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 22:28:00 GMT
etag
W/"33b2b-e0pHZE5w+aPUOsKl0dkNf6xoIIQ"
expires
0
pragma
no-cache
server
nginx/1.19.9
vary
Accept-Encoding
x-cache-status
MISS
x-powered-by
Express
x-username
undefined
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/s/js_embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
747dca702ebf4e0af93d9f328eb715bdfe8b46c4dde12f85801bf9efb6b69711
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 20 Nov 2023 22:28:00 GMT
/
www.googleadservices.com/pagead/conversion/10942352708/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10942352708/?random=1700519280214&cv=11&fst=1700519280214&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fripmybills.com%2F&label=t4v8CNu_hYYYEMSa3OEo&hn=www.googleadservices.com&frm=0&tiba=Emergency%20Debt%20Relief&gtm_ee=1&auid=1937547415.1700519280&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10942352708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
6cc3061ae0b62429d33b8cc13ae576ba8707a04f0b7fc84a5b0d4fae4da0e23f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1592
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdn.min.css
cdn.convertri.com/ 		67 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/cdn.min.css?v=2023-10-03-08-09-59
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
4a9e5fa6d886f98d64d71b026e6e5fe57a3c207da288bbb63ee8a19803ec09f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
br
cdn-edgestorageid
1078
x-amz-request-id
02DY6JAV7H308PJ5
x-amz-server-side-encryption
AES256
cdn-cachedat
11/14/2023 09:49:37
cdn-pullzone
408079
x-amz-id-2
74kJ9fA3KlZmc7XECrLMhb9PcITA/vhPL0wTw/NyUDTkFZzB2QJUeJzYSdtJs9fdZ9jiR7VV0RQ=
last-modified
Tue, 14 Nov 2023 09:48:56 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"91bf7fad9eda26930ae8c633102e65e0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=604800
cdn-requestid
56afd2a62d8cc0df11409ddcc1d4e785
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
i
snowplow.convertri.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snowplow.convertri.com/i?stm=1700519280241&e=pv&url=https%3A%2F%2Fripmybills.com%2F&page=Emergency%20Debt%20Relief&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=899b6700-5020-4372-90b8-9e6db01a4b96&dtm=1700519280241&vp=1600x1200&ds=1600x4853&vid=1&sid=6cda453c-9484-453e-8d7a-7ca5d33b0548&duid=5cdc8287-ab1f-45b2-bcca-1bae19786c4e&fp=3099058815
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.83.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-83-207.compute-1.amazonaws.com
Software
spray-can/1.3.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 20 Nov 2023 22:28:00 GMT
access-control-allow-credentials
true
content-type
image/gif
server
spray-can/1.3.3
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
0
bat.bing.com/action/ 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97032516&Ver=2&mid=03f69ac3-518a-4e42-9aaa-f5b7d2fb0e14&sid=0fd6ba9087f411ee9a5a63ccec558d94&vid=0fd6ca6087f411eeb43bbd7dd521409f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Emergency%20Debt%20Relief&p=https%3A%2F%2Fripmybills.com%2F&r=&lt=587&evt=pageLoad&sv=1&rn=435332
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 20 Nov 2023 22:27:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F0B2B554AD3541C0B846B8938A0F1D14 Ref B: FRAEDGE1317 Ref C: 2023-11-20T22:28:00Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.18/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.18/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97032516
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
br
last-modified
Fri, 17 Nov 2023 13:41:44 GMT
etag
W/"0x8DBE772F014B026"
vary
Accept-Encoding
x-azure-ref
20231120T222800Z-r26dranhpt0d90suuhmtkdtufs000000059g00000002rxas
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7767f6a6-101e-004a-47fe-198d54000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2150923328410657&ev=PageView&dl=https%3A%2F%2Fripmybills.com%2F&rl=&if=false&ts=1700519280270&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700519280269.1794462630&ler=empty&it=1700519280095&coo=false&rqm=GET
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 20 Nov 2023 22:28:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
act
analytics.tiktok.com/api/v2/pixel/ 		0
791 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-177.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
c77683aa.7a4024ef
date
Mon, 20 Nov 2023 22:28:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
131,104.126.37.173
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=44, inner; dur=41
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023112022280081CD74E6E3A00EB084D0
x-cache-remote
TCP_MISS from a23-48-200-48.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
44,23.48.200.48
x-tt-trace-host
01fe45389c5a7de5e45010f17f9686eb5f79b8e5fd512da5d2f104594f77ee387b5c7ea3784292ef490ebe1b0bb6962bf3ff0760bb0ccd0ef12f9aba721023ec51e7a0b14be4527cc41f5dbc0449efe0f4c62d1e333932f497fc9524dda5fec9970ade0a9e7b17ef04610abff2ae9fccd1
access-control-allow-headers
Authorization,*
expires
Mon, 20 Nov 2023 22:28:00 GMT
debt%20support%20national%20logo%202.png
cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/efa3706f9b1af801a879721d100f4c686175f6dd/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/efa3706f9b1af801a879721d100f4c686175f6dd/debt%20support%20national%20logo%202.png
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
6f2b2bf14faf26c5d7b80955ead4832f7d25314683ba53ed4457e1516d7a8d8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
x-downloadsize
12812
cdn-edgestorageid
874
x-bo-processingtime
0
cdn-cachedat
11/19/2023 14:39:05
cdn-pullzone
408079
x-bo-server
ASB-203
last-modified
Tue, 14 Nov 2023 10:14:18 GMT
server
BunnyCDN-DE1-1055
cdn-requestpullcode
200
cdn-proxyver
1.04
x-bo-origindownloadtime
56
content-type
image/png
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
public, max-age=2592000
cdn-requestid
1bda6ca742e7a0d04840c0d983eada84
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
14jdo4l-secure-globalsign_0a003u000000000000001.png
cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/1a6b6c87e8ca68d2c89e1b8d69f3dc2c58797d31/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/1a6b6c87e8ca68d2c89e1b8d69f3dc2c58797d31/14jdo4l-secure-globalsign_0a003u000000000000001.png
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
36f4cc619b030f1152dadd768e782f8694c94ce21b0eea9d295de2bc328d10b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
x-downloadsize
23676
cdn-edgestorageid
1077
x-bo-processingtime
0
cdn-cachedat
11/19/2023 15:56:18
cdn-pullzone
408079
x-bo-server
ASB-256
last-modified
Tue, 14 Nov 2023 10:14:18 GMT
server
BunnyCDN-DE1-1055
cdn-requestpullcode
200
cdn-proxyver
1.04
x-bo-origindownloadtime
103
content-type
image/png
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
public, max-age=2592000
cdn-requestid
7951ac0ec8b33eec2e684f95520510a7
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
trustpilot-5stars.png
cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/0699145a1fd61b6cd64cc2bd891c9f2ee7caa783/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/0699145a1fd61b6cd64cc2bd891c9f2ee7caa783/trustpilot-5stars.png
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
1d41e5f20117a67571708a066a6e1a9814b9b3474c787e938915cedfdc303439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
x-downloadsize
13251
cdn-edgestorageid
1079
x-bo-processingtime
0
cdn-cachedat
11/14/2023 15:09:37
cdn-pullzone
408079
x-bo-server
ASB-254
last-modified
Tue, 14 Nov 2023 10:14:18 GMT
server
BunnyCDN-DE1-1055
cdn-requestpullcode
200
cdn-proxyver
1.04
x-bo-origindownloadtime
71
content-type
image/png
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
public, max-age=2592000
cdn-requestid
26b36661c0784d5a360a6ac40e533059
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
www-widgetapi.js
www.youtube.com/s/player/190c935f/www-widgetapi.vflset/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/190c935f/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb12f1b9b6d3171f23ada2b0c61fc393ea0dd63a2fe558efc7530f1565cf53e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:51:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
2200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68234
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 19 Nov 2024 21:51:20 GMT
/
www.google.de/pagead/1p-conversion/10942352708/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10942352708/?random=973009585&cv=11&fst=1700519280214&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&gcd=11l1l1l1l1&dma_cps=sypham...
  • https://www.google.com/pagead/1p-conversion/10942352708/?random=973009585&cv=11&fst=1700519280214&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1...
  • https://www.google.de/pagead/1p-conversion/10942352708/?random=973009585&cv=11&fst=1700519280214&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/10942352708/?random=973009585&cv=11&fst=1700519280214&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fripmybills.com%2F&label=t4v8CNu_hYYYEMSa3OEo&hn=www.googleadservices.com&frm=0&tiba=Emergency%20Debt%20Relief&gtm_ee=1&auid=1937547415.1700519280&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUkltQUZjX296VXFRa19MZXJvcU1oNTZ1OVJNdlhBSkY3VlNkTF81clR5ZDhlV2xvMko5UXVBGlhDaEFJZ0tUc3FnWVFyX2FaeW9XSXJvQjdFaTRBZmE1VzhsSGNiVVpDQlR5bTQ3X0oyQVRaMG5EV3NVTDkwcjR3V1poeUxvT2liNFVPWmxnUTZjX2l5R1JaIhMI5PiK_c_TggMVBjjgCh3KGwd0&is_vtc=1&ocp_id=cN1bZeSAEobwgAfKt5ygBw&cid=CAQSKQDICaaN2MQHDS-y0ZUxy2kAKkfE5isCibfU_DvgKRJceLjqx_vOalCv&random=887019709&ipr=y
Requested by
Host: ripmybills.com
URL: https://ripmybills.com/
Protocol
H2
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 22:28:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 22:28:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/10942352708/?random=973009585&cv=11&fst=1700519280214&bg=ffffff&guid=ON&async=1&gtm=45be3b81v899107639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fripmybills.com%2F&label=t4v8CNu_hYYYEMSa3OEo&hn=www.googleadservices.com&frm=0&tiba=Emergency%20Debt%20Relief&gtm_ee=1&auid=1937547415.1700519280&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUkltQUZjX296VXFRa19MZXJvcU1oNTZ1OVJNdlhBSkY3VlNkTF81clR5ZDhlV2xvMko5UXVBGlhDaEFJZ0tUc3FnWVFyX2FaeW9XSXJvQjdFaTRBZmE1VzhsSGNiVVpDQlR5bTQ3X0oyQVRaMG5EV3NVTDkwcjR3V1poeUxvT2liNFVPWmxnUTZjX2l5R1JaIhMI5PiK_c_TggMVBjjgCh3KGwd0&is_vtc=1&ocp_id=cN1bZeSAEobwgAfKt5ygBw&cid=CAQSKQDICaaN2MQHDS-y0ZUxy2kAKkfE5isCibfU_DvgKRJceLjqx_vOalCv&random=887019709&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
q.clarity.ms/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ripmybills.com
Date
Mon, 20 Nov 2023 22:28:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
d3fed649.frontend_vendor.css
static.leadshook.io/app/ Frame 1BBE 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/d3fed649.frontend_vendor.css
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-112.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:36:26 GMT
content-encoding
gzip
via
1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 00:45:06 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
39095
x-amz-server-side-encryption
AES256
etag
W/"d3fed6497d41e35427f8a3440db188fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
x-amz-cf-id
E6oS3BXa7RO2EP8PIem_2fMe6_0IzLJ5jUQzkCK_bXVYszHyrxmxRg==
05245cb5.app.css
static.leadshook.io/app/ Frame 1BBE 		279 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/05245cb5.app.css
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-112.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c229ee6afd5d66dc026e92bd8416780a680abd7bfa503d4644286d9985d628e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 20:04:35 GMT
content-encoding
gzip
via
1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 00:45:05 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
8646
x-amz-server-side-encryption
AES256
etag
W/"05245cb5d444b57adbf32dbb9b67569a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
x-amz-cf-id
tVzLNaLeavnVCkStBMNdOO0jqxYhoxajYk6s9JtvkddNX5Ufb6T8ig==
pollyfill.js
polyfill.leadshook.io/ Frame 1BBE 		101 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.leadshook.io/pollyfill.js
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-55.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:35:41 GMT
content-security-policy
default-src 'self'
via
1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P1
age
370339
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=31536000
feature-policy
camera 'none'; microphone 'none'; speaker 'none'
content-length
101
x-amz-cf-id
hAe4b6OVXsl_USILxzYehlxE5cQPDBWS_KNbXAt83KAyNvROHvrbvQ==
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 1BBE 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1002385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4rN%2FcGUSNRAh8l%2FLGZ5LbG2t9XO4LG4BUPKV7c3Z4JZ5piIE3M9s%2FLwrssQ6AOF9TSfmNc6bbXbldcgGepAThfCpTpGuiOR%2BQl7nFRBodYIP8untYHi29HQExWtghNVdzIZ8qSoY4nebmvqZ5i9IFN7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82941f9eb8b76901-FRA
expires
Sat, 09 Nov 2024 22:28:00 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame 1BBE 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
837453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22890
last-modified
Sat, 25 Dec 2021 03:05:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61c68a7c-596a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KasT7gTN5dMvP0B9G%2Fj8AaVxDw%2FtkibBIk%2BRw33nSlmEXBw7YehYJJ24o%2BxrkcmnV5217x73FBtXqkOuUzAWFQyUeB9%2FKbt2SVDd8UWe49aMO5Xul%2FoitnParEYcbF0c%2BL%2BPvbYi5bdtkXmF1tamGOGn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82941f9ef8e66901-FRA
expires
Sat, 09 Nov 2024 22:28:00 GMT
a50169db.frontend_vendor.js
static.leadshook.io/app/ Frame 1BBE 		2 MB
527 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/a50169db.frontend_vendor.js
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-112.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61c45e2bf4eecf61ebca61e7204b1163436e0dbed20c1bdd4eed68f834af26fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:18:03 GMT
content-encoding
gzip
via
1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 00:45:06 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
47411
x-amz-server-side-encryption
AES256
etag
W/"a50169db9397ed8ecf57c8d6fd453759"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
0JITEmt3z9DsGih63DB4BJOX2vKpT_mruH8aVBqzUUnYct5UELVgGw==
aa9bcf34.frontend_app.js
static.leadshook.io/app/ Frame 1BBE 		3 MB
330 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/aa9bcf34.frontend_app.js
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-112.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba1ab6d959bcd07723c3bcfcb98c632b2eeaab2ecf21904f5c532546756e6922

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 18:47:05 GMT
content-encoding
gzip
via
1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
last-modified
Mon, 20 Nov 2023 18:10:30 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
13256
etag
W/"c28493ad529953a34c2416f7ed4943f6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
A3bDv8xAmBV7o7FcY1vX0GnwYO_VgYkpMbZ_PfC3SvdL4XVfZY14wQ==
js
maps.googleapis.com/maps/api/ Frame 1BBE 		194 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAMNhdNamsXU3plz-WUAS-eW1aqPepRenE&libraries=places&callback=Function.prototype
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
88991557def684a2e01f84790d5979c379dcaf6f48fbaca6cc460b7f5a739f57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66620
x-xss-protection
0
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/ Frame 1BBE 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
756968
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14107
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-bb78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDZWtXj7Z%2Bbv%2FU5xiaerQRvhYaljkYU%2FKoQikWTCan4HEKDKwYhM6izVP%2F8vJBzIL7BExSM%2BefBU4Xwidzu0qA8%2FB3LAJ3CPcnzPvDurNgmvN7XF9jYtaKPeQyrOpUey%2FoHWkJBpwrGTmAyHZ0Jw74c2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82941f9ef8e76901-FRA
expires
Sat, 09 Nov 2024 22:28:00 GMT
css2
fonts.googleapis.com/ Frame 1BBE 		249 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c482bce7feedf1401fac31206a5ca1735c6b9ae41d34ce9a2faa42f5a2d27760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 22:28:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Nov 2023 22:28:00 GMT
hotjar-2029956.js
static.hotjar.com/c/ Frame 1BBE 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2029956.js?sv=6
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
4b3ea03e6fea621b612cfddb8dce059394858cb1793aca8b9f5dab995b3e2a82
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/42b856fa462dea9aa367b0c25137bc84
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
tCpfK_YunNtNm0_Kvn5tEi3Hy-tLigqYA0S7OWH_pD-_oMIiYJQdbw==
bootstrap.js
cdn.trustedform.com/ Frame 1BBE
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=17005192807840.728208632691858&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=17005192807840.728208632691858&invert_field_sensitivity=false
8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=17005192807840.728208632691858&invert_field_sensitivity=false
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Server
2600:9000:223d:e600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:02 GMT
x-amz-version-id
D_l7Wi1wOYgTC52uzRMI5HnwJykAKtLr
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 19:52:40 GMT
server
AmazonS3
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"e11406d1e7ba652ddbe0623e1207c210"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
BkGxrJ22aCmjGun5UDcBQemx8j0cLv7mt9CvQ3ctN0IiCalHc2fU2Q==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=17005192807840.728208632691858&invert_field_sensitivity=false
date
Mon, 20 Nov 2023 22:28:01 GMT
server
awselb/2.0
content-length
134
content-type
text/html
modules.78e2d84033035343416f.js
script.hotjar.com/ Frame 1BBE 		225 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.78e2d84033035343416f.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2029956.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
d41871d2894dc875d0dad73822efe7d3d43c459d53dde0e0d2006cd5c7427e75
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 13:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
378474
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
57067
last-modified
Thu, 16 Nov 2023 13:19:14 GMT
etag
"7b69405e970c278e52f057627811a838"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
yR0wUTug-0AO_uX9OHFEKlmoflnxBo6hD8IgDuUe8WL1aaYWS1G6uQ==
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame 1BBE 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAMNhdNamsXU3plz-WUAS-eW1aqPepRenE&libraries=places&callback=Function.prototype
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://digital-hopr.leadshook.io
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
nodetracker
digital-hopr.leadshook.io/api/ Frame 1BBE 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://digital-hopr.leadshook.io/api/nodetracker
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/app/a50169db.frontend_vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.119.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-119-237.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://digital-hopr.leadshook.io
date
Mon, 20 Nov 2023 22:28:00 GMT
access-control-allow-credentials
true
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
vary
X-HTTP-Method-Override, Origin
pixel.png
d2zdr2rqflfo3.cloudfront.net/ Frame 1BBE 		95 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2zdr2rqflfo3.cloudfront.net/pixel.png?host=digital-hopr.leadshook.io&subdomain=digital-hopr&accountId=1379&quizId=52597&leadId=443261982&quizVersionId=28
Requested by
Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-159.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:02 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
last-modified
Sat, 28 Sep 2019 18:11:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"9591c410148e6883727c5339fd1c02cd"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
MhbaCZ0PZjFMfaTeROK30JyLRoNnvzvk9bNxj4UERR7UWs8Ckf1hfA==
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 1BBE 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://digital-hopr.leadshook.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:18:30 GMT
x-content-type-options
nosniff
age
281370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 16:18:30 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 1BBE 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://digital-hopr.leadshook.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 19:33:17 GMT
x-content-type-options
nosniff
age
269683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 19:33:17 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 1BBE 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://digital-hopr.leadshook.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 00:19:52 GMT
x-content-type-options
nosniff
age
252488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 00:19:52 GMT
geoip
digital-hopr.leadshook.io/api/ Frame 1BBE 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://digital-hopr.leadshook.io/api/geoip?leadId=443261982
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/app/a50169db.frontend_vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.119.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-119-237.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
d906a72782335df3243a101e4c041d36e540602373701c35681dc575de71e18c

Request headers

Accept
*/*
Referer
https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:01 GMT
content-encoding
gzip
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
etag
W/"d72-XPnwEpNIT5ym/Yhh141CghicKUA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-cache-status
MISS
leaddevice
digital-hopr.leadshook.io/api/ Frame 1BBE 		1 KB
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://digital-hopr.leadshook.io/api/leaddevice?leadId=443261982&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.159+Safari%2F537.36
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/app/a50169db.frontend_vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.119.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-119-237.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
46344b3fc6885bfdcf489192c9d36d86c78414ee5a19f2a33d9447017a0088d6

Request headers

Accept
*/*
Referer
https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:01 GMT
content-encoding
gzip
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
etag
W/"567-QQJgR6Bcou2lPLx10cwye7PdfPw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-cache-status
MISS
certs
api.trustedform.com/ Frame 1BBE 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=17005192807840.728208632691858&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.185.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-185-199.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
86708d3e8b87b5151bb982e33d6896d1c13ea0e054c291bc718003f9bcef746c

Request headers

Referer
https://digital-hopr.leadshook.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 22:28:01 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F748189AC93242718B5C2BB06A7C259A&RedC=c.clarity.ms&MXFR=2A63666CDC8A6874206475A3D88A66D2
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F748189AC93242718B5C2BB06A7C259A&MUID=12C24B1DB6F96CC7142158D2B72B6D7A
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F748189AC93242718B5C2BB06A7C259A&MUID=12C24B1DB6F96CC7142158D2B72B6D7A
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 22:28:01 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 22:28:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 805FC8FFA5FF4D909536321681E23091 Ref B: FRAEDGE1317 Ref C: 2023-11-20T22:28:01Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F748189AC93242718B5C2BB06A7C259A&MUID=12C24B1DB6F96CC7142158D2B72B6D7A
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
443261982
digital-hopr.leadshook.io/api/leads/ Frame 1BBE 		782 B
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://digital-hopr.leadshook.io/api/leads/443261982
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/app/a50169db.frontend_vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.119.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-119-237.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
a9946906d5e08f6999a913dfd4da6ada5e78143d8695e8af0ed240ee5b394b39

Request headers

Accept
application/json, text/plain, */*
Referer
https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 22:28:01 GMT
content-encoding
gzip
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
etag
W/"30e-RMQlF+7ZEUz9O/Rp0WVvOWs921I"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://digital-hopr.leadshook.io
access-control-allow-credentials
true
376193075
digital-hopr.leadshook.io/api/impressions/ Frame 1BBE 		3 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://digital-hopr.leadshook.io/api/impressions/376193075
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/app/a50169db.frontend_vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.119.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-119-237.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
080a9ed428559ef602668b4c00f114f1a11c3f6b02a435f0bdc154578e4d7f22

Request headers

Accept
application/json, text/plain, */*
Referer
https://digital-hopr.leadshook.io/survey/lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C?embed=true&index=0&_ttp=M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 22:28:01 GMT
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
etag
W/"3-9imuRLez3P7URNNj5ibt9BHsaag"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://digital-hopr.leadshook.io
access-control-allow-credentials
true
content-length
3
unip
trc-events.taboola.com/1544673/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1544673/log/3/unip?en=pre_d_eng_tb&tos=1578&scd=0&ssd=1&est=1700519280117&ver=36&isls=true&src=i&invt=1500&msa=3653&rv=1&tim=1700519281696&vi=1700519280115&ri=15856220a0baaa0dd2d5545a89357cf2&ref=null&cv=20231119-2-RELEASE&item-url=https%3A%2F%2Fripmybills.com%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1544673/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ripmybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
https://ripmybills.com
pragma
no-cache
date
Mon, 20 Nov 2023 22:28:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
trustedform-1.9.4.js
cdn.trustedform.com/ Frame 1BBE 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.9.4.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=17005192807840.728208632691858&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:e600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gtnb1Uxu8qLJRc.iYT4wVelhc0u4qkAi
content-encoding
gzip
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date
Mon, 20 Nov 2023 22:27:40 GMT
last-modified
Wed, 08 Nov 2023 19:52:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
22
etag
W/"f46641519eee44fe450f02ae72e64a74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
6ADtcxCN3XSlAzqJpiygOYKZ2OdaJqNb3wfeiPer1IPuvZbWQdSRyQ==
snapshot
api.trustedform.com/certs/9d32a8213c85e17af1114b6cbc56996f8c6e29d9/ Frame 1BBE 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/9d32a8213c85e17af1114b6cbc56996f8c6e29d9/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.185.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-185-199.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://digital-hopr.leadshook.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 20 Nov 2023 22:28:02 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
fingerprints
api.trustedform.com/certs/9d32a8213c85e17af1114b6cbc56996f8c6e29d9/ Frame 1BBE 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/9d32a8213c85e17af1114b6cbc56996f8c6e29d9/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.185.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-185-199.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://digital-hopr.leadshook.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 20 Nov 2023 22:28:02 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
pixel.png
d2zdr2rqflfo3.cloudfront.net/ Frame 1BBE 		95 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2zdr2rqflfo3.cloudfront.net/pixel.png?host=digital-hopr.leadshook.io&subdomain=digital-hopr&accountId=1379&quizId=52597&leadId=443261982&quizVersionId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-159.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digital-hopr.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 22:28:02 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
last-modified
Sat, 28 Sep 2019 18:11:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"9591c410148e6883727c5339fd1c02cd"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
ijSEAhfl_xZjhqP7LrNT0bIWYKzOwFXniRdZJwaGZO6hWKTt5g6w_A==
truncated
/ Frame 1BBE 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
text/javascript
collect
q.clarity.ms/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://ripmybills.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ripmybills.com
Date
Mon, 20 Nov 2023 22:28:02 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| documentClassList object| CONVERTRI_CONSTANTS object| convertriParameters object| warningMessages object| submitMessages object| dataLayer object| ConvertriScriptConsent string| TiktokAnalyticsObject object| ttq object| _tfa object| uetq function| gtag function| fbq function| _fbq function| UET function| UET_init function| UET_push object| ueto_f7224ec216 object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| attrUnescape function| parseAttributes function| getViewport function| addEvent number| mobileBreakpoint function| resize object| LH object| quizzes string| _cvt_gsi function| needsJQuery function| convertriLoadDeferredStyles function| raf object| UrlUtils function| managePopovers function| Popover object| FormValidator function| manageIframesState function| CheckoutValidationErrorRenderer function| AnalyticsUtils function| ClickAnalyticsEventBuilder function| OpenCheckoutAnalyticsEventBuilder function| PurchaseAnalyticsEventBuilder function| PurchaseAnalyticsLegacyEventBuilder function| SubmitFormAnalyticsEventBuilder function| GmtDataLayerTracker function| AnalyticsEvent function| ClickAnalyticsEvent function| OpenCheckoutAnalyticsEvent function| PurchaseAnalyticsLegacyEvent function| PurchaseAnalyticsEvent function| SubmitFormAnalyticsEvent function| convertriCheckoutApiFactory function| convertriFormApiFactory function| convertriCheckoutFormApiFactory function| convertriCheckoutFormValidatorFactory function| jQueryToPromise function| orderDataFactory function| PaypalBasePaymentButton function| PaypalException function| PaypalOneTimePaymentButtonConfigFactory function| PaypalOneTimePaymentButton function| convertToPaypalOrder function| PaypalButtonConfigFactory function| PaypalSubscriptionButtonConfigFactory function| PaypalSubscriptionButton function| ShippingZonesHelper function| StripeElements function| CheckoutModalCustomValidatorFactory function| uniqueSelector function| visibilityChanged function| yall object| ConvertriCheckoutCurrencies object| ConvertriCheckoutEvents object| ConvertriCheckoutModalEvents object| ConvertriProductSelectionModalEvents function| ConvertriAnalytics object| CheckoutCoupons object| ConvertriAbandonedCartHandler object| ConvertriCheckoutController object| formWidgetCartInfo object| BlankFormValidator object| CheckoutHelpers object| PromiseHelpers object| ConvertriCheckoutPaymentDetailsForm object| ConvertriCheckoutModal object| ConvertriPreCheckoutProductSelection object| ConvertriCheckoutModalRenderer object| ConvertriCheckoutModalPreviewRenderer object| MobileDetector object| QueryArgBag function| ViewportResizer object| GlobalSnowplowNamespace function| ConvertriAnalyticsSnowplow function| Cookies object| doT function| ES6Promise function| $ function| jQuery object| Snowplow function| UAParser object| fbEventInfo object| fbPixelProxy function| getPresentCoupon function| handleCheckoutResponse boolean| menuScriptsLoaded object| match object| jQuery112209450183448915686 function| clarity object| clarityuetq object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

30 Cookies

Domain/Path Name / Value
.ripmybills.com/ Name: _gcl_au
Value: 1.1.1937547415.1700519280
.tiktok.com/ Name: _ttp
Value: 2YSW5gcCwwhvZhPwiBg4z0xgDvZ
.ripmybills.com/ Name: _tt_enable_cookie
Value: 1
.ripmybills.com/ Name: _ttp
Value: M1ZMMU1Ks9hZab2u9Dp0TwOq-vA
www.clarity.ms/ Name: CLID
Value: 3ed7b9f7435a4bd791960f09859c8fe1.20231120.20241119
ripmybills.com/ Name: _sp_ses.f55e
Value: *
ripmybills.com/ Name: _sp_id.f55e
Value: 5cdc8287-ab1f-45b2-bcca-1bae19786c4e.1700519280.1.1700519280.1700519280.6cda453c-9484-453e-8d7a-7ca5d33b0548
.ripmybills.com/ Name: _uetsid
Value: 0fd6ba9087f411ee9a5a63ccec558d94
.ripmybills.com/ Name: _uetvid
Value: 0fd6ca6087f411eeb43bbd7dd521409f
.ripmybills.com/ Name: _fbp
Value: fb.1.1700519280269.1794462630
.ripmybills.com/ Name: _clck
Value: a20arp%7C2%7Cfgv%7C0%7C1419
.youtube.com/ Name: YSC
Value: acTvYqGNjI4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: vgQcGu3eTTs
.bing.com/ Name: MUID
Value: 12C24B1DB6F96CC7142158D2B72B6D7A
.doubleclick.net/ Name: IDE
Value: AHWqTUloxQrrMP0sN1uykQgI9t6MxKOohjrlXyZHYAhU_ENZKhzHXUKpCczExoz1
digital-hopr.leadshook.io/ Name: AWSALBTGCORS
Value: cGmq/E/TtkPvDECN1wt3UnuLCu7teVpDhHTr0kLntL2+5858qLNvHz2xJb6J1ZQHLlAHln0GZXbAzHv6z39xqdMntw2iCrZAuVZO3/6GUO5Ro1JjEmOpC+VxWIMnkSsJyMLns0W9AlfZoJRhFC9qmPfS7n8pP83S+E4c7QR4HpYPXszC2GqiK/bpylga2icACOieXr9QMiq27Rb2WFWYe2GhMSec+O+4MVxUNzY+cKGUp6DhNumAvcd6qN47PpbYHNjHYhI=
digital-hopr.leadshook.io/ Name: AWSALBCORS
Value: qzQ0fl4TFDEkAAwIQKh1Zh0hyZqyjEyJqvV8aiAgs/KEXvBOTS8x2O3kNgqr0j8nZRGvQJD42yg1WELHlJglcEXKANEW0ogC/2VkovMw9fI2A0SkRZjAQ2tDC2HF
digital-hopr.leadshook.io/ Name: lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C.leadData
Value: j%3A%7B%22leadId%22%3A443261982%2C%22leadToken%22%3A%22lOkPAbbkZe9slR9iU3Wr9GaQ1QSNdVsQvftOy53C88ghqHXgRdBsrVIZOSSu%22%2C%22quizId%22%3A52597%7D
.ripmybills.com/ Name: _clsk
Value: 1a2u3g2%7C1700519280960%7C1%7C1%7Cq.clarity.ms%2Fcollect
.leadshook.io/ Name: _hjSessionUser_2029956
Value: eyJpZCI6IjA5NzhhMWU4LTgwZTItNTBiNy04Y2EzLTJiYTU1OTk0NGY5OCIsImNyZWF0ZWQiOjE3MDA1MTkyODEwNjMsImV4aXN0aW5nIjpmYWxzZX0=
.leadshook.io/ Name: _hjFirstSeen
Value: 1
.leadshook.io/ Name: _hjIncludedInSessionSample_2029956
Value: 0
.leadshook.io/ Name: _hjSession_2029956
Value: eyJpZCI6IjU1NWVhYWFkLTJmMDAtNDAwNy1iZjVhLWMyOWQwM2NkYjcxYSIsImNyZWF0ZWQiOjE3MDA1MTkyODEwNjQsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.leadshook.io/ Name: _hjAbsoluteSessionInProgress
Value: 0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 12C24B1DB6F96CC7142158D2B72B6D7A
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 12C24B1DB6F96CC7142158D2B72B6D7A
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.trustedform.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.convertri.com
cdn.taboola.com
cdn.trustedform.com
cdnjs.cloudflare.com
connect.facebook.net
d2zdr2rqflfo3.cloudfront.net
digital-hopr.leadshook.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.dmca.com
maps.googleapis.com
polyfill.leadshook.io
q.clarity.ms
ripmybills.com
script.hotjar.com
snowplow.convertri.com
static.hotjar.com
static.leadshook.io
trc-events.taboola.com
trc.taboola.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
104.126.37.177
108.156.60.112
13.32.118.159
13.32.121.55
13.32.27.54
141.226.228.48
142.250.185.194
151.101.65.44
18.213.83.207
18.66.97.49
20.231.53.73
2400:52e0:1e00::1055:1
2400:52e0:1e00::1082:1
2600:9000:223d:e600:1c:7f1a:6680:93a1
2606:4700::6811:180e
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.225.185.199
34.192.119.237
35.240.1.10
68.219.88.97
080a9ed428559ef602668b4c00f114f1a11c3f6b02a435f0bdc154578e4d7f22
1d41e5f20117a67571708a066a6e1a9814b9b3474c787e938915cedfdc303439
1f9a5f8896b9252f0d1193dad6146c738fc08dd742e714072926c4a000843c33
35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71
36f4cc619b030f1152dadd768e782f8694c94ce21b0eea9d295de2bc328d10b0
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17
3731a983c875b3730317fa39efe8ab07e9c7a1886d88e786eea33cdc6723514a
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fe46044b686602edd93e83b9b40061294b5855dbf729c71d8496bc8a48b650a
42316285be5fdd505800c994c6c60605edcdf7fc18f224653fe61475fa380c62
46344b3fc6885bfdcf489192c9d36d86c78414ee5a19f2a33d9447017a0088d6
482be17e05c855bd609c6b3b5ea92dafebec0e39edfd2b21404b87214c934252
4a9e5fa6d886f98d64d71b026e6e5fe57a3c207da288bbb63ee8a19803ec09f6
4b3ea03e6fea621b612cfddb8dce059394858cb1793aca8b9f5dab995b3e2a82
4de40b01b28fbc5ad8916c6139e85cd2069195f4142ae90324c776768f580af3
53eaa58cf4e7fc8d68a3b557ad8f67b8b6613e7431e87a6ca896948c53ef2d35
55f2592d24c0569a566c50c76274edc12070ace320a02ecfebeae048a56017b1
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
61c45e2bf4eecf61ebca61e7204b1163436e0dbed20c1bdd4eed68f834af26fd
66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8
6a4d34ba84cc1d9a74ee6dd1429fca0dd57f461af8deffe05d52e72157c26373
6cc3061ae0b62429d33b8cc13ae576ba8707a04f0b7fc84a5b0d4fae4da0e23f
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f2b2bf14faf26c5d7b80955ead4832f7d25314683ba53ed4457e1516d7a8d8c
71d5feaf48d683c491122479bbfb7218388e8cd1df904d912419b742c475a831
747dca702ebf4e0af93d9f328eb715bdfe8b46c4dde12f85801bf9efb6b69711
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
86708d3e8b87b5151bb982e33d6896d1c13ea0e054c291bc718003f9bcef746c
884d2cd5ba1b567924c3d174d5cb03f9ad49777bd3c4aa97ce01567acdcdf587
88991557def684a2e01f84790d5979c379dcaf6f48fbaca6cc460b7f5a739f57
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d62ef284ac53a609354be09b50d566bb18c4bb1cb8d63db8ed05d7ef8db1efe
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a57f8f24eda605a473a8893d0c945f89d27675f1f38bf347d6f2584e21a0afff
a6603d843203d61b1c975c2d2708affee86f137d3380afa7a1c1c117b0204004
a9946906d5e08f6999a913dfd4da6ada5e78143d8695e8af0ed240ee5b394b39
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
ba1ab6d959bcd07723c3bcfcb98c632b2eeaab2ecf21904f5c532546756e6922
bb12f1b9b6d3171f23ada2b0c61fc393ea0dd63a2fe558efc7530f1565cf53e6
bd97120c77f035dfa58310f1fc4f45857e7f1cd612ea80942c10becef76a1416
be6550664edad3f0ebd90aa2756b4d2a98a9ffcb51ab6dcd4a8d1d043d7badd2
c229ee6afd5d66dc026e92bd8416780a680abd7bfa503d4644286d9985d628e2
c482bce7feedf1401fac31206a5ca1735c6b9ae41d34ce9a2faa42f5a2d27760
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cbb580bf5c8127da1e13d447ae436c18393f7d7ab50747b125dd447052fd9443
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d41871d2894dc875d0dad73822efe7d3d43c459d53dde0e0d2006cd5c7427e75
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d906a72782335df3243a101e4c041d36e540602373701c35681dc575de71e18c
daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe
dbeb32e5ae3eef3ded3cc187bc787c7c0fb8c59ddd49712400d16e77b450184b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f93a2099c3616f66c36e451e221e1069827e048d77eecc0b5219de876eb715d2