www.freedom2020withbigt.com Open in urlscan Pro
2606:4700:3037::ac43:d9ea Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.freedom2020withbigt.com/?view=cl
Submission: On December 02 via manual (December 2nd 2020, 10:39:53 pm UTC) from US

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 17 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3037::ac43:d9ea, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.freedom2020withbigt.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 24th 2020. Valid for: a year.

This is the only time www.freedom2020withbigt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::ac43:d9ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
7	2600:9000:20e... 2600:9000:20eb:c400:f:75e2:4ac0:21	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2.18.234.122 2.18.234.122	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
6	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6814:3777	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	151.101.128.114 151.101.128.114	54113 (FASTLY) (FASTLY)
7	2606:4700:20:... 2606:4700:20::681a:316	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
2	63.33.242.232 63.33.242.232	16509 (AMAZON-02) (AMAZON-02)
1	52.200.142.81 52.200.142.81	14618 (AMAZON-AES) (AMAZON-AES)
44	19

1 2606:4700:3037::ac43:d9ea (United States)

ASN13335 (CLOUDFLARENET, US)

www.freedom2020withbigt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:20eb:c400:f:75e2:4ac0:21 (United States)

ASN16509 (AMAZON-02, US)

d3bjnmbj12697.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.122 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-122.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:3777 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pushcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.242.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-242-232.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.142.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-142-81.compute-1.amazonaws.com

stansberry.us-1.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	89 KB
7	lytics.io c.lytics.io	43 KB
7	cloudfront.net d3bjnmbj12697.cloudfront.net	313 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	83 KB
2	gstatic.com fonts.gstatic.com	28 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	evergage.com stansberry.us-1.evergage.com	632 B
1	evgnet.com cdn.evgnet.com	35 KB
1	pushcrew.com cdn.pushcrew.com	70 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	brightcove.net players.brightcove.net	184 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	14 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	30 KB
1	fontawesome.com use.fontawesome.com	12 KB
1	googleapis.com fonts.googleapis.com	884 B
1	freedom2020withbigt.com www.freedom2020withbigt.com	6 KB
44	17

	Domain	Requested by
7	c.lytics.io	www.freedom2020withbigt.com c.lytics.io
7	d3bjnmbj12697.cloudfront.net	www.freedom2020withbigt.com d3bjnmbj12697.cloudfront.net
6	dev.visualwebsiteoptimizer.com	www.freedom2020withbigt.com dev.visualwebsiteoptimizer.com
4	cdn.krxd.net	www.freedom2020withbigt.com cdn.krxd.net
2	beacon.krxd.net	cdn.krxd.net www.freedom2020withbigt.com
2	consumer.krxd.net	cdn.krxd.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	stansberry.us-1.evergage.com	cdn.evgnet.com
1	cdn.evgnet.com	www.freedom2020withbigt.com
1	cdn.pushcrew.com	www.freedom2020withbigt.com
1	www.googletagmanager.com	www.freedom2020withbigt.com
1	players.brightcove.net	www.freedom2020withbigt.com
1	stackpath.bootstrapcdn.com	www.freedom2020withbigt.com
1	cdnjs.cloudflare.com	www.freedom2020withbigt.com
1	code.jquery.com	www.freedom2020withbigt.com
1	use.fontawesome.com	www.freedom2020withbigt.com
1	fonts.googleapis.com	www.freedom2020withbigt.com
1	www.freedom2020withbigt.com
44	19

This site contains links to these domains. Also see Links.

Domain
www.palmbeachgroup.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-24` - `2021-07-24`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-10-03`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
*.pushcrew.com Go Daddy Secure Certificate Authority - G2	`2019-07-23` - `2021-07-31`	2 years	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
cdn.evergage.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-04-27`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh
*.us-1.evergage.com Amazon	`2020-10-02` - `2021-11-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.freedom2020withbigt.com/?view=cl
Frame ID: CE2048A9C592385E2E383C97B60FB6D0
Requests: 43 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 908277BDDD2A176CE985D9B11097ED38
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

44
Requests

98 %
HTTPS

61 %
IPv6

17
Domains

19
Subdomains

19
IPs

5
Countries

968 kB
Transfer

2494 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.palmbeachgroup.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.freedom2020withbigt.com/ 20 KB
6 KB 251ms
221ms Document
text/html 2606:4700:3037::ac43:d9ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d9ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5d141b2974df105aff35c65d00d324690aec43ba00104c3178d8c47d071329

Request headers

:method: GET
:authority: www.freedom2020withbigt.com
:scheme: https
:path: /?view=cl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8eb66ca58a2df0815c5775ce008b8c881606948767; expires=Fri, 01-Jan-21 22:39:27 GMT; path=/; domain=.freedom2020withbigt.com; HttpOnly; SameSite=Lax; Secure AWSALB=yBtFmciLF8/4/AYnhWgdmoDGet3WFmnh+fdIJKT6lNiS6t2FCwgdfo7w7KTUpqKlEFgyVljVBfsnoP+EpCf8fAAM+y6GYRhxzqbO0ZBQHv+JgJXrXccwNdLiC4Hf; Expires=Wed, 09 Dec 2020 22:39:27 GMT; Path=/ AWSALBCORS=yBtFmciLF8/4/AYnhWgdmoDGet3WFmnh+fdIJKT6lNiS6t2FCwgdfo7w7KTUpqKlEFgyVljVBfsnoP+EpCf8fAAM+y6GYRhxzqbO0ZBQHv+JgJXrXccwNdLiC4Hf; Expires=Wed, 09 Dec 2020 22:39:27 GMT; Path=/; SameSite=None
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 06c7355d25000006297f0a8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=29D1YsJE%2BQR371x%2FwjjdoAYxBuEPlqiofatQHmNzY3SUrrq4xjValyRjCe8i8HVrxyRRGEk5VBL%2FPGI%2BqB8spUAgni4dNCg3%2B5z2IbaxFx8cZiC9l1%2FhGTCHZsXJ5LNgq84mCDH%2BCp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fb88b41daf40629-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 9 KB
884 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:400,400i,700,700i|Barlow+Condensed:400,400i,700,700i&display=swap

Requested by

Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8364a234c898492d0b258cc6f6b2c47a1df08f217edc6f74244660e8ddc5d6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 22:39:27 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Wed, 02 Dec 2020 22:39:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 02 Dec 2020 22:39:27 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 132ms
44ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Origin: https://www.freedom2020withbigt.com
Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK extend.css
d3bjnmbj12697.cloudfront.net/_/css/extend/3.0.1/ 152 KB
152 KB 36ms
8ms Stylesheet
text/css 2600:9000:20eb:c400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/css/extend/3.0.1/extend.css
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e192bb03d076277c39b69a89c8a52c574c9825bbf333a4d8db60078500e712b2

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 16:03:30 GMT
Via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
Last-Modified: Tue, 14 Jul 2020 15:24:53 GMT
Server: AmazonS3
Age: 23758
ETag: "a7aaffc3f49efb5d3299c2b5b815dc21"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 155628
X-Amz-Cf-Id: sy0kdcm34FfH7hKKjfHYORvFHNHoNEd-0xIZ1BD5zTAi1SP4qvOtaQ==

GET
H/1.1 200
OK aos.css
d3bjnmbj12697.cloudfront.net/_/css/aos/ 28 KB
29 KB 437ms
409ms Stylesheet
text/css 2600:9000:20eb:c400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/css/aos/aos.css
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b16a6001ebd3994e238fdea6ac97c2e86c0025d2e7b8f1b607b6c93645f8e20e

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 22:39:28 GMT
Via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
Last-Modified: Mon, 25 Nov 2019 19:21:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
ETag: "daddd0f7c6385a6e08e3397d09f7cebf"
X-Cache: Miss from cloudfront
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28766
X-Amz-Cf-Id: dt4j508F3h-ybfgZ4F_OmzHMur5JdFVgfwDTatC4RGb_34F0dYNHAQ==

GET
H/1.1 200
OK custom.css
d3bjnmbj12697.cloudfront.net/pb/p/pbv/2001/css/d/ 34 KB
34 KB 39ms
11ms Stylesheet
text/css 2600:9000:20eb:c400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/p/pbv/2001/css/d/custom.css?v=16
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45be6b4ed97736d1e1590e0197b6b2f18b099c2c273bda7a2af526d210724ec4

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 17:14:30 GMT
Via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
Last-Modified: Wed, 18 Dec 2019 20:53:25 GMT
Server: AmazonS3
Age: 19498
ETag: "0b02d7a06419f60249aa83e6a6b7a935"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 34506
X-Amz-Cf-Id: XGUVFCrHhRBNlYGSu-M7TLmHgd0PXnmP0bROYyJeaTRT-pRvk4IJfQ==

GET
H/1.1 200
OK logo-freedom-2020-sub.png
d3bjnmbj12697.cloudfront.net/pb/p/pbv/2001/img/ 44 KB
44 KB 456ms
433ms Image
image/png 2600:9000:20eb:c400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/p/pbv/2001/img/logo-freedom-2020-sub.png
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 567176b9d89cd2a10e86e8b3f0bd7ca234432f713a7d5564d87753c7e2bafa4e

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 22:39:28 GMT
Via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
Last-Modified: Wed, 18 Dec 2019 15:53:25 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
ETag: "66729f2998537ecdccf5e61f64626fe0"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44924
X-Amz-Cf-Id: An4EPO7S1WzOWekWj33Uj_k-ty8Utahaqn6_OhOG-YV1b9kU3YS32g==

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 9913ms
43ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:37 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1606948777.dop135.fr8.t,1606948777.cds276.fr8.hn,1606948777.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 40ms
28ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.freedom2020withbigt.com
Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 36798
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6458
cf-request-id: 06c7355e200000c303a8010000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pHav9rTVUDjn%2BFShfwGtPST3XQW%2FOGVQNtIlEs2f9bh4vD2eesOYnj1UGgoWwnkhKxxsU3aHxo0Blw5s%2FRvErpce9gp7ls5vwP9R52%2BQ%2B5a8cuBPNZlCljmc7Q2Of3Y9GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fb88b435c1cc303-FRA
expires: Mon, 22 Nov 2021 22:39:27 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
14 KB 10053ms
10ms Script
text/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.freedom2020withbigt.com
Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:53 GMT
etag: "1544639633"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 14038

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5102072647001/0zLsWuD5UW_default/ 676 KB
184 KB 178ms
76ms Script
application/javascript 2.18.234.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.122 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-122.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9e3ff5b86971ef697048b5a1dd045cf88e989ea044d02814602abe05751255fd

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tS1XXM9tSB7sOHnMmwTQj_rTgXSYPyDB
Content-Encoding: gzip
ETag: "6a807016bf964c4195d058dca857670b"
x-amz-request-id: A679A8E9B9D8AE16
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 188142
x-amz-id-2: dZFLc6et2QjASBcjYj+G1jjhE6F6CzPqtRvaYvg7XnLw7UZgOJ4tPAnuVHdRxokarZujsZVhUWI=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra19147-FRA
Last-Modified: Thu, 05 Nov 2020 18:06:16 GMT
Server: AmazonS3
X-Timer: S1604626149.385578,VS0,VE379
Date: Wed, 02 Dec 2020 22:39:27 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=124
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK jquery.mask.min.js Show response
d3bjnmbj12697.cloudfront.net/_/js/jquery-mask/ 8 KB
9 KB 418ms
396ms Script
application/javascript 2600:9000:20eb:c400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/jquery-mask/jquery.mask.min.js
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 22:39:28 GMT
Via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
Last-Modified: Tue, 14 Apr 2020 18:21:46 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
ETag: "cc290e6c3aeecf5021dd82ad8df2512a"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8327
X-Amz-Cf-Id: DpHqhYlXuyPwyo0D2pKfJnSfDoVqRjof9VAdlkwOzdbJa9_QfGaXkw==

GET
H/1.1 200
OK jquery.phone-validator-net.js Show response
d3bjnmbj12697.cloudfront.net/_/js/phone-validator/ 1 KB
2 KB 423ms
400ms Script
application/javascript 2600:9000:20eb:c400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/phone-validator/jquery.phone-validator-net.js
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcda706669a23404eceb173e4f5c82f4a54a2f9a99f3d4c2d40b3d4d4b3d8cd5

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 22:39:28 GMT
Via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
Last-Modified: Thu, 19 Mar 2020 12:36:37 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
ETag: "33f5f5c60db7a8b4cbe9a5d7edd1c19a"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1112
X-Amz-Cf-Id: tUExXKLyucShLYP62OKK2YfmHeytFRu-lSKTicu2aaUeK6cYPTIPzA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
33 KB 33ms
31ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQ8F7QN

Requested by

Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

319834f67dce994cd0fd5609c8c33532dc504c6755f601198c0c97dd623bec8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34054
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Dec 2020 22:39:27 GMT

GET
H2 200 tvfvkg67o.js Show response
cdn.krxd.net/controltag/ 14 KB
5 KB 229ms
133ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tvfvkg67o.js
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e1b8915c089d550cc8e5db4b3e80f4bd0fedaa1bce955ced6e50d56cba8d0a64

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 02 Dec 2020 22:39:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 181
x-cache: MISS, HIT, MISS
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4587
x-served-by: config-service-a001-ash-prod.krxd.net, cache-bwi5145-BWI, cache-hhn4052-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1606948767.360317,VS0,VE87
etag: "58e7e6bb9d164cab37b90e8cb9b8688c74dedc7a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 0

GET
H2 200 0614aa18797bad3ba02db9cf03a2cbb0.js Show response
cdn.pushcrew.com/js/ 242 KB
70 KB 133ms
116ms Script
application/javascript 2606:4700:10::6814:3777
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushcrew.com/js/0614aa18797bad3ba02db9cf03a2cbb0.js
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:3777 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98fb8b0ce0fcdcf2020d31744f1ae8bead8ff1a4773044042ad5b9b6569ad5ee

Request headers

Origin: https://www.freedom2020withbigt.com
Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 21 Oct 2020 17:59:21 GMT
server: cloudflare
via: 1.1 google
etag: W/"5f9076f9-3c669"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=43200
cf-ray: 5fb88b4359e40621-FRA
cf-request-id: 06c7355e1d00000621b8bb9000000001
expires: Wed, 02 Dec 2020 23:09:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ8F7QN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3006
date: Wed, 02 Dec 2020 21:49:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 02 Dec 2020 23:49:21 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 6 KB
3 KB 133ms
46ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=502170&u=https%3A%2F%2Fwww.freedom2020withbigt.com%2F%3Fview%3Dcl&f=1&r=0.2940418398746494
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 05c43a4b5bb90f3a58bcac381dacd7dc6cd29f21f762359cb6f7f21317d453d6

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 22:39:27 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/stansberry/legacy/scripts/ 131 KB
35 KB 134ms
43ms Script
application/javascript 151.101.128.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/stansberry/legacy/scripts/evergage.min.js
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7364ffaea59c4b36a45796370f5e049d3f57f6055e87a44d8e8048505171080

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: mT3xe4Rhrl1y_kCGHIje1G804oKxKDSS
content-encoding: gzip
etag: "7254117043d2813a557af096a1944b55"
timing-allow-origin: *
age: 54
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
content-length: 35140
x-amz-id-2: JBmtS0poGGrdk2bhvbEALXAqPR2QtxcguwEwmSfAJjapn+pftZYdIPLkm0YPhTIYKZZhLNwF2I0=
x-served-by: cache-dca17738-DCA, cache-hhn4036-HHN
x-amz-meta-evergage-sum: 4f37c9fce0a07d282ca48c55644b59fc72c2a0dc
last-modified: Fri, 30 Oct 2020 17:56:29 GMT
server: AmazonS3
x-timer: S1606948767.414781,VS0,VE1
date: Wed, 02 Dec 2020 22:39:27 GMT
vary: Accept-Encoding
x-amz-request-id: 16EB4D47E706CC32
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=120
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 1, 1

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/ 53 KB
17 KB 35ms
19ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8868a9db3e4343059b6faa05e7e3631ed6588442c829adb300c444346897c94

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5fb88b43ce5c2c36-FRA
date: Wed, 02 Dec 2020 22:39:27 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6869
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=28LCGFIWjq5610%2F1g38vTTNKhjuz9dGe7KB3YE6JJ6%2FN3ivfkpWgdr41IduECqbLdph%2FS3hxS5snpXWSWRH4Rpfnw0aT1DpA%2BvhFk6FctbwpwyK39ia9tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: br
cf-request-id: 06c7355e5e00002c363030c000000001

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v5/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,400i,700,700i|Barlow+Condensed:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34a462a0c5b5002de8a5656cf4148f0abf497216ba2810dc6d2c55a0abc65a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.freedom2020withbigt.com
Referer: https://fonts.googleapis.com/css?family=Barlow:400,400i,700,700i|Barlow+Condensed:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 09:06:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:21 GMT
server: sffe
age: 567169
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14128
x-xss-protection: 0
expires: Fri, 26 Nov 2021 09:06:38 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5ynghnQ.woff2
fonts.gstatic.com/s/barlow/v5/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5ynghnQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,400i,700,700i|Barlow+Condensed:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15b7ba238dc0b8e0c6ea63409a42d8b6fa68475cbc3a8d80388d6bae7beb833d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.freedom2020withbigt.com
Referer: https://fonts.googleapis.com/css?family=Barlow:400,400i,700,700i|Barlow+Condensed:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 02:40:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:51 GMT
server: sffe
age: 590365
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
expires: Fri, 26 Nov 2021 02:40:02 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
75 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1304469679&t=pageview&_s=1&dl=https%3A%2F%2Fwww.freedom2020withbigt.com%2F%3Fview%3Dcl&ul=en-us&de=UTF-8&dt=Freedom%202020%20%C2%B7%20Palm%20Beach%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1882603634&gjid=480960322&cid=340565674.1606948767&tid=UA-87443958-7&_gid=242747879.1606948767&_r=1&gtm=2wgb41PQ8F7QN&z=1266146278

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 22:39:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.freedom2020withbigt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 tag-6a58e4fc9a95600b1b2a4348baf7fb0e.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 150 KB
43 KB 88ms
47ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-6a58e4fc9a95600b1b2a4348baf7fb0e.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=502170&u=https%3A%2F%2Fwww.freedom2020withbigt.com%2F%3Fview%3Dcl&f=1&r=0.2940418398746494
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 4c30bd57a5c479b6aaf206b6cae1edf64d6a01ebce2a4dc80cecee1c8d22880f

Request headers

Origin: https://www.freedom2020withbigt.com
Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
content-encoding: br
last-modified: Mon, 23 Nov 2020 10:45:05 GMT
server: gfra1
etag: "5fbb92b1-aa61"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43617
via: 1.1 google

GET
H3-Q050 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
301 B 181ms
137ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=502170&d=freedom2020withbigt.com&u=D28C4171EA9BA2145730009EA1236D089&h=b5375ef38cbf194db588eaea4138671a&t=false&r=0.8044403570617407

Requested by

Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 22:39:27 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
544 B 120ms
119ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?gtm.start=1606948767238&event=gtm.js&gtm.uniqueEventId=1&_ts=1606948767450&_nmob=t&_device=desktop&url=www.freedom2020withbigt.com%2F%3Fview%3Dcl&_v=3.0.12&_uid=u_879630546123090700&_getid=t
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
cf-request-id: 06c7355ee100002c360006b000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=becCQrATIc6YFT3HVrcm1dmfI59k8dRxGdPjknPfAqpn1WkjVKXRjLJOMgvPo%2FmGCm5h27e8dfiDr%2FlpEGc35dsMCxnxCepBLVJkZlIRNCHOzCas4UWQ8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 5fb88b449fe22c36-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H/1.1 200
OK bg-texture-dark.png
d3bjnmbj12697.cloudfront.net/pb/p/pbv/2001/img/ 43 KB
43 KB 18ms
17ms Image
image/png 2600:9000:20eb:c400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/p/pbv/2001/img/bg-texture-dark.png?v=4
Requested by: Host: d3bjnmbj12697.cloudfront.net
URL: https://d3bjnmbj12697.cloudfront.net/pb/p/pbv/2001/css/d/custom.css?v=16
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c74b60e981fe17b69676c44b71a5c5b50d8954496a615397fa25aa3151fc677

Request headers

Referer: https://d3bjnmbj12697.cloudfront.net/pb/p/pbv/2001/css/d/custom.css?v=16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 17:45:42 GMT
Via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
Last-Modified: Mon, 16 Dec 2019 16:39:11 GMT
Server: AmazonS3
Age: 17626
ETag: "4c0177286f7bde92533c5af056bfc69e"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 44041
X-Amz-Cf-Id: yQOPgiIJ_nbvVbxj1nM3oq3OR8bu2SyBmH-pt0RUD-U1X2klvdq3Nw==

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 46ms
46ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tvfvkg67o.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 02 Dec 2020 22:39:27 GMT
content-encoding: gzip
age: 4198374
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 4748104
content-length: 84451
x-served-by: cache-hhn4052-HHN
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1606948768.540498,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H2 200 u_879630546123090700 Show response
c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/ 73 B
428 B 120ms
119ms Script
application/json 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/u_879630546123090700?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22u_879630546123090700%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A1%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.freedom2020withbigt.com%2F%3Fview%3Dcl%22%2C%22_v%22%3A%223.0.12%22%7D&ts=1606948767547&callback=u_845312980513384100
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a545baf713390386dcdad2a38f1631b2b67519c547f716976e717659d1c0dfce

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5fb88b4528ee2c36-FRA
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fzE0M6vemQWCgAN5morssVsQNsjNbYKmgQOxEtVxGqj4EXZq6TPXmad8Lo6qJWjk2SPDqry72aHHzyIUWZV1oD6Q2Nc0Zf%2ByzzcxBiC06svzr6SzpSXzHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
cf-request-id: 06c7355f3e00002c3639af7000000001

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
322 B 143ms
143ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?_sesstart=1&_tz=1&_ul=en-US&_sz=1600x1200&_ts=1606948767544&_nmob=t&_device=desktop&url=www.freedom2020withbigt.com%2F%3Fview%3Dcl&_uid=u_879630546123090700&_v=3.0.12
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
cf-request-id: 06c7355f3e00002c36088f7000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mvv76o%2BwkpW3zZtJgtYN%2BLtysTFNs3NX2bWlU1S5gghK4uEuoLakWQ9xOpPNv10%2BHnyadfMCdSo9gh%2B0cOwrwONgC03w0FLrZpHT9NNQpIKsnqColV71YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 5fb88b4528f12c36-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H3-Q050 200 tag-5a35091d2b728c7c9f01053d04f14164.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 88 KB
23 KB 40ms
40ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-5a35091d2b728c7c9f01053d04f14164.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-6a58e4fc9a95600b1b2a4348baf7fb0e.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: c6f04c2919eeee89a50165f3134d092f3e1d660dc17e8ed8ca71d1684a5ae06b

Request headers

Origin: https://www.freedom2020withbigt.com
Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
content-encoding: br
last-modified: Mon, 23 Nov 2020 10:45:05 GMT
server: gfra1
etag: "5fbb92b1-59e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23016
via: 1.1 google

GET
H3-Q050 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 46ms
46ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=502170&settings_type=1&vn=7.0&r=0.18757046299920188&exc=1|5|32
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-6a58e4fc9a95600b1b2a4348baf7fb0e.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 1c9d82574e03d73962d44ed5a5749ac420d6adae32ae1b7edec565905124e10c

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 9082 0
0 47ms
47ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.freedom2020withbigt.com/?view=cl
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.freedom2020withbigt.com/?view=cl

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 02 Dec 2020 22:39:27 GMT
via: 1.1 varnish
age: 6047279
x-served-by: cache-hhn4052-HHN
x-cache: HIT
x-cache-hits: 1147238
x-timer: S1606948768.661223,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H3-Q050 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 42ms
42ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-6a58e4fc9a95600b1b2a4348baf7fb0e.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
content-encoding: br
last-modified: Mon, 16 Mar 2020 04:40:32 GMT
server: gfra1
etag: "5e6f0340-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 ef1a1af7-446f-48b4-b9e5-47447737eb4d Show response
consumer.krxd.net/consent/get/ 242 B
432 B 158ms
71ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/ef1a1af7-446f-48b4-b9e5-47447737eb4d?idt=device&dt=kxcookie&callback=Krux.ns.legacyresearch.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fa8118ce536d4be0c6a4a8db0231cef32d937ddba62b505e0c8143f8c5cf6285

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a004-dub-prod.krxd.net, cache-hhn4041-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1606948768.792649,VS0,VE29
content-length: 193
x-cache-hits: 0, 0

GET
H2 200 ef1a1af7-446f-48b4-b9e5-47447737eb4d Show response
consumer.krxd.net/consent/set/ 307 B
322 B 166ms
90ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/set/ef1a1af7-446f-48b4-b9e5-47447737eb4d?idt=device&dt=kxcookie&dc=1&al=1&tg=1&cd=1&sh=1&re=1&callback=Krux.ns.legacyresearch.kxjsonp_consent_set_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d524578b640964bc707742fdac22fa4eca609350ed01ed749a5f939268ba8e78

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:27 GMT
via: 1.1 varnish
x-timer: S1606948768.792629,VS0,VE29
x-served-by: consumer-a004-dub-prod.krxd.net, cache-hhn4041-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=10
x-age: 0
accept-ranges: bytes
content-encoding: gzip
content-length: 247
x-cache-hits: 0, 0

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 100 KB
21 KB 16ms
16ms Script
text/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d168ba515a51b5718ba8f51cc423e6458094e282e9426f9cbc03ed09166bd09a

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5fb88b4918652c36-FRA
date: Wed, 02 Dec 2020 22:39:28 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 12 Jun 2020 19:10:40 GMT
server: cloudflare
age: 2811
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I6gDoRM%2FUTDrMe1ROsRrrHSj9aXihrWDitK4aCi18URHuhOjXVCWaEbaXmkp62eyZTcsGxMXhg2%2Fbh46YFghQvECN1dF8QJmFPl0kyPqR7AnHJyKTVuKcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 06c73561b200002c36e5ab6000000001

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 13ms
13ms Stylesheet
text/css 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5fb88b4948a22c36-FRA
date: Wed, 02 Dec 2020 22:39:28 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 12 Jun 2020 19:10:39 GMT
server: cloudflare
age: 2808
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HFoeT5rXHQqmkjhmhszcl1qzrgAIMmgO21upZ9LiyL5QhJJGego%2Bxt0cZfzSPJeJU2n9VJOljTKlWqflOQoMIALP5%2FXDowyOlzFwGfTCtYOIC7cLZm54Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 06c73561c900002c36f1af1000000001

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/6754fc8577b0e933befa552acea53d64/ 327 B
493 B 19ms
19ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/program/campaign/config/6754fc8577b0e933befa552acea53d64/config.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fef35b1f14669ad5718c333cbe4be9f040773845ad2695a0e3c9f799431be02

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5fb88b4948b32c36-FRA
date: Wed, 02 Dec 2020 22:39:28 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1452
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ybbpusj8DLHHmnbXffP6rZ1me5WIVyB%2FCxyryMnn4vcOxQxBfjdVWm0sVYVbIzvM%2FeqMcDo4JrzckA0JyI4n6t7WKXvsJnK0pNO5NOuiAAOYVlzCMIzIAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: br
cf-request-id: 06c73561cf00002c36502a5000000001

GET
H2 200 optout_check Show response
beacon.krxd.net/ 87 B
246 B 66ms
65ms Script
text/javascript 63.33.242.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.legacyresearch.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.242.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-242-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9667ea045b0e5c8e00f9d9d6af0714f38d8c301c176a899cf40a6f96789777c8

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:30 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=27 t=1606948770
x-served-by: beacon-n005-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 351 B
527 B 144ms
143ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=ef1a1af7-446f-48b4-b9e5-47447737eb4d&technographics=1&callback=Krux.ns.legacyresearch.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 142dda696e96493bfc934417f88f64e43d74a4d0534be524d6ac862a721420bc

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Wed, 02 Dec 2020 22:39:30 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a013-ash-prod.krxd.net, cache-hhn4052-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1606948771.656659,VS0,VE98
content-length: 272
x-cache-hits: 0, 0

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 66ms
66ms Image
text/plain 63.33.242.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=tvfvkg67o&_kpid=ef1a1af7-446f-48b4-b9e5-47447737eb4d&_kcp_s=palmbeachgroup.com&_kcp_d=www.freedom2020withbigt.com&_knifr=2&_kua_kx_tz=-60&geo_country=pl&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2083&_kua_kx_tech_manufacturer=Apple%20Inc.&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Mac%20OS%20X&_kua_kx_geo_country=pl&_kpa_domain=www.freedom2020withbigt.com&t_navigation_type=0&t_dns=13&t_tcp=17&t_http_request=-1&t_http_response=1&t_content_ready=0&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=vss4ktj47&userdata_user=NzOgkdqp%2Cvss4ktj47&sview=1&kplt0=39669&kplt1=39682&kplt2=40029&kplt3=45762&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Fef1a1af7-446f-48b4-b9e5-47447737eb4d%2C211%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fset%2Fef1a1af7-446f-48b4-b9e5-47447737eb4d%2C201%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C68%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C145
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.242.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-242-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:30 GMT
cache-control: private, no-cache, no-store
x-request-time: D=60 t=1606948770
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 legacy Show response
stansberry.us-1.evergage.com/api2/event/ 69 B
632 B 412ms
138ms XHR
application/json 52.200.142.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://stansberry.us-1.evergage.com/api2/event/legacy?event=eyJhY3Rpb24iOiJmcmVlZG9tMjAyMHdpdGhiaWd0IEhvbWVwYWdlIiwiaXRlbUFjdGlvbiI6bnVsbCwic291cmNlIjp7InBhZ2VUeXBlIjoiZnJlZWRvbTIwMjB3aXRoYmlndF9ob21lIiwiY29udGVudFpvbmVzIjpbImhvbWVfcG9wdXAiXSwidXJsIjoiaHR0cHM6Ly93d3cuZnJlZWRvbTIwMjB3aXRoYmlndC5jb20vP3ZpZXc9Y2wiLCJ1cmxSZWZlcnJlciI6IiIsImNoYW5uZWwiOiJXZWIiLCJjb25maWdWZXJzaW9uIjoiMjE5IiwiYmVhY29uVmVyc2lvbiI6MTZ9LCJmbGFncyI6eyJwYWdlVmlldyI6dHJ1ZX0sInVzZXIiOnsiYW5vbklkIjoiYWZhNWU5ZjBhOTQ0YTAzNyJ9LCJwZXJmb3JtYW5jZSI6e30sImRlYnVnIjp7ImV4cGxhbmF0aW9ucyI6dHJ1ZX0sImNhdGFsb2ciOnt9LCJhY2NvdW50Ijp7fSwiX3Rvb2xzRXZlbnRMaW5rSWQiOiI5ODE0MzkzODI2NjAzMzQ1In0%3D
Requested by: Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/stansberry/legacy/scripts/evergage.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.142.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-142-81.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 1706a72de490c7d0c5de4d63da9d6cf5cecaf2e7185c02c41ca7d5437ee515b8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.freedom2020withbigt.com/?view=cl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:39:37 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.freedom2020withbigt.com
access-control-allow-credentials: true
timing-allow-origin: *

GET
BLOB 200
OK e59d64fb-7a4b-4109-b3df-dbbc1fc67b89
https://www.freedom2020withbigt.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.freedom2020withbigt.com/e59d64fb-7a4b-4109-b3df-dbbc1fc67b89
Requested by: Host: www.freedom2020withbigt.com
URL: https://www.freedom2020withbigt.com/?view=cl
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.krxd.net/	1970-01-19 18:41:40	Name: _kuid_ Value: NzOgnhAm

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.krxd.net
c.lytics.io
cdn.evgnet.com
cdn.krxd.net
cdn.pushcrew.com
cdnjs.cloudflare.com
code.jquery.com
consumer.krxd.net
d3bjnmbj12697.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
players.brightcove.net
stackpath.bootstrapcdn.com
stansberry.us-1.evergage.com
use.fontawesome.com
www.freedom2020withbigt.com
www.google-analytics.com
www.googletagmanager.com
151.101.114.133
151.101.128.114
2.18.234.122
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3b
23.111.9.35
2600:9000:20eb:c400:f:75e2:4ac0:21
2606:4700:10::6814:3777
2606:4700:20::681a:316
2606:4700:3037::ac43:d9ea
2606:4700::6810:125e
2a00:1450:4001:803::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:818::2008
2a00:1450:4001:819::2003
34.96.102.137
52.200.142.81
63.33.242.232
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
05c43a4b5bb90f3a58bcac381dacd7dc6cd29f21f762359cb6f7f21317d453d6
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0fef35b1f14669ad5718c333cbe4be9f040773845ad2695a0e3c9f799431be02
142dda696e96493bfc934417f88f64e43d74a4d0534be524d6ac862a721420bc
15b7ba238dc0b8e0c6ea63409a42d8b6fa68475cbc3a8d80388d6bae7beb833d
1706a72de490c7d0c5de4d63da9d6cf5cecaf2e7185c02c41ca7d5437ee515b8
1c9d82574e03d73962d44ed5a5749ac420d6adae32ae1b7edec565905124e10c
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
319834f67dce994cd0fd5609c8c33532dc504c6755f601198c0c97dd623bec8a
34a462a0c5b5002de8a5656cf4148f0abf497216ba2810dc6d2c55a0abc65a12
45be6b4ed97736d1e1590e0197b6b2f18b099c2c273bda7a2af526d210724ec4
4c30bd57a5c479b6aaf206b6cae1edf64d6a01ebce2a4dc80cecee1c8d22880f
567176b9d89cd2a10e86e8b3f0bd7ca234432f713a7d5564d87753c7e2bafa4e
58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7e5d141b2974df105aff35c65d00d324690aec43ba00104c3178d8c47d071329
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8364a234c898492d0b258cc6f6b2c47a1df08f217edc6f74244660e8ddc5d6aa
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8c74b60e981fe17b69676c44b71a5c5b50d8954496a615397fa25aa3151fc677
9667ea045b0e5c8e00f9d9d6af0714f38d8c301c176a899cf40a6f96789777c8
98fb8b0ce0fcdcf2020d31744f1ae8bead8ff1a4773044042ad5b9b6569ad5ee
9e3ff5b86971ef697048b5a1dd045cf88e989ea044d02814602abe05751255fd
a545baf713390386dcdad2a38f1631b2b67519c547f716976e717659d1c0dfce
b16a6001ebd3994e238fdea6ac97c2e86c0025d2e7b8f1b607b6c93645f8e20e
b7364ffaea59c4b36a45796370f5e049d3f57f6055e87a44d8e8048505171080
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
c6f04c2919eeee89a50165f3134d092f3e1d660dc17e8ed8ca71d1684a5ae06b
c8868a9db3e4343059b6faa05e7e3631ed6588442c829adb300c444346897c94
d168ba515a51b5718ba8f51cc423e6458094e282e9426f9cbc03ed09166bd09a
d524578b640964bc707742fdac22fa4eca609350ed01ed749a5f939268ba8e78
dcda706669a23404eceb173e4f5c82f4a54a2f9a99f3d4c2d40b3d4d4b3d8cd5
e192bb03d076277c39b69a89c8a52c574c9825bbf333a4d8db60078500e712b2
e1b8915c089d550cc8e5db4b3e80f4bd0fedaa1bce955ced6e50d56cba8d0a64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
fa8118ce536d4be0c6a4a8db0231cef32d937ddba62b505e0c8143f8c5cf6285

www.freedom2020withbigt.com Open in urlscan Pro 2606:4700:3037::ac43:d9ea Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

61 %IPv6

17 Domains

19 Subdomains

19 IPs

5 Countries

968 kBTransfer

2494 kBSize

1 Cookies

1 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.freedom2020withbigt.com Open in urlscan Pro
2606:4700:3037::ac43:d9ea Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

61 %
IPv6

17
Domains

19
Subdomains

19
IPs

5
Countries

968 kB
Transfer

2494 kB
Size

1
Cookies

44 HTTP transactions
0 data transactions