urlscan.io logo urlscan.io
SecurityTrails logo

enhanced-relief.com Open in urlscan Pro
2600:9000:20c9:6600:b:92fc:e480:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.refiquotedirect.com/?xtl=3v3lg4p55vj9zymksho256idzs8m0st7r9h9691gllj3rtn1gtwevhr3e671bs9611hkquwd9ycqwjorzzp17lyaqz0...
Effective URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_nam...
Submission: On October 29 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 7 countries across 31 domains to perform 94 HTTP transactions. The main IP is 2600:9000:20c9:6600:b:92fc:e480:93a1, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is enhanced-relief.com.
TLS certificate: Issued by Amazon on June 11th 2019. Valid for: a year.
This is the only time enhanced-relief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.193.21.59 14618 (AMAZON-AES)
2 2 52.53.67.177 16509 (AMAZON-02)
19 2600:9000:20c... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 159.122.87.153 36351 (SOFTLAYER)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.186.194.58 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.130 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2.18.234.190 16625 (AKAMAI-AS)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 151.101.114.2 54113 (FASTLY)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 143.204.101.106 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 70.42.32.127 22075 (AS-OUTBRAIN)
2 6 2a00:1450:400... 15169 (GOOGLE)
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 74.119.119.150 19750 (AS-CRITEO)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 35.160.202.255 16509 (AMAZON-02)
7 169.48.197.124 36351 (SOFTLAYER)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 23.23.73.124 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
6 34.236.206.109 14618 (AMAZON-AES)
1 151.101.14.110 54113 (FASTLY)
1 162.247.242.20 23467 (NEWRELIC-...)
1 52.222.168.61 16509 (AMAZON-02)
94 33
1    34.193.21.59 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-193-21-59.compute-1.amazonaws.com
t.refiquotedirect.com
2    52.53.67.177 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-53-67-177.us-west-1.compute.amazonaws.com
trkme1.com
suited45trk.com
19    2600:9000:20c9:6600:b:92fc:e480:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
enhanced-relief.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
6    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
maps.googleapis.com
5    159.122.87.153 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com
1    2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE - Google LLC, US)
fullstory.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2606:4700:10::6814:4b82 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
create.lidstatic.com
1    2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
3    151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com
tr.outbrain.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
1    143.204.101.106 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-106.fra50.r.cloudfront.net
api.pushnami.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
7    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
7    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: ny.outbrain.com
amplifypixel.outbrain.com
6    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO - Criteo Corp., US)
widget.us.criteo.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    35.160.202.255 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-160-202-255.us-west-2.compute.amazonaws.com
external.printfinger.tech
7    169.48.197.124 (Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 7c.c5.30a9.ip4.static.sl-reverse.com
api.trustedform.com
1    2606:4700:30::681c:19e6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
api.zippopotam.us
1    23.23.73.124 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-23-73-124.compute-1.amazonaws.com
api.ipify.org
2    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
maps.gstatic.com
6    34.236.206.109 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-236-206-109.compute-1.amazonaws.com
create.leadid.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
1    52.222.168.61 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-168-61.fra54.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
Apex Domain
Subdomains		 Transfer
19 enhanced-relief.com
enhanced-relief.com
246 KB
8 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
maps.googleapis.com
221 KB
7 trustedform.com
api.trustedform.com
24 KB
7 google.de
www.google.de
815 B
7 google.com
www.google.com
2 KB
7 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
7 KB
6 leadid.com
create.leadid.com
5 KB
5 outbrain.com
amplify.outbrain.com
tr.outbrain.com
amplifypixel.outbrain.com
4 KB
5 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com
116 KB
4 gstatic.com
fonts.gstatic.com
maps.gstatic.com
25 KB
3 criteo.com
sslwidget.criteo.com
widget.us.criteo.com
1 KB
3 bing.com
bat.bing.com
8 KB
2 printfinger.tech
external.printfinger.tech
20 KB
2 facebook.com
www.facebook.com
505 B
2 facebook.net
connect.facebook.net
88 KB
2 google-analytics.com
www.google-analytics.com
18 KB
2 fullstory.com
fullstory.com
rs.fullstory.com
68 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1 nr-data.net
bam.nr-data.net
261 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 ipify.org
api.ipify.org
258 B
1 zippopotam.us
api.zippopotam.us
462 B
1 pushnami.com
api.pushnami.com
8 KB
1 taboola.com
cdn.taboola.com
14 KB
1 lidstatic.com
create.lidstatic.com
39 KB
1 criteo.net
static.criteo.net
10 KB
1 googleadservices.com
www.googleadservices.com
10 KB
1 googletagmanager.com
www.googletagmanager.com
42 KB
1 suited45trk.com
suited45trk.com
960 B
1 trkme1.com
trkme1.com
494 B
1 refiquotedirect.com
t.refiquotedirect.com
632 B
94 31
Domain Requested by
19 enhanced-relief.com enhanced-relief.com
create.lidstatic.com
7 api.trustedform.com enhanced-relief.com
api.trustedform.com
7 www.google.de enhanced-relief.com
7 www.google.com 3 redirects enhanced-relief.com
6 create.leadid.com enhanced-relief.com
6 googleads.g.doubleclick.net 2 redirects www.googleadservices.com
6 maps.googleapis.com enhanced-relief.com
maps.googleapis.com
5 dev.visualwebsiteoptimizer.com enhanced-relief.com
dev.visualwebsiteoptimizer.com
3 bat.bing.com enhanced-relief.com
2 maps.gstatic.com enhanced-relief.com
2 external.printfinger.tech enhanced-relief.com
2 www.facebook.com enhanced-relief.com
2 widget.us.criteo.com enhanced-relief.com
static.criteo.net
2 amplifypixel.outbrain.com enhanced-relief.com
2 tr.outbrain.com enhanced-relief.com
2 connect.facebook.net enhanced-relief.com
connect.facebook.net
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 fonts.gstatic.com enhanced-relief.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com enhanced-relief.com
1 api.ipify.org enhanced-relief.com
1 api.zippopotam.us enhanced-relief.com
1 sslwidget.criteo.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 api.pushnami.com www.googletagmanager.com
1 cdn.taboola.com enhanced-relief.com
1 amplify.outbrain.com enhanced-relief.com
1 create.lidstatic.com enhanced-relief.com
1 static.criteo.net www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 rs.fullstory.com enhanced-relief.com
1 www.googletagmanager.com enhanced-relief.com
1 fullstory.com enhanced-relief.com
1 fonts.googleapis.com enhanced-relief.com
1 ajax.googleapis.com enhanced-relief.com
1 suited45trk.com 1 redirects
1 trkme1.com 1 redirects
1 t.refiquotedirect.com 1 redirects
94 39

This site contains links to these domains. Also see Links.

Domain
www.benefits.va.gov
benefits.va.gov
www.blogs.va.gov
Subject Issuer Validity Valid
enhanced-relief.com
Amazon		 2019-06-11 -
2020-07-11		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2017-06-30 -
2020-07-06		 3 years crt.sh
*.fullstory.com
COMODO RSA Domain Validation Secure Server CA		 2017-12-27 -
2021-03-26		 3 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-03-26 -
2020-03-30		 a year crt.sh
lidstatic.com
CloudFlare Inc ECC CA-2		 2019-07-02 -
2020-07-01		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2018-12-14 -
2020-03-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-30 -
2020-07-25		 a year crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.pushnami.com
Amazon		 2019-06-14 -
2020-07-14		 a year crt.sh
www.google.de
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.us.criteo.com
DigiCert ECC Secure Server CA		 2019-06-12 -
2020-06-16		 a year crt.sh
www.google.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.printfinger.tech
Amazon		 2019-08-27 -
2020-09-27		 a year crt.sh
*.trustedform.com
Go Daddy Secure Certificate Authority - G2		 2019-01-04 -
2020-03-05		 a year crt.sh
sni116369.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-01 -
2020-03-09		 6 months crt.sh
*.ipify.org
COMODO RSA Domain Validation Secure Server CA		 2018-01-24 -
2021-01-23		 3 years crt.sh
create.leadid.com
Amazon		 2019-01-16 -
2020-02-16		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh

This page contains 3 frames:

Primary Page: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Frame ID: D8102480F5004928F8B3CE70BA88274C
Requests: 92 HTTP requests in this frame

Frame: https://widget.us.criteo.com/dis/dis.aspx?p=50033&cb=355731179&ref=&sc_r=1600x1200&sc_d=24
Frame ID: 096CBA49497CFD7AA1329CC8217466A2
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=46873442-95E5-8FCA-68BD-A2C9AF13E80D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6&lac=2B26B722-D668-EC71-D186-45FE6EC4DDE1
Frame ID: 9A3D115C2E0087DC2A28F241CF2515F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.refiquotedirect.com/?xtl=3v3lg4p55vj9zymksho256idzs8m0st7r9h9691gllj3rtn1gtwevhr3e671bs9611hkquw... HTTP 302
    http://trkme1.com/?lnwk=%2fu%2fSuApmAMLeCHT2B0ihcIGv1HWZG%2fpN&s1=SES_RD29P&zipcode=23303&firs... HTTP 302
    https://suited45trk.com/?lnwk=%2fu%2fSuApmAMLeCHT2B0ihcIGv1HWZG%2fpN&s1=SES_RD29P&zipcode=23303&firs... HTTP 302
    https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:Start|End) Visual Website Optimizer A?Synchronous Code -->/i
  • script /dev\.visualwebsiteoptimizer\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

94
Requests

100 %
HTTPS

49 %
IPv6

31
Domains

39
Subdomains

33
IPs

7
Countries

981 kB
Transfer

3057 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.refiquotedirect.com/?xtl=3v3lg4p55vj9zymksho256idzs8m0st7r9h9691gllj3rtn1gtwevhr3e671bs9611hkquwd9ycqwjorzzp17lyaqz0axb5cu41clp87v53yfzp7x62t07pasvc1xqxys8p0n8lj7p8glgog6a2jakkgqcjexqz3s5zsy3hz1n6kzr86sd0wcuohrwt92yrj3s9gdp1by0j689wq87muyaq0nlo3w3yidpntq7z8jpmnj8nsrmf0jl8hushnw3kely5s4aai18fro975gu6kjd6974kan2sxkfn7r25vp971lqu0dibzfep1w55yirpxyeeqd9v1a6f97h864bx9jtytyg4wa9nuswmvzt5b4kjowb72p7vv7vyzm7aspauld0spbfco5yn0iztmwqn06rvhzo5zm0ichrzxue38o63as7hlz7cb3hzkqyck84q74vatdsat6e391tohglu927cq4drbzs9fmf8ht464ouwc4hw1v3hujl70jyxiwuzd4f5a5s2k2xs8pk&eih=tpm1p93mol5g49nasi0lnp5y75qdwhygk1d71tno2h381rx11c9p&Zip_Code=23303&first_name=&last_name=&address=&City=Atlantic&State=VA&email=sheila.coulbourne@bankatunion.com&prepop_phone=%20URL%20Domain:%20t.refiquotedirect.com HTTP 302
    http://trkme1.com/?lnwk=%2fu%2fSuApmAMLeCHT2B0ihcIGv1HWZG%2fpN&s1=SES_RD29P&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne@bankatunion.com&phone_primary=%20URL%20Domain:%20t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER HTTP 302
    https://suited45trk.com/?lnwk=%2fu%2fSuApmAMLeCHT2B0ihcIGv1HWZG%2fpN&s1=SES_RD29P&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne@bankatunion.com&phone_primary=%20URL%20Domain:%20t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER&ckmguid=095f4095-3aa6-408b-9e55-9eedee7ebb0d HTTP 302
    https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1085788901&t=pageview&_s=1&dl=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&ul=en-us&de=UTF-8&dt=Enhanced%20Relief&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1253721768&gjid=1847882695&cid=1721217135.1572365769&tid=UA-121317908-59&_gid=1421025861.1572365769&_r=1&gtm=2wgaa0P62KC9K&z=1807355675 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-121317908-59&cid=1721217135.1572365769&jid=1253721768&_gid=1421025861.1572365769&gjid=1847882695&_v=j79&z=1807355675 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-121317908-59&cid=1721217135.1572365769&jid=1253721768&_v=j79&z=1807355675 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-121317908-59&cid=1721217135.1572365769&jid=1253721768&_v=j79&z=1807355675&slf_rd=1&random=1592940334
Request Chain 39
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782166578/?random=1572365769434&cv=9&fst=1572365769434&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/782166578/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&is_vtc=1&random=3839964095&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/782166578/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&is_vtc=1&random=3839964095&resp=GooglemKTybQhCsO&ipr=y
Request Chain 40
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709015113/?random=1572365769434&cv=9&fst=1572365769434&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/709015113/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&is_vtc=1&random=3481304536&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/709015113/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&is_vtc=1&random=3481304536&resp=GooglemKTybQhCsO&ipr=y
Request Chain 42
  • https://sslwidget.criteo.com/event?a=50033&v=5.4.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&lwid=59271f9a-2534-44b3-8e7a-3128cc8d7d41&tld=enhanced-relief.com&dtycbr=10388 HTTP 302
  • https://widget.us.criteo.com/event?a=50033&v=5.4.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&lwid=59271f9a-2534-44b3-8e7a-3128cc8d7d41&tld=enhanced-relief.com&dtycbr=10388

94 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
enhanced-relief.com/
Redirect Chain
  • http://t.refiquotedirect.com/?xtl=3v3lg4p55vj9zymksho256idzs8m0st7r9h9691gllj3rtn1gtwevhr3e671bs9611hkquwd9ycqwjorzzp17lyaqz0axb5cu41clp87v53yfzp7x62t07pasvc1xqxys8p0n8lj7p8glgog6a2jakkgqcjexqz3s5z...
  • http://trkme1.com/?lnwk=%2fu%2fSuApmAMLeCHT2B0ihcIGv1HWZG%2fpN&s1=SES_RD29P&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne@bankatunion.com&phone_primar...
  • https://suited45trk.com/?lnwk=%2fu%2fSuApmAMLeCHT2B0ihcIGv1HWZG%2fpN&s1=SES_RD29P&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne@bankatunion.com&phone_...
  • https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion....
71 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80f74b44294731077547d7c226a9b10d8f0a603e1460f614a366d0e6c41edaf1

Request headers

:method
GET
:authority
enhanced-relief.com
:scheme
https
:path
/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status
200
content-type
text/html
last-modified
Thu, 17 Oct 2019 19:37:21 GMT
x-amz-meta-content-md5
cbca86bfa9348d1edd5ac255ab84c076
server
AmazonS3
content-encoding
gzip
date
Tue, 29 Oct 2019 16:16:09 GMT
cache-control
max-age=604810, no-cache
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
x-amz-cf-pop
PHX50-C2
x-amz-cf-id
SV0AdQrC2oEgaIWi6-8cBXIPrAk5hSmzdRfJ4HtoDKygjRKtWj4ynw==

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Date
Tue, 29 Oct 2019 16:16:06 GMT
Location
https://enhanced-relief.com?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
st=OajBj0q9+Jq82XL5Gq7G6IXrHhhYt3hzsCuPOt5IPjIcC7D2fFYjWA==; domain=.suited45trk.com; path=/; HttpOnly tib=zjfEtsbGhHlmzaasB5F4E4XrHhhYt3hzsCuPOt5IPjIcC7D2fFYjWA==; domain=.suited45trk.com; expires=Tue, 29-Oct-2024 09:16:07 GMT; path=/; HttpOnly c2405=OajBj0q9+JoeHI3Ob6xUX/x/sNELGHQwUztaXPlfx1v95xwgBsAO6w==; domain=.suited45trk.com; expires=Wed, 30-Oct-2019 16:16:07 GMT; path=/; HttpOnly
Content-Length
479
newrelic.js
enhanced-relief.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enhanced-relief.com/newrelic.js
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
277a32fa231e3e1caee408f61d1ea1e4ec4d723aae7fd31f7520b5b0d6a18425

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
last-modified
Sat, 24 Aug 2019 18:16:58 GMT
x-amz-meta-content-md5
5bb9cb2ee2e2071636eeea8724778dfb
x-amz-cf-pop
PHX50-C2
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604810, no-cache
x-amz-cf-id
skhToesuKEVnBVL8WybYAyC_e9-wwJJ74AK6hC_rmTZ06lJNNvshVQ==
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
server
AmazonS3
ck-check.js
enhanced-relief.com/js/ 		1 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://enhanced-relief.com/js/ck-check.js
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a25b19e0012c8615b187a14425ea7f5d9f8ce511eeb09dc142107070c229c33

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
last-modified
Sat, 24 Aug 2019 18:16:58 GMT
x-amz-meta-content-md5
23fedc1f8304dae50f3fc27da9191e27
x-amz-cf-pop
PHX50-C2
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604810, no-cache
x-amz-cf-id
OTJfgJMIYTHr4qSaJyLidHzBCUstGc_vGPTC47XfZ9cF1ljrBwkJGA==
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
server
AmazonS3
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 16:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1553652
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Fri, 24 Mar 2017 20:55:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Oct 2020 16:41:56 GMT
css
fonts.googleapis.com/ 		12 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla|Montserrat:300,400,500,600,700,800
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
803c135a854c7a453cbe68db711fa3d0da1a2e5f03309a2924e7961eb4e5d7fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 29 Oct 2019 16:16:08 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 29 Oct 2019 16:16:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 29 Oct 2019 16:16:08 GMT
combined.css
enhanced-relief.com/css/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://enhanced-relief.com/css/combined.css
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2407c05964550145fc2c0f85b3958a5914de292053e3de7012ff32748aa641ac

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 13:52:38 GMT
content-encoding
gzip
last-modified
Tue, 01 Oct 2019 19:36:39 GMT
x-amz-meta-content-md5
0a396a57110f84f1989ebee633b33682
x-amz-cf-pop
PHX50-C2
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
status
200
cache-control
max-age=604810, no-cache
x-amz-cf-id
Dq8tA9jgs1fx230siArg4gVMDpz6zGwwfREt-oDWKtImS6RdjGpqvw==
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
server
AmazonS3
gtm.js
enhanced-relief.com/js/ 		475 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://enhanced-relief.com/js/gtm.js
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dc595247a7dd1a88d451e52a9b6951c386c2e3dad3737fc5eae7aebf073a848

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sat, 26 Oct 2019 23:27:06 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Thu, 29 Aug 2019 19:36:23 GMT
x-amz-meta-content-md5
8c050377ed90404af6b0b04a73adbb58
x-amz-cf-pop
PHX50-C2
etag
"8c050377ed90404af6b0b04a73adbb58"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
475
x-amz-cf-id
nMAy7RNJ_2z3z0UiQXADE8WW2fo8PyRXe9IW8_FjrcONURGvGoFacA==
server
AmazonS3
logo.png
enhanced-relief.com/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/logo.png
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89e0cf4229c9ade26514c430c7593518b014d4acfb5cd7a911dabae8fce8714d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Sat, 24 Aug 2019 18:16:58 GMT
x-amz-meta-content-md5
3fd9e7feca1ffb3b21fe76bca3bb3a24
x-amz-cf-pop
PHX50-C2
etag
"3fd9e7feca1ffb3b21fe76bca3bb3a24"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
11266
x-amz-cf-id
_cOZFzSg9d4_Gqh5JpDrvMt0jbsnhPb0nM-hTQhx1oVVCrRkcy9udQ==
server
AmazonS3
global.png
enhanced-relief.com/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/global.png
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d20524001f4174d2798111037444406eab8925ead541555a9217cef09fd20c08

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Sat, 24 Aug 2019 18:16:58 GMT
x-amz-meta-content-md5
2655697120d6b39365b732e9addc41d2
x-amz-cf-pop
PHX50-C2
etag
"2655697120d6b39365b732e9addc41d2"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
8319
x-amz-cf-id
ECyUf7T6_Z21DYtq2hpqOJ4gUS7ynAYntcEkyxhJ4_Ox2KOsx7Zt6Q==
server
AmazonS3
loading-gif.gif
enhanced-relief.com/img/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/loading-gif.gif
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbee24cb8cf3f1cdc8bf2251c22ce5d1a696f17b7370d0003a1ca47c94d82291

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:10 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Sat, 24 Aug 2019 18:16:59 GMT
x-amz-meta-content-md5
34cf53375f840ece721fc985de40d881
x-amz-cf-pop
PHX50-C2
etag
"34cf53375f840ece721fc985de40d881"
x-cache
RefreshHit from cloudfront
content-type
image/gif
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
52250
x-amz-cf-id
FwwpHnz2YZBXlTGQBVZkkmQ-nlrvB_uhnWlGnGcefMGXFCRimD0xKQ==
server
AmazonS3
combined.js
enhanced-relief.com/js/ 		269 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enhanced-relief.com/js/combined.js
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60b72bd64a2150cb131f11bcc34a008bac03f7584e8656ae6fa7bdfaa7a79fbc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:10 GMT
content-encoding
gzip
last-modified
Thu, 24 Oct 2019 19:37:45 GMT
x-amz-meta-content-md5
fb1e1f6be105a553106011bf42043eef
x-amz-cf-pop
PHX50-C2
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604810, no-cache
x-amz-cf-id
eEzsNiLEW-nLOW50mh3WzI2FUOnqajrEKVGqwA7pAMSpTM0YEr3vVQ==
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
server
AmazonS3
js
maps.googleapis.com/maps/api/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?types=geocode&components=country:us&key=AIzaSyCQgYQDQA0UlURlWeO33dKf16ZpvG2ckak&libraries=places&callback=initAutocomplete
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
4350a00db97be0c63cd81ef3783e5a68eedfb69bfdd4048e744d99d3d143dbda
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=21
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38661
x-xss-protection
0
expires
Tue, 29 Oct 2019 16:46:09 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=0.22213657499415906
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
b9e93a97009b5b8f7903ead412112f8b017623ed46dcc450146f55aebf4c77f1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status
200
date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
server
dacdn2
content-type
application/javascript; charset=UTF-8
fs.js
fullstory.com/s/ 		188 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fullstory.com/s/fs.js
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
66c1a5eadc59f8a0e695cc218810f722dd0a94b8b9e534db8b30fba6c75c3466
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin
https://enhanced-relief.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
server
Google Frontend
age
18
status
200
etag
"LQfVjA"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cloud-trace-context
44b72f6e58761c2a4001b5241c265518
cache-control
public, max-age=600
date
Tue, 29 Oct 2019 16:15:51 GMT
timing-allow-origin
*
content-length
68709
expires
Tue, 29 Oct 2019 16:25:51 GMT
gtm.js
www.googletagmanager.com/ 		368 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/js/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f63c4bf267fbc54ab07ef68e8f17e035048291173cc29c7ed59536e75b64da72
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
br
last-modified
Tue, 29 Oct 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43059
x-xss-protection
0
expires
Tue, 29 Oct 2019 16:16:09 GMT
selected.png
enhanced-relief.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/selected.png
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2740a8efad7b59295b6c3a26de660fb12931936b787c7ec7def3f04dee18f2da

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/css/combined.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:10 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Sat, 24 Aug 2019 18:16:58 GMT
x-amz-meta-content-md5
070b81a100bf4c51c82a29f51cf69f13
x-amz-cf-pop
PHX50-C2
etag
"070b81a100bf4c51c82a29f51cf69f13"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
5734
x-amz-cf-id
FbDKzXHpufX9ojMoghaZ1aSEb1CqK4n-w9s7n31xVk2stlAzXAtyFg==
server
AmazonS3
unselected.png
enhanced-relief.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/unselected.png
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ed0952b840690a05203435acd4a5a22329242770b45528295979ca6957d44ac

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/css/combined.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 24 Oct 2019 19:37:53 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Sat, 24 Aug 2019 18:16:58 GMT
x-amz-meta-content-md5
f0a382715f37102b54825970050847d0
x-amz-cf-pop
PHX50-C2
etag
"f0a382715f37102b54825970050847d0"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
2844
x-amz-cf-id
uL1pw3Nbp4Es0H5H6qtjq80XciSmyOAJkQIu_5kvQCURQcpqNhopFg==
server
AmazonS3
qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v8/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v8/qkBbXvYC6trAT7RVLtyU5rZP.woff2
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0e16c1755f809d290b0c5e746654f10169af40c580767e0765bdd43fc542dfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Karla|Montserrat:300,400,500,600,700,800
Origin
https://enhanced-relief.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 00:12:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:49:09 GMT
server
sffe
age
662621
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6332
x-xss-protection
0
expires
Wed, 21 Oct 2020 00:12:28 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Karla|Montserrat:300,400,500,600,700,800
Origin
https://enhanced-relief.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 17 Oct 2019 12:58:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:48 GMT
server
sffe
age
1048647
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13708
x-xss-protection
0
expires
Fri, 16 Oct 2020 12:58:42 GMT
va-bc6aeec2759df7702e04147d60cbef72.js
dev.visualwebsiteoptimizer.com/6.0/ 		185 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/6.0/va-bc6aeec2759df7702e04147d60cbef72.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=0.22213657499415906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
75645144f05dcb5977f2a3602772fab3b0d9075e9974862091240e07f8000e0c

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin
https://enhanced-relief.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
last-modified
Thu, 24 Oct 2019 06:29:27 GMT
server
dacdn2
status
200
etag
"5db144c7-f778"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
63352
track-bc6aeec2759df7702e04147d60cbef72.js
dev.visualwebsiteoptimizer.com/6.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/6.0/track-bc6aeec2759df7702e04147d60cbef72.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=0.22213657499415906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
5a914db837d87e8503925852e1e0518f3f4067095891549c3e30bdcda410e90b

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin
https://enhanced-relief.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
last-modified
Thu, 24 Oct 2019 06:29:27 GMT
server
dacdn2
status
200
etag
"5db144c7-f6c"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3948
opa-716a6f3c05175f763da4df8bc880da4c.js
dev.visualwebsiteoptimizer.com/analysis/2.0/ 		149 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/2.0/opa-716a6f3c05175f763da4df8bc880da4c.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=0.22213657499415906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
d67d7be0bcac42a7de79673d46f5385d59539cdc943a05f0cd330d450bf99402

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin
https://enhanced-relief.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
last-modified
Thu, 24 Oct 2019 06:29:23 GMT
server
dacdn2
status
200
etag
W/"5db144c3-25586"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?a=364281&d=enhanced-relief.com&u=D0968860392F9D15D94E695D907AEB9BF&h=c5b085b95d77e01de65d75e7e23fab64&t=false&r=0.5049923744405265
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
dacdn2
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
page
rs.fullstory.com/rec/ 		15 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1a052772b12b3f9f3d47958687439a18596431ffd6c06566a0cdf1cedcdc311b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
via
1.1 google
x-content-type-options
nosniff
status
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://enhanced-relief.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
15
expires
0
conversion_async.js
www.googleadservices.com/pagead/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
16d64f53167596e3b279e203618e79e279f0b06c294a6a64100acab05f596654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9200
x-xss-protection
0
server
cafe
etag
994047167040605454
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Oct 2019 16:16:09 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2495
date
Tue, 29 Oct 2019 15:34:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Tue, 29 Oct 2019 17:34:34 GMT
ld.js
static.criteo.net/js/ld/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
08f46166ba8f17f10bcf12e4cb5307eee649495f36b4561aa86ae2fde668f99f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
last-modified
Fri, 11 Oct 2019 10:45:26 GMT
server
nginx
etag
W/"5da05d46-7682"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Wed, 30 Oct 2019 16:16:09 GMT
f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js
create.lidstatic.com/campaign/ 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4b82 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbcc37c25df7534634d5dd518a1e2f155eb7be187adf796e8581b0734c9d6383

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:10 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
A754107851157BCB
cf-ray
52d673cb3d8859b2-VIE
status
200
x-amz-replication-status
COMPLETED
x-amz-id-2
MP16PLVTNQc+stYqRQGz0udLaFDfDplnnEftk0w4o1W1xdDlD4EOfjJVmK66ogKJZY50F1NBAyQ=
last-modified
Fri, 27 Apr 2018 16:58:03 GMT
server
cloudflare
etag
W/"9d4caf42bf9665b843fd1a5321dd6df2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
j6zNllYXzgfPBR.bFlasNdsto3e4PhNj
cache-control
public, max-age=1800
content-type
text/javascript
expires
Tue, 29 Oct 2019 16:46:10 GMT
obtp.js
amplify.outbrain.com/cp/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
755a7942400c30c2fbbc147a926e83077a59583833668624ae601ad07fb5a0aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Tue, 29 Oct 2019 16:16:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Oct 2019 19:00:09 GMT
Server
Apache
ETag
"87cb8bc516d79771d89170fecac77a33:1571338809"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2560
Expires
Tue, 29 Oct 2019 16:36:09 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b02eb6a63bca577aa26a3d54c450cd179dab7b63e08cb8830411bca8f853c002
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
22456
x-xss-protection
0
pragma
public
x-fb-debug
gA+whvF7dzbvcTVTsQtJLmhb1AbNgMqfsir4hq7CN39e5M0dUyGVvcZVxQ7NsVDC0d4GCDZIF8Mg4I5I5PTTMQ==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Tue, 29 Oct 2019 16:16:09 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1221287/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1221287/tfa.js
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed9dd6711ad54457a59af94f2f312f9f114ba7b1b600e28abbb27eb11061ea8b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id
EleK8b1ywtgARka73VX0PzezFV8N54AN
content-encoding
gzip
etag
"dab47b516d7ff7640b0a27a16044eecf"
age
0
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
13766
x-amz-id-2
wrJ8Wkq5TDU8QWT/vTEalrgJbndHBQKQuOCwo59liCJIpVRRYOzW44dGbUvfb16zByN+Ad8L82Q=
x-served-by
cache-hhn4020-HHN
last-modified
Mon, 14 Oct 2019 17:32:32 GMT
server
AmazonS3
x-timer
S1572365769.420069,VS0,VE99
date
Tue, 29 Oct 2019 16:16:09 GMT
vary
Accept-Encoding
x-amz-request-id
0784AEECB85C6A5C
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
28
x-cache-hits
1
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:08 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: 38CE197D80C24256BC06AC55FC76EA9D Ref B: VIEEDGE0619 Ref C: 2019-10-29T16:16:09Z
status
200
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
5da7681044fd350012709dfe
api.pushnami.com/scripts/v1/push/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/push/5da7681044fd350012709dfe
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.106 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-106.fra50.r.cloudfront.net
Software
/
Resource Hash
3199c3617158460eae5642dd4c7efae65a91b3bc6ac80497f26e41f8940cf746

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache
content-encoding
gzip
x-amz-cf-id
IpY3hXREqOt_3LwRxMUwpZabmTXMKCxsfmC2rWiZJc91Jyuis3mfkQ==
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1085788901&t=pageview&_s=1&dl=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cp...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-121317908-59&cid=1721217135.1572365769&jid=1253721768&_gid=1421025861.1572365769&gjid=1847882695&_v=j79&z=1807355675
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-121317908-59&cid=1721217135.1572365769&jid=1253721768&_v=j79&z=1807355675
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-121317908-59&cid=1721217135.1572365769&jid=1253721768&_v=j79&z=1807355675&slf_rd=1&random=1592940334
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-121317908-59&cid=1721217135.1572365769&jid=1253721768&_v=j79&z=1807355675&slf_rd=1&random=1592940334
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-121317908-59&cid=1721217135.1572365769&jid=1253721768&_v=j79&z=1807355675&slf_rd=1&random=1592940334
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
351250395792024
connect.facebook.net/signals/config/ 		281 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/351250395792024?v=2.9.5&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
900ce9b459fd7986b9da3e314a1870337b50655bbaa3126feea0d7e176653555
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
RCX6AKTP27/AkR7GFk1auI3Bau1ZaLSyq+oOoSai+m+eg1hBat56tVZVUQoSvOu3BR2skmQv2ZxtrNtICxLQNw==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Tue, 29 Oct 2019 16:16:09 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
tr.outbrain.com/ 		43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/pixel?marketerId=00975efe2ff747f2b9d5b12fce0c9291e1&obApiVersion=1.1.5&name=PAGE_VIEW&dl=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&optOut=false&bust=05745319383276339
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=0; includeSubDomains;
content-encoding
gzip
traffic-path
NYDC1, JFK, HHN, Europe1
x-cache
MISS, MISS
status
200
x-traceid
76264e14696fcd64da5e2771c5ac043c
content-length
60
x-served-by
cache-jfk8127-JFK, cache-hhn4020-HHN
x-timer
S1572365769.432390,VS0,VE87
date
Tue, 29 Oct 2019 16:16:09 GMT
content-type
image/gif;
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
backend-ip
104.156.90.27
accept-ranges
bytes, bytes
x-cache-hits
0, 0
pixel
amplifypixel.outbrain.com/ 		43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplifypixel.outbrain.com/pixel?mid=00975efe2ff747f2b9d5b12fce0c9291e1&dl=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&bust=09729920716803753
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Tue, 29 Oct 2019 16:16:09 GMT
Cache-Control
no-cache
X-TraceId
6cebdaf6952b7028a220c3819277505e
content-encoding
gzip
Content-Length
60
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
image/gif;
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/701378055/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701378055/?random=1572365769430&cv=9&fst=1572365769430&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
3a50784038ad030633e663851bbc2fb9290b0981166f6e26f70a249d2d3af59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1132
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/712220025/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/712220025/?random=1572365769433&cv=9&fst=1572365769433&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
07f7167a1096b76740b5744e0f9e7a78d6dc6608f49b5ddabfc95362ee3e4404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1131
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/761425762/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/761425762/?random=1572365769434&cv=9&fst=1572365769434&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ad387b79ea8bc304cf19066d3f110edb499c8df005e4ea8719e97506b51d8215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1131
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782166578/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782166578/?random=1572365769434&cv=9&fst=1572365769434&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=16...
  • https://www.google.com/pagead/1p-user-list/782166578/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_np...
  • https://www.google.de/pagead/1p-user-list/782166578/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_npl...
42 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782166578/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&is_vtc=1&random=3839964095&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/782166578/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&is_vtc=1&random=3839964095&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/709015113/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709015113/?random=1572365769434&cv=9&fst=1572365769434&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=16...
  • https://www.google.com/pagead/1p-user-list/709015113/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_np...
  • https://www.google.de/pagead/1p-user-list/709015113/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_npl...
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/709015113/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&is_vtc=1&random=3481304536&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/709015113/?random=1572365769434&cv=9&fst=1572364800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&is_vtc=1&random=3481304536&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/860860373/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/860860373/?random=1572365769435&cv=9&fst=1572365769435&num=1&label=BnAeCL6p15ABENXfvpoD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
381edb81558d18d89a3966c2406134c9f568fd86e03789ddeaebb61467155ae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1185
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=50033&v=5.4.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&lwid=59271f9a-2534-44b3-8e7a-3128cc8d7d41&tld=enhanced-relief.com&dtycbr=10388
  • https://widget.us.criteo.com/event?a=50033&v=5.4.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&lwid=59271f9a-2534-44b3-8e7a-3128cc8d7d41&tld=enhanced-relief.com&dtycbr=10388
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=50033&v=5.4.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&lwid=59271f9a-2534-44b3-8e7a-3128cc8d7d41&tld=enhanced-relief.com&dtycbr=10388
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f7cffc518ec9c320f58a1de2eea008238cd4d433048918f366f052be2dd8537

Request headers

Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
timing-allow-origin
*
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
status
200
cache-control
no-cache
content-type
application/x-javascript
content-length
844
expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:08 GMT
status
302
location
https://widget.us.criteo.com/event?a=50033&v=5.4.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&lwid=59271f9a-2534-44b3-8e7a-3128cc8d7d41&tld=enhanced-relief.com&dtycbr=10388
cache-control
no-cache
timing-allow-origin
*
content-length
0
expires
0
/
www.google.com/pagead/1p-user-list/701378055/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/701378055/?random=1572365769430&cv=9&fst=1572364800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&fmt=3&is_vtc=1&random=3014406793&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/701378055/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/701378055/?random=1572365769430&cv=9&fst=1572364800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&fmt=3&is_vtc=1&random=3014406793&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/712220025/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/712220025/?random=1572365769433&cv=9&fst=1572364800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&fmt=3&is_vtc=1&random=4000733097&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/712220025/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/712220025/?random=1572365769433&cv=9&fst=1572364800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&fmt=3&is_vtc=1&random=4000733097&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25077431&Ver=2&mid=c05075ea-5f7f-8991-7294-f0a08ada0673&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Enhanced%20Relief&p=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=&evt=pageLoad&msclkid=N&rn=698916
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Tue, 29 Oct 2019 16:16:08 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 800482CB21ED4DF68B6EB50FEFBD151F Ref B: VIEEDGE0619 Ref C: 2019-10-29T16:16:09Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/761425762/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/761425762/?random=1572365769434&cv=9&fst=1572364800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&fmt=3&is_vtc=1&random=3583227518&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/761425762/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/761425762/?random=1572365769434&cv=9&fst=1572364800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&fmt=3&is_vtc=1&random=3583227518&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/860860373/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/860860373/?random=1572365769435&cv=9&fst=1572364800000&num=1&label=BnAeCL6p15ABENXfvpoD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&fmt=3&is_vtc=1&random=3414955309&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/860860373/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/860860373/?random=1572365769435&cv=9&fst=1572364800000&num=1&label=BnAeCL6p15ABENXfvpoD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=Enhanced%20Relief&async=1&fmt=3&is_vtc=1&random=3414955309&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=351250395792024&ev=PageView&dl=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&rl=&if=false&ts=1572365769575&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=30&fbp=fb.1.1572365769574.405439005&it=1572365769426&coo=false&rqm=GET
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Tue, 29 Oct 2019 16:16:09 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/38/9/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/38/9/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?types=geocode&components=country:us&key=AIzaSyCQgYQDQA0UlURlWeO33dKf16ZpvG2ckak&libraries=places&callback=initAutocomplete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
881d32fa9a7a522cf04bca7b887d50ebcc3df1c25b3174c32a1dde977672ebd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 05:02:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Oct 2019 08:10:45 GMT
server
sffe
age
126829
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28370
x-xss-protection
0
expires
Tue, 27 Oct 2020 05:02:20 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/38/9/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/38/9/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?types=geocode&components=country:us&key=AIzaSyCQgYQDQA0UlURlWeO33dKf16ZpvG2ckak&libraries=places&callback=initAutocomplete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c58c453426426b54d3ed9959f950605ef8d8d1277a05a65b8fdc8073318c5cfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 05:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Oct 2019 08:10:45 GMT
server
sffe
age
126785
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
53553
x-xss-protection
0
expires
Tue, 27 Oct 2020 05:03:04 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/38/9/ 		208 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/38/9/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?types=geocode&components=country:us&key=AIzaSyCQgYQDQA0UlURlWeO33dKf16ZpvG2ckak&libraries=places&callback=initAutocomplete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c363d12afd25ffd6a598a6ce9bf74fdf1630928e6044d519ba1b15282a46536d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 24 Oct 2019 11:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Oct 2019 08:10:45 GMT
server
sffe
age
450650
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
57497
x-xss-protection
0
expires
Fri, 23 Oct 2020 11:05:19 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/38/9/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/38/9/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?types=geocode&components=country:us&key=AIzaSyCQgYQDQA0UlURlWeO33dKf16ZpvG2ckak&libraries=places&callback=initAutocomplete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
20a0c591c13140842944df574290f495dd447c39b173b98f4740e6e508c34489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 18:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Oct 2019 08:10:45 GMT
server
sffe
age
510912
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15924
x-xss-protection
0
expires
Thu, 22 Oct 2020 18:20:57 GMT
CheckRules
external.printfinger.tech/api/ 		117 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://external.printfinger.tech:7105/api/CheckRules
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.202.255 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-160-202-255.us-west-2.compute.amazonaws.com
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
4d863434d026b854bac1d5371ef0d6d1146bdbc86d1640607dd5a3e65ded818c

Request headers

Accept
*/*
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
application/json
Authorization
Bearer a3Njd21WcU5rNTJXRG1hcnByemZlcWdCaERDMjB3RkVLekdXekNtc0loSjdGdFhoTUkzZlZhYzNNYVBpVHlYeHp4TU5mRTJuRkdXN2dpNnhxZXFyM2t0dVhNS1l3RFpVS1ZIU2hLQklRUFpPRGZXbmViMnlJcDRQRGMwVDNlMEJyQ3dMYm5QZmRoYm5LZXExemczVkxrTWZhMVBGVXNPdlpYaEJzTEwxTVdWa05SRml2OGRX
Sec-Fetch-Mode
cors
ContextId
a47430d5-7e87-4457-bc27-f71a41230c43

Response headers

status
200
date
Tue, 29 Oct 2019 16:16:10 GMT
content-encoding
gzip
server
Microsoft-HTTPAPI/2.0
access-control-allow-origin
*
content-type
application/json
trustedform.js
api.trustedform.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15723657697810.02974127883427058&invert_field_sensitivity=false
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/js/combined.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
7c.c5.30a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
73bb2a99fbcc1a53a0cece09e19609439061ff1699d05efb0ab1fd78193b966a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status
200
date
Tue, 29 Oct 2019 16:16:10 GMT
cache-control
max-age=0, private, must-revalidate
server
nginx
content-encoding
gzip
strict-transport-security
max-age=15768000
content-type
application/javascript; charset=utf-8
23303
api.zippopotam.us/us/ 		217 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.zippopotam.us/us/23303
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:19e6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc3ed655bee38c0e1dcb22e5f24e2fb59c250b38698335eae72d8dc2c8517aa4

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 29 Oct 2019 16:16:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
hit
content-type
application/json
access-control-allow-origin
*
charset
UTF-8
cf-ray
52d673cdbde48c74-VIE
/
api.ipify.org/ 		22 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.73.124 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-23-73-124.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
d64cf038b274152c918b98624553add7100c8de4da79cdf8fa60d5e52a745b46

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Tue, 29 Oct 2019 16:16:10 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://enhanced-relief.com
Connection
keep-alive
Content-Length
22
CheckRules
external.printfinger.tech/api/ 		880 B
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://external.printfinger.tech:7105/api/CheckRules
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.202.255 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-160-202-255.us-west-2.compute.amazonaws.com
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c1363653f26900ff9089b26f91b0c1c306d3b7f87659054154be44d3c449cce7

Request headers

Accept
*/*
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
application/json
Authorization
Bearer a3Njd21WcU5rNTJXRG1hcnByemZlcWdCaERDMjB3RkVLekdXekNtc0loSjdGdFhoTUkzZlZhYzNNYVBpVHlYeHp4TU5mRTJuRkdXN2dpNnhxZXFyM2t0dVhNS1l3RFpVS1ZIU2hLQklRUFpPRGZXbmViMnlJcDRQRGMwVDNlMEJyQ3dMYm5QZmRoYm5LZXExemczVkxrTWZhMVBGVXNPdlpYaEJzTEwxTVdWa05SRml2OGRX
Sec-Fetch-Mode
cors
ContextId
a47430d5-7e87-4457-bc27-f71a41230c43

Response headers

status
200
date
Tue, 29 Oct 2019 16:16:10 GMT
server
Microsoft-HTTPAPI/2.0
access-control-allow-origin
*
content-length
880
content-type
application/json; charset=utf-8
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1616
x-xss-protection
0
expires
Tue, 29 Oct 2019 16:16:09 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3351
x-xss-protection
0
expires
Tue, 29 Oct 2019 16:16:09 GMT
t.js
api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/t.js?lo=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&l=15723657697810.02974127883427058&f=false&n=a0e4675d39aca1c14fc35b7e0561435ae8e70bcb&cs=g3QAAAACZAABdGJduGXKZAABdnQAAAAEbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAGGludmVydF9maWVsZF9zZW5zaXRpdml0eWQABWZhbHNlbQAAAAFsbQAAACAxNTcyMzY1NzY5NzgxMC4wMjk3NDEyNzg4MzQyNzA1OG0AAAAQcHJvdmlkZV9yZWZlcnJlcmQABWZhbHNl&csh=Y0O1T40BDSNPKGJjgQqhbU8o9iw0Gsgyum40DVdJl7k%3D
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15723657697810.02974127883427058&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
7c.c5.30a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
23f2c35ec96b5f8628a5b650953bc2ce818584db4526ca06b67ef6337d6ee96a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status
200
date
Tue, 29 Oct 2019 16:16:10 GMT
cache-control
max-age=0, private, must-revalidate
server
nginx
content-encoding
gzip
strict-transport-security
max-age=15768000
content-type
application/javascript; charset=utf-8
GenerateToken
create.leadid.com/2.5.2/ 		36 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.5.2/GenerateToken?msn=1&pid=ee43926f-ff95-4de0-a09e-7cdf235706ad&_=561282944
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-206-109.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/7.1.30
Resource Hash
e377a04d1812c31a0e8440aae18fdfea611dfefb1ac1572c6ae5098137a587ab

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 29 Oct 2019 16:16:10 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/7.1.30
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
56
Expires
Sat, 26 Jul 1997 05:00:00 GMT
h
api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/h?n=f18f6c569521978b0596280db14b3c924e37cfdf&l=15723657697810.02974127883427058&a=1&ce=z&t=cors
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
7c.c5.30a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Oct 2019 16:16:11 GMT
server
nginx
status
200
access-control-max-age
1728000
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15768000
access-control-allow-headers
Content-Type,Content-Length,X-Requested-With
content-length
0
md
api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/ 		0
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/md?a=1&t=cors
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
7c.c5.30a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Oct 2019 16:16:11 GMT
server
nginx
status
200
access-control-max-age
1728000
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15768000
access-control-allow-headers
Content-Type,Content-Length,X-Requested-With
content-length
0
0
bat.bing.com/action/ 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25077431&Ver=2&mid=c05075ea-5f7f-8991-7294-f0a08ada0673&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Enhanced%20Relief&p=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=&evt=pageLoad&msclkid=N&rn=698916
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Tue, 29 Oct 2019 16:16:09 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 67E3ACF8FD7E4E6B969096F3B46C2C76 Ref B: VIEEDGE0619 Ref C: 2019-10-29T16:16:10Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1071.min.js
js-agent.newrelic.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:10 GMT
content-encoding
gzip
x-amz-request-id
ACEB09A6FFD62336
x-cache
HIT
status
200
content-length
9086
x-amz-id-2
rhYRNfDuOePcViqxa8gPKIuPjBQJqvioVo+Z64HXa6390+10T0KNtfRPDPgGnBJC+SI+IL/Y8h8=
x-served-by
cache-fra19182-FRA
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1572365771.776395,VS0,VE0
etag
"a1a545c95f313a230157b47dca555c25"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
55
pixel
tr.outbrain.com/ 		43 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/pixel?marketerId=00975efe2ff747f2b9d5b12fce0c9291e1&obApiVersion=1.1.5&name=PAGE_VIEW&dl=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&optOut=false&bust=05200824932593127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=0; includeSubDomains;
content-encoding
gzip
traffic-path
NYDC1, JFK, HHN, Europe1
x-cache
MISS, MISS
status
200
x-traceid
6d8f342a817e139e6fbddd554b77472b
content-length
60
x-served-by
cache-jfk8141-JFK, cache-hhn4020-HHN
x-timer
S1572365771.776057,VS0,VE87
date
Tue, 29 Oct 2019 16:16:10 GMT
content-type
image/gif;
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
backend-ip
104.156.90.41
accept-ranges
bytes, bytes
x-cache-hits
0, 0
pixel
amplifypixel.outbrain.com/ 		43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplifypixel.outbrain.com/pixel?mid=00975efe2ff747f2b9d5b12fce0c9291e1&dl=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&bust=04261353151654732
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Tue, 29 Oct 2019 16:16:10 GMT
Cache-Control
no-cache
X-TraceId
c97663db3da0a474b52c332fa94dc91c
content-encoding
gzip
Content-Length
60
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
image/gif;
dis.aspx
widget.us.criteo.com/dis/ Frame 096C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/dis/dis.aspx?p=50033&cb=355731179&ref=&sc_r=1600x1200&sc_d=24
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
widget.us.criteo.com
:scheme
https
:path
/dis/dis.aspx?p=50033&cb=355731179&ref=&sc_r=1600x1200&sc_d=24
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
accept-encoding
gzip, deflate, br
cookie
uid=b4e8d8d4-c090-4069-9880-993669cd1d55
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER

Response headers

status
200
cache-control
no-cache
pragma
no-cache
content-type
text/html
content-encoding
gzip
expires
Mon, 26 Jul 1997 05:00:00 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
p3p
CP='CUR ADM OUR NOR STA NID'
timing-allow-origin
*
x-powered-by
ASP.NET
date
Tue, 29 Oct 2019 16:16:10 GMT
content-length
147
439703bc4b
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/439703bc4b?a=135957151&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=5190&ref=https://enhanced-relief.com/&be=3478&fe=5181&dc=4186&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1572365765590,%22n%22:0,%22f%22:2220,%22dn%22:2220,%22dne%22:2239,%22c%22:2239,%22s%22:2387,%22ce%22:2541,%22rq%22:2541,%22rp%22:2992,%22rpe%22:2993,%22dl%22:2996,%22di%22:4186,%22ds%22:4186,%22de%22:4187,%22dc%22:5181,%22l%22:5181,%22le%22:5184%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 9A3D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=46873442-95E5-8FCA-68BD-A2C9AF13E80D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6&lac=2B26B722-D668-EC71-D186-45FE6EC4DDE1
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.61 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-61.fra54.r.cloudfront.net
Software
nginx/1.10.1 /
Resource Hash

Request headers

Host
d2m2wsoho8qq12.cloudfront.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER

Response headers

Content-Type
text/html
Content-Length
1440
Connection
keep-alive
Content-Encoding
gzip
Date
Tue, 29 Oct 2019 01:59:23 GMT
ETag
W/"5db57ab4-da5"
Last-Modified
Sun, 27 Oct 2019 11:08:36 GMT
P3P
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Server
nginx/1.10.1
X-Cache
Hit from cloudfront
Via
1.1 1463b274b31e0310acc7c754b8b5a550.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA54
X-Amz-Cf-Id
sMog9NUxIz3MGReGN5ThoFb7roVKbBTGcN2G22Duh5tmnOc9bzCV-A==
Age
51155
SaveDom
create.leadid.com/2.5.2/ 		0
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.5.2/SaveDom?msn=2&pid=ee43926f-ff95-4de0-a09e-7cdf235706ad&token=46873442-95E5-8FCA-68BD-A2C9AF13E80D&_=561282945
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-206-109.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/7.1.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 29 Oct 2019 16:16:10 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/7.1.30
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
excellent.png
enhanced-relief.com/img/cr-3/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/cr-3/excellent.png
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c37fa950999a88aefd7c6673b64873896b11aa9af0869ca46ab956b0d3ccf1d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/css/combined.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 24 Oct 2019 19:37:55 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Thu, 29 Aug 2019 19:36:23 GMT
x-amz-meta-content-md5
6d8e2371f4b2cecb8b9f709d06c78a9f
x-amz-cf-pop
PHX50-C2
etag
"6d8e2371f4b2cecb8b9f709d06c78a9f"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
9412
x-amz-cf-id
rPLEYHSMxV1T8KWbbjGjHYz1_Jd2UCepM2iP4ZMVWoqBwC8SB8iiAg==
server
AmazonS3
unselected.png
enhanced-relief.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/unselected.png
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ed0952b840690a05203435acd4a5a22329242770b45528295979ca6957d44ac

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/css/combined.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:12 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Sat, 24 Aug 2019 18:16:58 GMT
x-amz-meta-content-md5
f0a382715f37102b54825970050847d0
x-amz-cf-pop
PHX50-C2
etag
"f0a382715f37102b54825970050847d0"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
2844
x-amz-cf-id
tj4FwE_Zgfrg5oowND-lTZ4o0-tpZEPFkkuWuL1k6KW5cEeMYAqVEg==
server
AmazonS3
good.png
enhanced-relief.com/img/cr-3/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/cr-3/good.png
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b71c788348af78e4a2eabb9864d4e80d3cfdf8e7aff0c3cea875145ef4ade15f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/css/combined.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 05:23:52 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Thu, 29 Aug 2019 19:36:23 GMT
x-amz-meta-content-md5
0f5ce887a553075f17e67ad7eb81c068
x-amz-cf-pop
PHX50-C2
etag
"0f5ce887a553075f17e67ad7eb81c068"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
9210
x-amz-cf-id
2cxWdc80okXck0lB-O_JrcKmiNPRf5VtbFr1fhTqOVzvktD3mCfyxg==
server
AmazonS3
selected.png
enhanced-relief.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/selected.png
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2740a8efad7b59295b6c3a26de660fb12931936b787c7ec7def3f04dee18f2da

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/css/combined.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:12 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Sat, 24 Aug 2019 18:16:58 GMT
x-amz-meta-content-md5
070b81a100bf4c51c82a29f51cf69f13
x-amz-cf-pop
PHX50-C2
etag
"070b81a100bf4c51c82a29f51cf69f13"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
5734
x-amz-cf-id
k-gfl9MhA4x5gnB0o4cg9RKGn2-_6MKcs04ZNoIEgQs4mXbWOMW-hw==
server
AmazonS3
average.png
enhanced-relief.com/img/cr-3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/cr-3/average.png
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f8621c49661c47bf26c3b70d03c2614015e69b299cbc2054b3e027b5d38d666

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/css/combined.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 05:23:52 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Thu, 29 Aug 2019 19:36:24 GMT
x-amz-meta-content-md5
5999c0aff694fe96b9961958645f8433
x-amz-cf-pop
PHX50-C2
etag
"5999c0aff694fe96b9961958645f8433"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
8146
x-amz-cf-id
WEUmWLvdf2iXz3GBzd6joQ5ZXX4YngcvNpoStI_DLs0IwRKt1tbh0w==
server
AmazonS3
fair.png
enhanced-relief.com/img/cr-3/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/cr-3/fair.png
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70713d9667142cb905b5b5074c58dcb5480eb89fe9e650139c1d3021fb94b02d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/css/combined.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:12 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Thu, 29 Aug 2019 19:36:23 GMT
x-amz-meta-content-md5
1b8ab144203fde0f958f82a01979031e
x-amz-cf-pop
PHX50-C2
etag
"1b8ab144203fde0f958f82a01979031e"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
9279
x-amz-cf-id
vIS8MubrIfdTJcWjBwoEzHx4kD8UlYvFGuHD_7Yf6UCKkfEpHLTLKQ==
server
AmazonS3
poor.png
enhanced-relief.com/img/cr-3/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/cr-3/poor.png
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58d96ee59c0edff332c7083a40c12bff2f9372f99e6a2d1d93616222b0300ad5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/css/combined.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 05:12:34 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Thu, 29 Aug 2019 19:36:23 GMT
x-amz-meta-content-md5
38f8db37be29dd649ed12289b97bee39
x-amz-cf-pop
PHX50-C2
etag
"38f8db37be29dd649ed12289b97bee39"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
9523
x-amz-cf-id
-UeRctRSMfQ6Npc2nG7W-6NYLd_P1iA0-zZih-u6NmNnHRgvLzZYOg==
server
AmazonS3
dropdown-carat.png
enhanced-relief.com/img/ 		173 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enhanced-relief.com/img/dropdown-carat.png
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20c9:6600:b:92fc:e480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
501d5cbec7dca5f05bc4d56fbd492a6a354b64d1bfcfd8688838d4535c1cef58

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/css/combined.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 24 Oct 2019 19:37:54 GMT
via
1.1 f85e6decc9be4af5e4ad8a0daa6fc4a3.cloudfront.net (CloudFront)
last-modified
Sat, 24 Aug 2019 18:16:58 GMT
x-amz-meta-content-md5
c0ad9e58ae32b82aff78f543ecf8810a
x-amz-cf-pop
PHX50-C2
etag
"c0ad9e58ae32b82aff78f543ecf8810a"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604810, no-cache
accept-ranges
bytes
content-length
173
x-amz-cf-id
AA1KegBWhCjucnfodJpcteV6iTJFh4UDNxjIp0Yh4jNijyOr_PiTAQ==
server
AmazonS3
InitFormData
create.leadid.com/2.5.2/ 		0
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.5.2/InitFormData?msn=3&pid=ee43926f-ff95-4de0-a09e-7cdf235706ad&token=46873442-95E5-8FCA-68BD-A2C9AF13E80D&_=561282946
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-206-109.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/7.1.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 29 Oct 2019 16:16:11 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/7.1.30
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=351250395792024&ev=Microdata&dl=https%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&rl=&if=false&ts=1572365771100&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Enhanced%20Relief%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.5&r=stable&ec=1&o=30&fbp=fb.1.1572365769574.405439005&it=1572365769426&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 16:16:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Tue, 29 Oct 2019 16:16:11 GMT
f
api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/f?l=15723657697810.02974127883427058&n=bd5fe8ed8bfa29b74fe19475992ff4b5091f4664&rn=0&a=1&t=cors
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
7c.c5.30a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Oct 2019 16:16:11 GMT
server
nginx
status
200
access-control-max-age
1728000
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15768000
access-control-allow-headers
Content-Type,Content-Length,X-Requested-With
content-length
0
Snap
create.leadid.com/2.5.2/ 		0
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.5.2/Snap?msn=4&pid=ee43926f-ff95-4de0-a09e-7cdf235706ad&token=46873442-95E5-8FCA-68BD-A2C9AF13E80D&_=561282947
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-206-109.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/7.1.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 29 Oct 2019 16:16:11 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/7.1.30
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.5.2/ 		0
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.5.2/Snap?msn=5&pid=ee43926f-ff95-4de0-a09e-7cdf235706ad&token=46873442-95E5-8FCA-68BD-A2C9AF13E80D&_=561282948
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-206-109.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/7.1.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 29 Oct 2019 16:16:11 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/7.1.30
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
e
api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/e?cs=g2JduGXK&csh=rC8yTQx675JorGxndtm5hjj%252FTnPVYiBVxlVKcdaE%252F7o%253D&a=1&t=cors
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
7c.c5.30a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Oct 2019 16:16:11 GMT
server
nginx
status
200
access-control-max-age
1728000
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15768000
access-control-allow-headers
Content-Type,Content-Length,X-Requested-With
content-length
0
InitFormData
create.leadid.com/2.5.2/ 		0
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.5.2/InitFormData?msn=6&pid=ee43926f-ff95-4de0-a09e-7cdf235706ad&token=46873442-95E5-8FCA-68BD-A2C9AF13E80D&_=561282949
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-206-109.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/7.1.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 29 Oct 2019 16:16:12 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/7.1.30
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
e
api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561/e?cs=g2JduGXK&csh=rC8yTQx675JorGxndtm5hjj%252FTnPVYiBVxlVKcdaE%252F7o%253D&a=1&t=cors
Requested by
Host: enhanced-relief.com
URL: https://enhanced-relief.com/newrelic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
7c.c5.30a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Oct 2019 16:16:12 GMT
server
nginx
status
200
access-control-max-age
1728000
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15768000
access-control-allow-headers
Content-Type,Content-Length,X-Requested-With
content-length
0
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
144 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fenhanced-relief.com%2F%3Fsced%3D0%26req_id%3D204494809%26s1%3DSES_RD29P%26a%3D225%26o%3D2405%26cpid%3D14544%26zipcode%3D23303%26first_name%3D%26last_name%3D%26address%3D%26city%3DAtlantic%26state%3DVA%26email%3Dsheila.coulbourne%2540bankatunion.com%26phone_primary%3D%2BURL%2BDomain%253a%2Bt.refiquotedirect.com%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&4sAIzaSyCQgYQDQA0UlURlWeO33dKf16ZpvG2ckak&callback=_xdc_._4pc1ef&key=AIzaSyCQgYQDQA0UlURlWeO33dKf16ZpvG2ckak&token=130860
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/38/9/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
a67f8495ae286803fcd8b427de9523b65c50882275b9f42b22433ca4e1ef1437
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://enhanced-relief.com/?sced=0&req_id=204494809&s1=SES_RD29P&a=225&o=2405&cpid=14544&zipcode=23303&first_name=&last_name=&address=&city=Atlantic&state=VA&email=sheila.coulbourne%40bankatunion.com&phone_primary=+URL+Domain%3a+t.refiquotedirect.com&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Oct 2019 16:16:14 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=24
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

349 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require function| getParameterByName function| getCookie function| tsSource function| getCampaignId function| affSource function| sameDomainCookieCheck function| $ function| jQuery object| _vwo_code number| settings_timer number| _vwo_settings_timer boolean| _fs_debug string| _fs_host string| _fs_org string| _fs_namespace function| FS object| scData number| _vwo_acc_id object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| VWO object| _vwo_pa string| _vwo_opa_cb string| _vwo_worker_cb object| google_tag_manager string| _fs_loaded function| _fs_shutdown string| GoogleAnalyticsObject function| ga function| obApi function| fbq function| _fbq object| _tfa object| uetq object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| IS_SAFARI_ITP object| criteo_q string| deviceType function| UET object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| __trcJSONify object| queue function| _typeof function| storageAvailable function| storage function| getParams function| queryStringToJSON function| removeCommaFromArray function| setCookie function| serializeDeleteItem function| questionCurrentValue function| redirectBasedOnValues function| capitalizeFirstLetter function| mobileDetection function| translateFormValues function| reOrderQuestion function| dropDownLTV function| reverseDropDownLTV function| convertChars function| inputValOnSubmit function| s1 function| organicS1 function| crt function| jobTitle function| highPrice function| ageParam function| equity string| disclosureTermsOfUse string| disclosurePrivacyPolicy boolean| equityAsAddlCash function| equityAndAddlCash function| getFormData function| offerId function| affiliateGTM function| affiliateId function| subAffiliate function| noPush function| trafficSource function| detectMSIE function| stageParam function| tierStorage function| handleDisclosures function| getCakeURLParams function| getCakeOrganic function| handlebarsFunctions function| radioOrSelectValue function| processTYRedirect function| openTabUnder function| checkStorageTime function| validateUserIp function| stageLog function| trustedFormCertUrlCallback function| trustedForm function| jornayaReRun function| getCreditLoanPurose function| sendAlertToSlack object| timeTracker function| gaEventTracking function| highPriceTracking function| sendRequest function| sendSyncRequest string| backUrl boolean| disableIntroBackButton boolean| disableFinalFrameBackButton boolean| enableIntroBackButton boolean| enableFinalFrameBackButton function| backButton function| vwoGB function| noBackButton function| enableBackButton function| runBackButtonLogic boolean| doNotRunTCPA function| assignTCPA undefined| url undefined| formData function| successFunction undefined| requestData undefined| hardCodedSCBC string| userIp string| envToggle undefined| envToggle2 string| v2ExternalAuthkey undefined| tcpaSize undefined| allFormData string| uuid string| cpid function| reqId function| doVetsU function| doPLP function| offerRedirect function| doSolar function| doCurrentLenderLookup function| doTCPA function| scLogging function| doPartialSave function| findMakeAndModel function| assignDisclosures function| prePopAPI function| getUserIp function| submitFormData object| areaCodes function| phoneAreaCheck function| validate function| populateAdditionalCash function| checkZip function| normalizeZip function| preventDecimal function| validateEmail function| validateEmailClass function| validateName function| validateNameBlur function| validateAddressClass function| validateCityClass function| validatePhone function| doZipCodeOperations function| setCityState number| winWidth object| dbaScrollDefaults object| progressBarDefaults function| animateFunction function| defaultScrollEveryFrame function| defaultScrollFinalFrame function| siteScrollEveryFrame function| siteScrollFinalFrame function| autoScrollFunction undefined| hisDivWrap object| hisParam object| zipArray function| his1AddInsCheckbox function| hisAddSolarCheckbox function| hisAddInsRadio function| hisAddSolarRadio function| his2AddInsCheckbox function| startHisCheck string| fsReturned function| nextFS function| prevFS function| FieldSet function| switchFieldSets function| changeProgressBar function| rotate function| progressBarUpdate function| sidebar function| stepsAway function| FormObj function| findClosest function| closestDownPayment function| notaNumTest function| prePopActions function| prepopulateValues function| dataCleanUp boolean| attachedSliders object| estPropValues object| estMortgageValues object| interestValues object| downpaymentValues object| estPurchaseValues object| cashOutValuesStatic object| estPropValuesDBA object| estMortgageValuesDBA object| estPurchaseValuesDBA object| annualMileageValues object| licenseAgeValues boolean| runCashOutLTV function| createCashOutArray function| setPriceDisplay function| setPriceDisplayDBA function| attachPropertySliders function| attachMortgageSliders function| normalizeStoppedMortgageSliders function| normalizeStoppedPropertySliders function| attachPropertySlidersDBA function| normalizeStoppedMortgageSlidersDBA function| normalizeStoppedPropertySlidersDBA function| initiateSliders function| dbaSliders number| dbaMinDelta number| dbaDefaultDelta number| dbaMortgageIndex number| dbaPropIndex function| reverseLTVSliders undefined| oldHardCodedSCBC string| zetaTrigger function| zetaRemove function| addDisclosureButton function| hundredKHeadline function| equityAgeUpdate function| addGetKWHeadline function| dynamicHeadlines function| dynamicSubheadlines function| empQuestionReset function| eventHandler boolean| dragging function| triggerSwitchFSonDropdown boolean| removedInitialZip boolean| noDltv function| progressWidths function| fastForward undefined| placeSearch object| autocompleteRefinance object| autocompletePurchase undefined| autocompleteAuto function| buildProfile object| componentForm function| numCheck function| initAutocomplete function| fillInAddress function| geolocate string| gtmIframe undefined| current_fs undefined| next_fs undefined| previous_fs boolean| noNextButton boolean| adoptNow boolean| specialtyTY boolean| isZipValid boolean| my100kPurchaseRedirect boolean| noPhoneOnSite boolean| noFireCakePixel object| uniqueSiteName boolean| sideBarPanel boolean| solarSurvey boolean| homeRates boolean| reverseLTV undefined| numOfFields object| current_form object| zip_container number| fieldCount number| progressStartPosition object| autoScroll string| orgCakePix function| doControlsAndValidatons function| refiPath function| purchasePath function| smiley function| countdownTimer object| localData function| replaceHash function| doPushnamiTrack function| pushnamiSubmit function| doPushnamiLoanPurpose function| doGAtrack function| gaTrackEmailPartial function| doCriteoTrack function| doCriteoFinalStep function| payableCallback function| doPayable function| buildLead function| generateUUID function| storeUUID function| uuidCallback function| checkForUUID function| parsedValue object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| shouldReOrder string| aid string| useLink object| __e3_ object| pushWrap function| showFbChkOptIn undefined| o function| showPromptOnLoad object| Pushnami number| tf_nst number| tf_sti string| tf_l object| LeadiDconfig object| LeadiD object| JSON3 boolean| tf_r_t function| trustedFormStartRecording function| trustedFormStopRecording object| defaultStyleFrame string| valueToInt string| curValue object| _xdc_

2 Cookies

Domain/Path Name / Value
enhanced-relief.com/ Name: leadid_token-2B26B722-D668-EC71-D186-45FE6EC4DDE1-F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6
Value: 46873442-95E5-8FCA-68BD-A2C9AF13E80D
.enhanced-relief.com/ Name: _fbp
Value: fb.1.1572365769574.405439005

4 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.taboola.com/libtrc/unip/1221287/tfa.js(Line 3)
Message:
Taboola Pixel: An error occurred while handling command '{"notify":"event","name":"page_view","id":1221287,"tim":1572365769536}'. TypeError: Cannot read property 'getItem' of null
console-api log URL: https://enhanced-relief.com/js/combined.js(Line 315)
Message:
zetaTrigger = 0 and affiliateID = 225
console-api log URL: https://enhanced-relief.com/js/combined.js(Line 315)
Message:
returning vistor
console-api log URL: https://enhanced-relief.com/js/combined.js(Line 315)
Message:
Certificate URL: https://cert.trustedform.com/4c60a4bc668f9df576ec4c395c22fc96f6179561

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
amplifypixel.outbrain.com
api.ipify.org
api.pushnami.com
api.trustedform.com
api.zippopotam.us
bam.nr-data.net
bat.bing.com
cdn.taboola.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
dev.visualwebsiteoptimizer.com
enhanced-relief.com
external.printfinger.tech
fonts.googleapis.com
fonts.gstatic.com
fullstory.com
googleads.g.doubleclick.net
js-agent.newrelic.com
maps.googleapis.com
maps.gstatic.com
rs.fullstory.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
suited45trk.com
t.refiquotedirect.com
tr.outbrain.com
trkme1.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
143.204.101.106
151.101.114.2
151.101.14.110
159.122.87.153
162.247.242.20
169.48.197.124
172.217.23.98
178.250.0.130
178.250.0.163
2.18.234.190
2001:4860:4802:38::15
23.23.73.124
2600:9000:20c9:6600:b:92fc:e480:93a1
2606:4700:10::6814:4b82
2606:4700:30::681c:19e6
2620:1ec:c11::200
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:815::200a
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:821::200e
2a00:1450:4001:824::200a
2a00:1450:400c:c00::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.193.21.59
34.236.206.109
35.160.202.255
35.186.194.58
52.222.168.61
52.53.67.177
70.42.32.127
74.119.119.150
07f7167a1096b76740b5744e0f9e7a78d6dc6608f49b5ddabfc95362ee3e4404
08f46166ba8f17f10bcf12e4cb5307eee649495f36b4561aa86ae2fde668f99f
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0e16c1755f809d290b0c5e746654f10169af40c580767e0765bdd43fc542dfce
0f7cffc518ec9c320f58a1de2eea008238cd4d433048918f366f052be2dd8537
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16d64f53167596e3b279e203618e79e279f0b06c294a6a64100acab05f596654
1a052772b12b3f9f3d47958687439a18596431ffd6c06566a0cdf1cedcdc311b
20a0c591c13140842944df574290f495dd447c39b173b98f4740e6e508c34489
23f2c35ec96b5f8628a5b650953bc2ce818584db4526ca06b67ef6337d6ee96a
2407c05964550145fc2c0f85b3958a5914de292053e3de7012ff32748aa641ac
2740a8efad7b59295b6c3a26de660fb12931936b787c7ec7def3f04dee18f2da
277a32fa231e3e1caee408f61d1ea1e4ec4d723aae7fd31f7520b5b0d6a18425
3199c3617158460eae5642dd4c7efae65a91b3bc6ac80497f26e41f8940cf746
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
381edb81558d18d89a3966c2406134c9f568fd86e03789ddeaebb61467155ae6
3a50784038ad030633e663851bbc2fb9290b0981166f6e26f70a249d2d3af59f
4350a00db97be0c63cd81ef3783e5a68eedfb69bfdd4048e744d99d3d143dbda
4c37fa950999a88aefd7c6673b64873896b11aa9af0869ca46ab956b0d3ccf1d
4d863434d026b854bac1d5371ef0d6d1146bdbc86d1640607dd5a3e65ded818c
501d5cbec7dca5f05bc4d56fbd492a6a354b64d1bfcfd8688838d4535c1cef58
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
58d96ee59c0edff332c7083a40c12bff2f9372f99e6a2d1d93616222b0300ad5
5a914db837d87e8503925852e1e0518f3f4067095891549c3e30bdcda410e90b
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
60b72bd64a2150cb131f11bcc34a008bac03f7584e8656ae6fa7bdfaa7a79fbc
66c1a5eadc59f8a0e695cc218810f722dd0a94b8b9e534db8b30fba6c75c3466
6dc595247a7dd1a88d451e52a9b6951c386c2e3dad3737fc5eae7aebf073a848
70713d9667142cb905b5b5074c58dcb5480eb89fe9e650139c1d3021fb94b02d
73bb2a99fbcc1a53a0cece09e19609439061ff1699d05efb0ab1fd78193b966a
755a7942400c30c2fbbc147a926e83077a59583833668624ae601ad07fb5a0aa
75645144f05dcb5977f2a3602772fab3b0d9075e9974862091240e07f8000e0c
7a25b19e0012c8615b187a14425ea7f5d9f8ce511eeb09dc142107070c229c33
803c135a854c7a453cbe68db711fa3d0da1a2e5f03309a2924e7961eb4e5d7fd
80f74b44294731077547d7c226a9b10d8f0a603e1460f614a366d0e6c41edaf1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
881d32fa9a7a522cf04bca7b887d50ebcc3df1c25b3174c32a1dde977672ebd3
89e0cf4229c9ade26514c430c7593518b014d4acfb5cd7a911dabae8fce8714d
900ce9b459fd7986b9da3e314a1870337b50655bbaa3126feea0d7e176653555
9ed0952b840690a05203435acd4a5a22329242770b45528295979ca6957d44ac
9f8621c49661c47bf26c3b70d03c2614015e69b299cbc2054b3e027b5d38d666
a67f8495ae286803fcd8b427de9523b65c50882275b9f42b22433ca4e1ef1437
ad387b79ea8bc304cf19066d3f110edb499c8df005e4ea8719e97506b51d8215
b02eb6a63bca577aa26a3d54c450cd179dab7b63e08cb8830411bca8f853c002
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b71c788348af78e4a2eabb9864d4e80d3cfdf8e7aff0c3cea875145ef4ade15f
b9e93a97009b5b8f7903ead412112f8b017623ed46dcc450146f55aebf4c77f1
bbee24cb8cf3f1cdc8bf2251c22ce5d1a696f17b7370d0003a1ca47c94d82291
c1363653f26900ff9089b26f91b0c1c306d3b7f87659054154be44d3c449cce7
c363d12afd25ffd6a598a6ce9bf74fdf1630928e6044d519ba1b15282a46536d
c58c453426426b54d3ed9959f950605ef8d8d1277a05a65b8fdc8073318c5cfc
cbcc37c25df7534634d5dd518a1e2f155eb7be187adf796e8581b0734c9d6383
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d20524001f4174d2798111037444406eab8925ead541555a9217cef09fd20c08
d64cf038b274152c918b98624553add7100c8de4da79cdf8fa60d5e52a745b46
d67d7be0bcac42a7de79673d46f5385d59539cdc943a05f0cd330d450bf99402
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc3ed655bee38c0e1dcb22e5f24e2fb59c250b38698335eae72d8dc2c8517aa4
e377a04d1812c31a0e8440aae18fdfea611dfefb1ac1572c6ae5098137a587ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9dd6711ad54457a59af94f2f312f9f114ba7b1b600e28abbb27eb11061ea8b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f63c4bf267fbc54ab07ef68e8f17e035048291173cc29c7ed59536e75b64da72