www.jgwentworth.com Open in urlscan Pro
44.194.8.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link#qs=r-acikakjcbefhkfafgeeeeha...
Effective URL:
https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
Submission: On December 12 via manual (December 12th 2022, 11:35:07 pm UTC) from US — Scanned from US

Summary HTTP 123 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 44 IPs in 2 countries across 40 domains to perform 123 HTTP transactions. The main IP is 44.194.8.113, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.jgwentworth.com. The Cisco Umbrella rank of the primary domain is 286014.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 10th 2022. Valid for: a year.

This is the only time www.jgwentworth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	2606:4700:130... 2606:4700:130:436c:6f75:6466:6c61:7265	() ()
1	2606:4700:303... 2606:4700:3035::ac43:c919	() ()
2	23.250.10.250 23.250.10.250	55286 (SERVER-MANIA) (SERVER-MANIA)
3	2607:f8b0:400... 2607:f8b0:4006:822::2008	() ()
1	18.161.34.61 18.161.34.61	16509 (AMAZON-02) (AMAZON-02)
2	34.227.3.1 34.227.3.1	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:1e97	() ()
14 24	35.169.82.82 35.169.82.82	14618 (AMAZON-AES) (AMAZON-AES)
5 8	54.81.213.220 54.81.213.220	14618 (AMAZON-AES) (AMAZON-AES)
4 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	15.235.42.102 15.235.42.102	16276 (OVH) (OVH)
1 1	34.160.246.90 34.160.246.90	15169 (GOOGLE) (GOOGLE)
25	44.194.8.113 44.194.8.113	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:824::200e	() ()
2	2607:f8b0:400... 2607:f8b0:4006:817::200a	() ()
4	2606:4700::68... 2606:4700::6810:5514	() ()
1	13.225.214.12 13.225.214.12	16509 (AMAZON-02) (AMAZON-02)
1	108.138.106.126 108.138.106.126	16509 (AMAZON-02) (AMAZON-02)
2	13.225.223.151 13.225.223.151	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:820::2003	() ()
2	208.89.12.153 208.89.12.153	11054 (LIVEPERSON) (LIVEPERSON)
2	2606:4700::68... 2606:4700::6811:925b	() ()
3	104.238.215.8 104.238.215.8	36007 (KAMATERA) (KAMATERA)
1	18.164.96.77 18.164.96.77	() ()
1	108.138.128.99 108.138.128.99	() ()
1	54.218.207.27 54.218.207.27	() ()
3	2620:1ec:c11:... 2620:1ec:c11::200	() ()
3	2001:4860:480... 2001:4860:4802:34::178	() ()
2	2600:1400:900... 2600:1400:9000:297::1931	() ()
2	2607:f8b0:400... 2607:f8b0:4006:81d::2002	() ()
2	151.101.65.44 151.101.65.44	() ()
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	() ()
3	2620:1ec:40::40 2620:1ec:40::40	() ()
6	184.51.148.162 184.51.148.162	() ()
2 2	205.139.111.117 205.139.111.117	() ()
1	2001:4998:14:... 2001:4998:14:800::1000	() ()
2	3.15.122.113 3.15.122.113	() ()
2	13.33.60.79 13.33.60.79	() ()
1	2606:4700:440... 2606:4700:4400::ac40:9197	() ()
2	208.89.12.91 208.89.12.91	() ()
4	199.187.116.90 199.187.116.90	() ()
1	99.80.127.52 99.80.127.52	() ()
1	18.164.96.95 18.164.96.95	() ()
2	2607:f8b0:400... 2607:f8b0:4006:823::2004	() ()
1	138.128.247.123 138.128.247.123	() ()
1	2607:f8b0:400... 2607:f8b0:4006:80f::200e	() ()
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	() ()
123	44

3 2606:4700:130:436c:6f75:6466:6c61:7265 (United States) 2 redirects

ASN- ()

eu-west-1.vallegrana.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bestlifevision.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:c919 (United States)

ASN- ()

s3.uhuzhu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.250.10.250 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)
PTR: mailer.openrigs.com

priorfresh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2008 (Nutley, United States)

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.161.34.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-34-61.bos50.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.227.3.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-3-1.compute-1.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e97 (United States)

ASN- ()

signals.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 35.169.82.82 (Ashburn, United States) 14 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-82-82.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.81.213.220 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-213-220.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.42.102 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-001.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.246.90 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 90.246.160.34.bc.googleusercontent.com

www.jdhwunw29d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 44.194.8.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-8-113.compute-1.amazonaws.com

www.jgwentworth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::200e (Nutley, United States)

ASN- ()

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200a (Nutley, United States)

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5514 (United States)

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-12.ewr50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.223.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-151.jfk51.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2003 (Nutley, United States)

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.153 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lptag.liveperson.net

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN- ()

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.238.215.8 (New York, United States)

ASN36007 (KAMATERA, US)
PTR: mail.shweeng.com

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.77 (None, )

ASN- ()

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.99 (None, )

ASN- ()

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.218.207.27 (None, )

ASN- ()

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (None, )

ASN- ()

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:9000:297::1931 (None, )

ASN- ()

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (None, )

ASN- ()

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:40::40 (None, )

ASN- ()

lwjs.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.51.148.162 (None, )

ASN- ()

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.139.111.117 (None, ) 2 redirects

ASN- ()

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1000 (None, )

ASN- ()

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.15.122.113 (None, )

ASN- ()

collector-26362.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.60.79 (None, )

ASN- ()

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9197 (None, )

ASN- ()

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.91 (None, )

ASN- ()

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.187.116.90 (None, )

ASN- ()

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.127.52 (None, )

ASN- ()

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.95 (None, )

ASN- ()

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.128.247.123 (None, )

ASN- ()

web1.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200e (None, )

ASN- ()

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9a (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	jgwentworth.com www.jgwentworth.com — Cisco Umbrella Rank: 286014	369 KB
25	traversedlp.com 14 redirects static.traversedlp.com — Cisco Umbrella Rank: 26091 api.traversedlp.com — Cisco Umbrella Rank: 6659	14 KB
8	mediawallahscript.com 5 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 1772	6 KB
6	lpsnmedia.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net	85 KB
6	tiktok.com analytics.tiktok.com	133 KB
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	3 KB
4	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3673 cdn.acsbapp.com web1.acsbapp.com	167 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 652 script.hotjar.com vars.hotjar.com in.hotjar.com	73 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 396	16 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 323	2 KB
3	google.com www.google.com analytics.google.com	1006 B
3	azureedge.net lwjs.azureedge.net	3 KB
3	google-analytics.com www.google-analytics.com	21 KB
3	bing.com bat.bing.com	12 KB
3	gstatic.com fonts.gstatic.com	24 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	221 KB
2	invocacdn.com solutions.invocacdn.com	42 KB
2	tvsquared.com collector-26362.us.tvsquared.com	9 KB
2	mimecast.com 2 redirects protect-us.mimecast.com	3 KB
2	facebook.net connect.facebook.net	112 KB
2	taboola.com cdn.taboola.com trc.taboola.com	20 KB
2	pinimg.com s.pinimg.com	22 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 7813 prism.app-us1.com	6 KB
2	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3496	113 KB
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 1396	28 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
2	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 903	84 KB
2	anura.io script.anura.io — Cisco Umbrella Rank: 63292	19 KB
2	priorfresh.com priorfresh.com	7 KB
2	vallegrana.com 1 redirects eu-west-1.vallegrana.com — Cisco Umbrella Rank: 769490	992 B
1	hotjar.io vc.hotjar.io	259 B
1	trackcmp.net trackcmp.net	289 B
1	yimg.com s.yimg.com	6 KB
1	segment.io api.segment.io	177 B
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5144	6 KB
1	jdhwunw29d.com 1 redirects www.jdhwunw29d.com	457 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 2196	411 B
1	aimtell.com signals.aimtell.com — Cisco Umbrella Rank: 4248	260 B
1	bestlifevision.com 1 redirects bestlifevision.com	827 B
1	uhuzhu.com s3.uhuzhu.com — Cisco Umbrella Rank: 716217	810 B
123	40

	Domain	Requested by
25	www.jgwentworth.com	priorfresh.com www.jgwentworth.com
24	api.traversedlp.com	14 redirects static.traversedlp.com priorfresh.com
8	partner.mediawallahscript.com	5 redirects priorfresh.com
6	analytics.tiktok.com	eu-west-1.vallegrana.com analytics.tiktok.com
4	lpcdn.lpsnmedia.net	lptag.liveperson.net
4	cdn.jsdelivr.net	www.jgwentworth.com
4	match.adsrvr.org	4 redirects
3	lwjs.azureedge.net	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.jgwentworth.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.jgwentworth.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	priorfresh.com www.jgwentworth.com www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google.com	www.jgwentworth.com
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	solutions.invocacdn.com	eu-west-1.vallegrana.com solutions.invocacdn.com
2	collector-26362.us.tvsquared.com	eu-west-1.vallegrana.com www.jgwentworth.com
2	protect-us.mimecast.com	2 redirects
2	connect.facebook.net	eu-west-1.vallegrana.com connect.facebook.net
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	cdn.acsbapp.com	acsbapp.com
2	lptag.liveperson.net	www.jgwentworth.com
2	cdn.segment.com	www.jgwentworth.com cdn.segment.com
2	fonts.googleapis.com	www.jgwentworth.com
2	www.googleoptimize.com	www.jgwentworth.com www.googletagmanager.com
2	script.anura.io	eu-west-1.vallegrana.com script.anura.io
2	priorfresh.com	s3.uhuzhu.com priorfresh.com
2	eu-west-1.vallegrana.com	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	trc.taboola.com	cdn.taboola.com
1	web1.acsbapp.com	www.jgwentworth.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	s.yimg.com	www.jgwentworth.com protect-us.mimecast.com
1	cdn.taboola.com	www.googletagmanager.com cdn.taboola.com
1	api.segment.io	cdn.segment.com
1	vars.hotjar.com	static.hotjar.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	script.hotjar.com	static.hotjar.com
1	acsbapp.com	www.jgwentworth.com
1	diffuser-cdn.app-us1.com	www.jgwentworth.com
1	static.hotjar.com	www.jgwentworth.com
1	widget.trustpilot.com	www.jgwentworth.com
1	www.jdhwunw29d.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	signals.aimtell.com	priorfresh.com
1	static.traversedlp.com	www.googletagmanager.com
1	bestlifevision.com	1 redirects
1	s3.uhuzhu.com	eu-west-1.vallegrana.com
123	51

This site contains links to these domains. Also see Links.

Domain
americanfaircreditcouncil.org
www.bbb.org
www.uschamber.com
www.iapda.org
www.facebook.com
twitter.com
www.youtube.com
www.pinterest.com

Subject Issuer	Validity	Valid
*.vallegrana.com GTS CA 1P5	`2022-12-06` - `2023-03-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.traversedlp.com Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
script.anura.io Amazon	`2022-05-24` - `2023-06-22`	a year	crt.sh
aimtell.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-08`	a year	crt.sh
www.jgwentworth.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-10` - `2023-11-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.trustpilot.com Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
app-us1.com Cloudflare Inc ECC CA-3	`2022-12-07` - `2023-12-06`	a year	crt.sh
*.acsbapp.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-28` - `2023-10-05`	a year	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-21` - `2022-12-20`	3 months	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2022-10-29` - `2023-10-24`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.us.tvsquared.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
invocacdn.com Amazon	`2022-10-24` - `2023-11-22`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2022-02-07` - `2023-02-07`	a year	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
Frame ID: 5CC60353807B03B3F534AB3DC5E5675B
Requests: 111 HTTP requests in this frame

Frame: https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=bb046147-3fe0-46fe-acea-ffc56b20e5bb&tag_format=img&tag_action=sync&cb=
Frame ID: EF5B1442D4718D253A82AF99E1480ADC
Requests: 10 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 6D634CD31781DBA0B1435476D5F7DD18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JG Wentworth Partner Debt Solutions | JG Wentworth

Page URL History Show full URLs

https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link Page URL
https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link______qs=... HTTP 301
http://s3.uhuzhu.com/Files/0c41d70/i1y78-link.html Page URL
http://bestlifevision.com/qs=r-acikakjcbefhkfafgeeeehaccikbfhfafgcidafgcidafgcidabahcadfdaccakbhacchea... HTTP 302
http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBj... Page URL
https://www.jdhwunw29d.com/LR9KH/2CTPL/?source_id=204069&sub1=291c55dd51063fbe2d415927a9683105&sub2=451... HTTP 302
https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

123
Requests

84 %
HTTPS

43 %
IPv6

40
Domains

51
Subdomains

44
IPs

2
Countries

1619 kB
Transfer

5309 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://americanfaircreditcouncil.org/

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/pa/chesterbrook/profile/financial-services/jg-wentworth-0241-80004991

Search URL Search Domain Scan URL

URL: https://www.uschamber.com/

Search URL Search Domain Scan URL

URL: https://www.iapda.org/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/jgwentworth

Search URL Search Domain Scan URL

URL: https://twitter.com/jgwentworth

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/jgwentworth

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/jgwentworth/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link Page URL
https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link______qs=r-acikakjcbefhkfafgeeeehaccikbfhfafgcidafgcidafgcidabahcadfdaccakbhaccheahffibacb______ HTTP 301
http://s3.uhuzhu.com/Files/0c41d70/i1y78-link.html Page URL
http://bestlifevision.com/qs=r-acikakjcbefhkfafgeeeehaccikbfhfafgcidafgcidafgcidabahcadfdaccakbhaccheahffibacb HTTP 302
http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61 Page URL
https://www.jdhwunw29d.com/LR9KH/2CTPL/?source_id=204069&sub1=291c55dd51063fbe2d415927a9683105&sub2=45172_11790464_11_1163_61&sub3=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sub4=61 HTTP 302
https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link______qs=r-acikakjcbefhkfafgeeeehaccikbfhfafgcidafgcidafgcidabahcadfdaccakbhaccheahffibacb______ HTTP 301
http://s3.uhuzhu.com/Files/0c41d70/i1y78-link.html

Request Chain 2

http://bestlifevision.com/qs=r-acikakjcbefhkfafgeeeehaccikbfhfafgcidafgcidafgcidabahcadfdaccakbhaccheahffibacb HTTP 302
http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61

Request Chain 11

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower= HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=2dc5221b-6acf-4934-b16d-44a7d6fa89b0 HTTP 302
https://api.traversedlp.com/retargeting/v1/match/enqueue.gif?partnerId=7f2715a7-b8fd-48f4-9443-d095cbdcc02e&redirect=https%3A%2F%2Fapi.traversedlp.com%2Fv1%2F7f2715a7-b8fd-48f4-9443-d095cbdcc02e%2F0.gif%3FemailMd5Lower%3D%26ic%3D2dc5221b-6acf-4934-b16d-44a7d6fa89b0%26offset%3D1 HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=2dc5221b-6acf-4934-b16d-44a7d6fa89b0&offset=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1670888099635 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=bb046147-3fe0-46fe-acea-ffc56b20e5bb&tag_format=img&tag_action=sync&cb=

Request Chain 12

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower= HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1670888099448 HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1670888099448&final=true&reqid=97dabad0-7a75-11ed-a8ee-df2714aed1b6&timestamp=2022-12-12T23%3A34%3A59.583Z HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=bb046147-3fe0-46fe-acea-ffc56b20e5bb&tag_format=img&tag_action=sync&cb=

Request Chain 13

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=

Request Chain 14

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=

Request Chain 15

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=

Request Chain 16

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=

Request Chain 17

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=

Request Chain 18

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=

Request Chain 19

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=

Request Chain 20

https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=2dc5221b-6acf-4934-b16d-44a7d6fa89b0&tag_format=img&tag_action=sync&cb=1670888099354 HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=2dc5221b-6acf-4934-b16d-44a7d6fa89b0&tag_format=img&tag_action=sync&cb=1670888099354&final=true&reqid=97d16c00-7a75-11ed-acd3-e33140b46cf7&timestamp=2022-12-12T23%3A34%3A59.520Z HTTP 302
https://ws.rqtrk.eu/pushpull?dmp=e873dca0-85f0-4b95-bfab-a8d855ece660&pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=97da93c1-7a75-11ed-8e82-4fd4787fd522&cb=1670888099580&gdpr_consent=US_PRIVACY&rmn=y&redirect=https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=$BROWSER_ID&custom=&tag_format=img&tag_action=sync&cb=1670888099580&rmt=true HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=021e41d0-667b-4a6f-94fc-6e771e2faa2a&custom=&tag_format=img&tag_action=sync&cb=1670888099580&rmt=true

Request Chain 84

https://protect-us.mimecast.com/s/gBT0C73BWJuAWNw8cAxIof?domain=s.yimg.com HTTP 307
https://protect-us.mimecast.com/r/jakVjxaSMV4Q6mUpIL771_FnYUnx2eZ3cnglOUOVqLGGRHv9MhJSqnaECGMYkfeuPH7aTJvR9ma7_wUKtNmArUdo6i1zQe5fqYQ5j6iWA0lfL3hH7khJAysJU-vc8tk5DaiKF_DsgGk72fPTDN86KX33dhkZCFf_iO2naioTZn01GlrkS-ODknYR5jA4PE6Xz6ypkioVptBtRP3AmEVRDRC7Zgw4bIZ3bZEMjnkq_ms3Z3A-YviG6iTy1wkspTWuzTbWkR8ziyc5HQMHgNChY7YCYuNG39BG7BYUvVMYwSTcTE995Mv7sFAWhipzj1E7UuG48D8tlMa_2A-zmo4v9tDiQ55IsktHOhw2CqTDUNrlSnA105r-NatYtAErRk1j7sVRNt6AOZOOnk3gKFWxDoUQKYklu5cEPljrgv9l5mYW5dKzzHbMKvUAgkfWa9JshaaoGNmrCdOMFMAAH6iGfEX5QBuRT-aNlBVrP4Vwf5lQtC8-eRTaCJlA68IYmQ8jTNdlPpZi-xpt5nqC7X6vs6RdzJtQQs7NC2ohM5ZrPm_X87Ibec8Y1sQ7aiVKQGxfwk69AViqwLOId9aalMsOq7D97TDKg8s5wbKfr5BlrcSblqs3vE5gh9yEPQXilZtCJSTh31fcORB3gSstPbPWcg2LwHnYPD7BTHkHWvsFtUww8sNJV5obnJL_aqk4Aa83NE0dIpoAj6LhG1WgUNx4hmoHBl71bE9Xy3o4WrZ_m_6C8VChe8bdSaMTFP0Ym-hQYm55mqjyyiN0zA8vi0uxMg8Yl1c_iG5aEE87LaG2SeXLGouzs-CmhnyzpaPimpq9wsMMKdl01DyenuN-nbmXjGCg_sEi7Ih_62HqUaJJi_4FY33VQqAubtE-oz2BNkIZ-swneWd7_V1P8mtX6hjRR3jxK4HGE310qblynj0pG1871mfzLnpgTTn8kBshR5ZJDeTGD1i0ONAC79Mf-1ze_mTywmRTYy7logHeDH4jMa25NWgxkdeVjRcjgICmSjKGJTNP6BZfYJRIcy99V7AH8RLAIAlTwDRFrezrfFFR8OCIZbIIcRK8C-UeA7hp3zcnDQPcAIX9-7oTNV-nclQcmBQhYl6uwvBygoQxXzGc6QgilVcIiG46KgnN740bWyMfUe8CB3YbxDuJZogq7B1HIoYUAczjXtLGVB3kP4Onfrvcmo__LpZeibSVQ0Udbqz_OsJLn6dPjKMw5ldqtmF3FNWa7CHO6yvvM9MLp61wkGClNrH_oZ_SNi0WBzjhM3nf8sZ0TlOYKX9QsY4u0EMIIcTuVDaa9XUTShc_e4tZGBe2Sz3Nj8JHEszMvun050F9y4yMjxfstxQKUbyWBdHNom3qpJxHRr6PkFcmvC2JRRDfjpZId2eodhhjpNgc0YOOViEvz-_Qooldbj2qW3xqDToAiA2GxYNZT73lGmebvYCkrWBMwxYJRUJCUf5AHscQeG6eInSf8JocH8Qthtp91yVhRIvhh3OWGAfzS1zU5tX9hEUuQorxUNS32-plu1vZGHfn1iMpDawF2Ge8lwWUjZ-_HslDnpTb8YE6yFPQc_bTomR4-bMh4vcfQxHICpOnmBToJsTrThwLozz2jScbV4zNFzu9tOCzsLulMl1PgrtxOFjQxgNvmFe0qVFYdhNT7HvZkWn_CcnF1oPkvn7NX1i4LNJdq_my5rEEJl2tB5g9Gdli3ZAXEyWTfPdsagYy0zsn6Mh-b1bpjEnqxFatPsmGC1szkBUzMaU31FDvhQWTBTfkhy4UtZOlpQXHyFWFF1LnLZdq9tCLEL5JsO1-VoAQlzPOttZqNgnEm-xDL8C-Czf6kd8s-4laoisk-WB8gw5aA260rr5DiOx4a6RgmKkK386Orpu0WHRaBD26lJQXYpoIK1EpUIOOWiwuxjRGArLuTH4t_1S2y9mF2_BJqwLl8wMa69Ej_yBi4EJvDx9JQ7DrcLCHvAj1bGJh-EHkMhyLYouNADsmDIfNPyvcMcCOiKcrT0uhQSatkizVJnX0lIbPE8g6rycBD-Eb7qvwESWaq-4_OHkrPv8O8sbAx7H3Qlk8WOava6Iz5eu3A8dHEKctFF7GUkE-f58rfjhSSx7WImk09i55e0ZhsouWygKfFHZAGPeknsIf3twMPszI5tyRninc140nE9wAOEg3pWip-AHYi2jx2Vp6Np1pXOLLp--scXD1hTaqYSynwkCJ2GYMa9g9L-vuSwlXrkvXKeODAbGpbSF9SWz8L1qEIg HTTP 307
https://s.yimg.com/wi/ytc.js

123 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link
eu-west-1.vallegrana.com/r/ 103 B
611 B 202ms
114ms Document
text/html 2606:4700:130:436c:6f75:6466:6c61:7265

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN (),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 778a460fb975c3f3-EWR
content-encoding: br
content-type: text/html
date: Mon, 12 Dec 2022 23:34:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzN%2BH0Y1H8BUoEd0ARIiuU6MD9iRvVxRaqraLnJzrvzWFXY3%2FmuTr3tCf0ieP3x9hvu0VAKteiI9IYhq6k0TwL%2BC1PfFMHIy6JJcFKbbLqPXgnb41ZCcf7mSLSu4dOEU46nF5QoXheuNlzJ3KSpl2M%2BsQHZbLU4%3D"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:9951401f-51d9-444e-aa01-47e8a300a6d3
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H/1.1

200
OK

i1y78-link.html
s3.uhuzhu.com/Files/0c41d70/
Redirect Chain

https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link______qs=r-acikakjcbefhkfafgeeeehaccikbfhfafgcidafgcidafgcidabahcadfdaccakbhaccheahffibacb______
http://s3.uhuzhu.com/Files/0c41d70/i1y78-link.html

108 B
810 B

312ms
277ms

Document
text/html

2606:4700:3035::ac43:c919

General

Check archive.org

Show headers Download Go to

Full URL: http://s3.uhuzhu.com/Files/0c41d70/i1y78-link.html
Requested by: Host: eu-west-1.vallegrana.com
URL: https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c919 , United States, ASN (),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash

Request headers

Referer: https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link#qs=r-acikakjcbefhkfafgeeeehaccikbfhfafgcidafgcidafgcidabahcadfdaccakbhaccheahffibacb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 778a46127fdac34d-EWR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 12 Dec 2022 23:34:57 GMT
Last-Modified: Mon, 12 Dec 2022 13:18:59 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IA5ibmsGGoiFHNuCFjZnhseO8XjaaQHKgg0kUSkVH1PhHyvrNEr7f6xpu%2BvPjoYhE9K5AZhHVLlKuJ6OwGlizFZKThnpAQbeidioaJYjljNJNTFJyEFp4V3oDE52tOla0il%2BT4NePPy8%2B822"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Accel-Version: 0.01
X-Powered-By: PleskLin

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 778a4610ebb7c3f3-EWR
content-length: 0
date: Mon, 12 Dec 2022 23:34:57 GMT
location: http://s3.uhuzhu.com/Files/0c41d70/i1y78-link.html#qs=r-acikakjcbefhkfafgeeeehaccikbfhfafgcidafgcidafgcidabahcadfdaccakbhaccheahffibacb
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28DWkoLQgFdsU3oi%2BHBInsIkzHezRonQHoEoLZsAR5qaqRlXThxgF085j%2B%2FGqbKgEru9ZF9XYboVBy%2FeYINqT8I1crVUnWsZusJ58jT%2FRW15%2BXr9oOWzNn%2F1dBTr%2FjhjtwxVCKmFRQ4ludLgLroWNeWwnScw858%3D"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:9951401f-51d9-444e-aa01-47e8a300a6d3
server: cloudflare
x-powered-by: ASP.NET

GET
H/1.1

200
OK

/ Show response
priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/
Redirect Chain

http://bestlifevision.com/qs=r-acikakjcbefhkfafgeeeehaccikbfhfafgcidafgcidafgcidabahcadfdaccakbhaccheahffibacb
http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61

7 KB
7 KB

408ms
306ms

Document
text/html

23.250.10.250
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Requested by: Host: s3.uhuzhu.com
URL: http://s3.uhuzhu.com/Files/0c41d70/i1y78-link.html
Protocol: HTTP/1.1
Server: 23.250.10.250 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS: mailer.openrigs.com
Software: nginx/1.22.0 / PHP/7.3.33
Resource Hash: 2806438b0118b3d348e7b2f6dcba960a85886f972e4cb14ff91427cfac4f34b5

Request headers

Referer: http://s3.uhuzhu.com/Files/0c41d70/i1y78-link.html#qs=r-acikakjcbefhkfafgeeeehaccikbfhfafgcidafgcidafgcidabahcadfdaccakbhaccheahffibacb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 04:12:00 GMT
Server: nginx/1.22.0
Transfer-Encoding: chunked
X-Powered-By: PHP/7.3.33

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 778a46151fb68c72-EWR
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Dec 2022 23:34:58 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY0QJxbIC8wMzOnfjPP%2Ft0jpGNRB4zELMYLLsUZhg2ZVSxiXLqZ6jaHCKZpbUyeIPcPRkF6yOpIxf5tWRTpqmmR1l8wJlZ3xEiKB6Z1H8kcuhHfuI5HH0IhmJ1O86X166krFYD8nkuIJzbGGDl5jojA%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
location: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
40 KB 90ms
37ms Script
application/javascript 2607:f8b0:4006:822::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N

Requested by

Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5898663ff48ff88caeb302ac3e2dfb7ea3e6b95ae88d4c3b1488cdfc724345e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:34:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40429
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 23:34:58 GMT

POST
H/1.1 200
OK fp.php Show response
priorfresh.com/ 0
201 B 213ms
213ms XHR
text/html 23.250.10.250
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://priorfresh.com/fp.php
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: HTTP/1.1
Server: 23.250.10.250 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS: mailer.openrigs.com
Software: nginx/1.22.0 / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 13 Dec 2022 04:12:00 GMT
Server: nginx/1.22.0
Connection: keep-alive
X-Powered-By: PHP/7.3.33
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 186ms
27ms Script
application/javascript 18.161.34.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.34.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-34-61.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: KLbodh6xIMdiUWAxenjc1ByBclqfTj74
Content-Encoding: gzip
Via: 1.1 93fc2e623ef816f1758325680d9e9002.cloudfront.net (CloudFront)
Date: Mon, 12 Dec 2022 23:19:52 GMT
Last-Modified: Wed, 01 Jun 2022 20:20:14 GMT
Server: AmazonS3
X-Amz-Cf-Pop: BOS50-P2
Age: 908
ETag: W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 0XNCQ09K8XhHflQryGcCCi7b1E6jjp1ePJtCFBCk1vL5F5P4-DhYpA==

GET
H2 200 request.js Show response
script.anura.io/ 52 KB
19 KB 230ms
78ms Script
application/javascript 34.227.3.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=56309078&source=204069&campaign=29580&exid=291c55dd51063fbe2d415927a9683105&501600009386

Requested by

Host: eu-west-1.vallegrana.com
URL: https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.227.3.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-227-3-1.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7b4f73ddb754ae3fcf12f5f9eb7920d8cccb844ee2743d7dfd276c3592b0d63d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 23:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 matches
signals.aimtell.com/ 43 B
260 B 144ms
51ms Image
image/gif 2606:4700::6812:1e97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signals.aimtell.com/matches?token=f5d7c95ea0af0ed4512d414529c2dffa
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e97 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:34:59 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 778a461b1f88d14f-BUF
access-control-allow-headers: Content-Type, *
content-length: 43

GET
H2 200 cookie Show response
api.traversedlp.com/retargeting/v1/ 117 B
821 B 101ms
29ms XHR
application/json 35.169.82.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-82-82.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 7bc9cc38d26c49fb418babef776023819924ad384663123a683540a4089f9175

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:34:59 GMT
server: nginx/1.20.0
etag: W/"75-Ts4Bc8ymNvtaQrReeBfdoA"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://priorfresh.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 117

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ Frame 0
0 86ms
31ms Preflight
text/html 35.169.82.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-82-82.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://priorfresh.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin: http://priorfresh.com
access-control-expose-headers
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
content-length: 228
content-type: text/html; charset=utf-8
date: Mon, 12 Dec 2022 23:34:59 GMT
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
server: nginx/1.20.0
vary: Accept-Encoding

POST
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ 0
322 B 51ms
35ms XHR
text/plain 35.169.82.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-82-82.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Referer: http://priorfresh.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: http://priorfresh.com
date: Mon, 12 Dec 2022 23:34:59 GMT
access-control-expose-headers
access-control-allow-credentials: true
server: nginx/1.20.0
vary: X-HTTP-Method-Override
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame EF5B
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=2dc5221b-6acf-4934-b16d-44a7d6fa89b0
https://api.traversedlp.com/retargeting/v1/match/enqueue.gif?partnerId=7f2715a7-b8fd-48f4-9443-d095cbdcc02e&redirect=https%3A%2F%2Fapi.traversedlp.com%2Fv1%2F7f2715a7-b8fd-48f4-9443-d095cbdcc02e%2F...
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=2dc5221b-6acf-4934-b16d-44a7d6fa89b0&offset=1
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1670888099635
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=bb046147-3fe0-46fe-acea-ffc56b20e5bb&tag_format=img&tag_action=sync&cb=

0
590 B

36ms
35ms

Image
text/plain

54.81.213.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=bb046147-3fe0-46fe-acea-ffc56b20e5bb&tag_format=img&tag_action=sync&cb=
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: HTTP/1.1
Server: 54.81.213.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-213-220.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Mon, 12 Dec 2022 23:34:59 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.16.1
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 23:34:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=bb046147-3fe0-46fe-acea-ffc56b20e5bb&tag_format=img&tag_action=sync&cb=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame EF5B
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower=
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1670888099448
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1670888099448&final=true&reqid=97dabad0-7a75-11ed-a8ee-df2714aed1b6&timestamp=2022-12-12T23...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=bb046147-3fe0-46fe-acea-ffc56b20e5bb&tag_format=img&tag_action=sync&cb=

0
590 B

29ms
28ms

Image
text/plain

54.81.213.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=bb046147-3fe0-46fe-acea-ffc56b20e5bb&tag_format=img&tag_action=sync&cb=
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: HTTP/1.1
Server: 54.81.213.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-213-220.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Mon, 12 Dec 2022 23:34:59 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.16.1
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 23:34:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=bb046147-3fe0-46fe-acea-ffc56b20e5bb&tag_format=img&tag_action=sync&cb=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H2

200

2.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EF5B
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=

35 B
464 B

46ms
45ms

Image
image/gif

35.169.82.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: H2
Server: 35.169.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-82-82.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 12 Dec 2022 23:34:59 GMT
server: nginx/1.20.0
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
date: Mon, 12 Dec 2022 23:34:59 GMT
content-type: text/plain; charset=UTF-8
server: nginx/1.20.0
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

3.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EF5B
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=

35 B
469 B

99ms
54ms

Image
image/gif

35.169.82.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: H2
Server: 35.169.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-82-82.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 12 Dec 2022 23:34:59 GMT
server: nginx/1.20.0
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
date: Mon, 12 Dec 2022 23:34:59 GMT
content-type: text/plain; charset=UTF-8
server: nginx/1.20.0
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

4.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EF5B
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=

35 B
466 B

93ms
48ms

Image
image/gif

35.169.82.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: H2
Server: 35.169.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-82-82.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 12 Dec 2022 23:34:59 GMT
server: nginx/1.20.0
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
date: Mon, 12 Dec 2022 23:34:59 GMT
content-type: text/plain; charset=UTF-8
server: nginx/1.20.0
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

5.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EF5B
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=

35 B
468 B

44ms
42ms

Image
image/gif

35.169.82.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: H2
Server: 35.169.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-82-82.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 12 Dec 2022 23:34:59 GMT
server: nginx/1.20.0
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
date: Mon, 12 Dec 2022 23:34:59 GMT
content-type: text/plain; charset=UTF-8
server: nginx/1.20.0
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

6.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EF5B
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=

35 B
466 B

52ms
49ms

Image
image/gif

35.169.82.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: H2
Server: 35.169.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-82-82.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 12 Dec 2022 23:34:59 GMT
server: nginx/1.20.0
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
date: Mon, 12 Dec 2022 23:34:59 GMT
content-type: text/plain; charset=UTF-8
server: nginx/1.20.0
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

7.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EF5B
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=

35 B
466 B

573ms
527ms

Image
image/gif

35.169.82.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: H2
Server: 35.169.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-82-82.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 12 Dec 2022 23:35:00 GMT
server: nginx/1.20.0
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
date: Mon, 12 Dec 2022 23:34:59 GMT
content-type: text/plain; charset=UTF-8
server: nginx/1.20.0
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

8.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EF5B
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=

35 B
465 B

96ms
51ms

Image
image/gif

35.169.82.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: H2
Server: 35.169.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-82-82.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 12 Dec 2022 23:34:59 GMT
server: nginx/1.20.0
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=
date: Mon, 12 Dec 2022 23:34:59 GMT
content-type: text/plain; charset=UTF-8
server: nginx/1.20.0
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame EF5B
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=2dc5221b-6acf-4934-b16d-44a7d6fa89b0&tag_format=img&tag_action=sync&cb=1670888099354
https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=2dc5221b-6acf-4934-b16d-44a7d6fa89b0&tag_format=img&tag_action=sync&cb=1670888099354&final=true&reqid=97d16c00-7a75-11ed-a...
https://ws.rqtrk.eu/pushpull?dmp=e873dca0-85f0-4b95-bfab-a8d855ece660&pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=97da93c1-7a75-11ed-8e82-4fd4787fd522&cb=167088809958...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=021e41d0-667b-4a6f-94fc-6e771e2faa2a&custom=&tag_format=img&tag_action=sync&cb=1670888099580&rmt=true

0
590 B

29ms
28ms

Image
text/plain

54.81.213.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=021e41d0-667b-4a6f-94fc-6e771e2faa2a&custom=&tag_format=img&tag_action=sync&cb=1670888099580&rmt=true
Requested by: Host: priorfresh.com
URL: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Protocol: HTTP/1.1
Server: 54.81.213.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-213-220.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://priorfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Mon, 12 Dec 2022 23:34:59 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.16.1
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 23:34:59 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=021e41d0-667b-4a6f-94fc-6e771e2faa2a&custom=&tag_format=img&tag_action=sync&cb=1670888099580&rmt=true
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-length: 0
expires: Mon, 12 Dec 2022 23:34:58 GMT

GET
H2

200

Primary Request ds-aff-lp-3 Show response
www.jgwentworth.com/
Redirect Chain

https://www.jdhwunw29d.com/LR9KH/2CTPL/?source_id=204069&sub1=291c55dd51063fbe2d415927a9683105&sub2=45172_11790464_11_1163_61&sub3=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT...
https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

83 KB
23 KB

952ms
825ms

Document
text/html

44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b08443225bf241211f166f99572bbd4a767876b9752f325255f5c3aadab47e56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: http: data: blob: wss:; frame-ancestors 'self'; report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://priorfresh.com/a4517f2aac6f41a851d2daace95acdabc/?sid1=45172_11790464_11_1163_61&sid2=xbPBjBIxVUmTBLZLlxPojLlRYgjVhmiAnAUqpqGjRbTAhHaaYVZxXYvsFHMjXeZBwT&sid3=61
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=2764800, public
content-encoding: gzip
content-language: en
content-length: 22788
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: http: data: blob: wss:; frame-ancestors 'self'; report-uri /report-csp-violation
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 23:35:00 GMT
etag: "1670888099-gzip"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Mon, 12 Dec 2022 23:34:59 GMT
permissions-policy: interest-cohort=()
server: nginx
strict-transport-security: max-age=31536000
vary: Cookie,Accept-Encoding,Host
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-9802216a-7a75-11ed-9ed1-df2a69a50426
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158
content-type: text/html; charset=utf-8
date: Mon, 12 Dec 2022 23:34:59 GMT
location: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 25a91fc7-4d2c-4d7f-be44-90631edbe1e0

POST
H2 200 response.json
script.anura.io/ 43 B
397 B 300ms
245ms XHR
application/json 34.227.3.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=56309078&source=204069&campaign=29580&exid=291c55dd51063fbe2d415927a9683105&501600009386

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.227.3.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-227-3-1.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://priorfresh.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 107 KB
42 KB 174ms
44ms Script
application/javascript 2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-K5PKT3G

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Nutley, United States, ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a13bdb246039777d465bb009b55de8d6c83c773da12a1b3e1b993b427a68cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42965
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 23:35:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 188ms
56ms Stylesheet
text/css 2607:f8b0:4006:817::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Nutley, United States, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

52d34d9fbcd0fbbc245cc05cf2e9704209ce3a7681f37bebeeca51cf7dc29346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 23:16:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Dec 2022 23:35:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
758 B 192ms
61ms Stylesheet
text/css 2607:f8b0:4006:817::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Nutley, United States, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 23:34:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Dec 2022 23:35:00 GMT

GET
H2 200 google_tag.script.js Show response
www.jgwentworth.com/sites/default/files/google_tag/jgwentworth_gtm_production/ 348 B
623 B 72ms
46ms Script
application/javascript 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/google_tag/jgwentworth_gtm_production/google_tag.script.js?rmn0g7

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

33d72e90e43c8ddc11cbb6e40e343c96388c174db8eac2dce756dedabc4f88c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 15411
date: Mon, 12 Dec 2022 23:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 276114
x-cache: HIT
x-ah-environment: prod
content-length: 280
x-request-id: v-b7eacc0a-77f2-11ed-864f-fb0e606f3adc
last-modified: Fri, 09 Dec 2022 18:52:56 GMT
server: nginx
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 23 Dec 2022 18:53:06 GMT

GET
H2 200 css_q18vFNz3vVs9u-ltuWmTYJRXMPWg_xdBVF0VIqCopSU.css
www.jgwentworth.com/sites/default/files/css/ 3 KB
1 KB 44ms
36ms Stylesheet
text/css 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/css/css_q18vFNz3vVs9u-ltuWmTYJRXMPWg_xdBVF0VIqCopSU.css

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ab5f2f14dcf7bd5b3dbbe96db9699360945730f5a0ff1741545d1522a0a8a525

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 75466
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896626
x-cache: HIT
x-ah-environment: prod
content-length: 1147
x-request-id: v-f96088f0-724d-11ed-a499-5ff778760d66
last-modified: Mon, 14 Nov 2022 21:03:14 GMT
server: nginx
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:14 GMT

GET
H2 200 jgwentworth-stylesheet.min.css
www.jgwentworth.com/sites/default/files/cohesion/styles/base/ 379 KB
29 KB 62ms
54ms Stylesheet
text/css 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/cohesion/styles/base/jgwentworth-stylesheet.min.css?rmn0g7

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a1589d7a1ae0c8623b8565d3a9cd603cb697a8448ba01c1f822773962d7c98d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 15534
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 276115
x-cache: HIT
x-ah-environment: prod
content-length: 29148
x-request-id: v-b6942bc6-77f2-11ed-b7d8-9fdf50591071
last-modified: Thu, 01 Dec 2022 02:09:27 GMT
server: nginx
vary: Accept-Encoding,Host
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 23 Dec 2022 18:53:04 GMT

GET
H2 200 css_aDYUHefBcnPIm4f_SP3fEEHQu7K90yEtN7hLZ9ur4Do.css
www.jgwentworth.com/sites/default/files/css/ 11 KB
3 KB 86ms
79ms Stylesheet
text/css 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/css/css_aDYUHefBcnPIm4f_SP3fEEHQu7K90yEtN7hLZ9ur4Do.css

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6836141de7c17273c89b87ff48fddf1041d0bbb2bdd3212d37b84b67dbabe03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 34817
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896597
x-cache: HIT
x-ah-environment: prod
content-length: 2678
x-request-id: v-0ac782ce-724e-11ed-bcaa-ab48e21afa06
last-modified: Mon, 14 Nov 2022 21:03:18 GMT
server: nginx
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:43 GMT

GET
H2 200 rangeslider.css
cdn.jsdelivr.net/npm/rangeslider.js@2.3.2/dist/ 5 KB
2 KB 178ms
48ms Stylesheet
text/css 2606:4700::6810:5514

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/rangeslider.js@2.3.2/dist/rangeslider.css

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8c9029a03bdacdbeac4466dcde013ec1d100134704d07d40837935a8269d6bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 430600
x-jsd-version: 2.3.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19142-FRA, cache-yyz4557-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13ea-2D9TIwpJ8wWmM4QtN3HzaQ0T4SQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrxfGlBQcCSwmI69wev7ES9LrjgTJPduN7fmqkZXFzxb8p0dwDga70cSAcX38lUJbPISZNPSnVTTw2S8QLZl9%2BlECDylFWq4zPNyGOjIoBsqYzPnt2rmzSwmmnTvhiqtaoTwM624dcexPTL8lRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 778a46262981d15b-BUF

GET
H2 200 css_EPatqqiFArL-VH-T2D2VLNV1bydF4piQjuEFnZha_1k.css
www.jgwentworth.com/sites/default/files/css/ 29 B
381 B 120ms
115ms Stylesheet
text/css 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/css/css_EPatqqiFArL-VH-T2D2VLNV1bydF4piQjuEFnZha_1k.css

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

10f6adaaa88502b2fe547f93d83d952cd5756f2745e298908ee1059d985aff59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 34748
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896597
x-cache: HIT
x-ah-environment: prod
content-length: 49
x-request-id: v-0ac789b8-724e-11ed-b88c-a7b229a9ebc4
last-modified: Thu, 01 Dec 2022 02:06:20 GMT
server: nginx
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:43 GMT

GET
H2 200 progress-tracker.css
cdn.jsdelivr.net/gh/NigelOToole/progress-tracker@v2.0.7/src/styles/ 12 KB
2 KB 199ms
72ms Stylesheet
text/css 2606:4700::6810:5514

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/NigelOToole/progress-tracker@v2.0.7/src/styles/progress-tracker.css

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

9299053979930dcb09f484ed0dc43bd94c291ad72f0a73486e305a399625271b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 1956
content-encoding: br
x-jsd-version: 2.0.7
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19132-FRA, cache-yyz4554-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2ecd-Uh7HxEU0CDmPfIhIBtC69AanP6Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55E7r2ii2EFFW02MG9bVF2Jq40hXyAIHGnnQtFv%2FZSn%2BWhhCvn%2FW0iuLIYuokYaBxF%2BYoMLCuRwx5DDRyz3C2%2FbNawVAFtWBp50YMhJIu%2FYcHXVNsW3v2k9hy7ugPO1dgck9Ov%2FH9ppSj%2BbzkOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 778a46262982d15b-BUF

GET
H2 200 css_ZOyVfQYUa2qYCRYcrJYpy_LLV7MJCDuL7o4btGAYc14.css
www.jgwentworth.com/sites/default/files/css/ 2 KB
733 B 94ms
90ms Stylesheet
text/css 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/css/css_ZOyVfQYUa2qYCRYcrJYpy_LLV7MJCDuL7o4btGAYc14.css

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

64ec957d06146b6a9809161cac9629cbf2cb57b309083b8bee8e1bb46018735e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 34988
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896597
x-cache: HIT
x-ah-environment: prod
content-length: 399
x-request-id: v-0ac7fb14-724e-11ed-8da3-e3b1f888d9db
last-modified: Mon, 14 Nov 2022 21:03:18 GMT
server: nginx
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:43 GMT

GET
H2 200 jgwentworth-stylesheet.min.css
www.jgwentworth.com/sites/default/files/cohesion/styles/theme/ 240 KB
22 KB 86ms
83ms Stylesheet
text/css 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/cohesion/styles/theme/jgwentworth-stylesheet.min.css?rmn0g7

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

12eee1296c34bcf1ccf655329d26aaf93efc6dc43dfff3feb92d2d7d9a47948b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 15552
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 276115
x-cache: HIT
x-ah-environment: prod
content-length: 22016
x-request-id: v-b694353a-77f2-11ed-abc8-8b5d5bb82fed
last-modified: Thu, 01 Dec 2022 02:09:27 GMT
server: nginx
vary: Accept-Encoding,Host
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 23 Dec 2022 18:53:04 GMT

GET
H2 200 css_r-KDbJK_rkhY5y2y_ATc7c5ljQC3IE0qwNEIQ5ppTpg.css
www.jgwentworth.com/sites/default/files/css/ 424 B
567 B 84ms
81ms Stylesheet
text/css 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/css/css_r-KDbJK_rkhY5y2y_ATc7c5ljQC3IE0qwNEIQ5ppTpg.css

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

afe2836c92bfae4858e72db2fc04dcedce658d00b7204d2ac0d108439a694e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 43308
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896597
x-cache: HIT
x-ah-environment: prod
content-length: 234
x-request-id: v-0ac7b51e-724e-11ed-a81e-5f6af5c8ce81
last-modified: Mon, 14 Nov 2022 21:03:18 GMT
server: nginx
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:43 GMT

GET
H2 200 css_x4C0afR-mBnuicH6JS71v5dP_YIq7zsrYK4zxhO5MHA.css
www.jgwentworth.com/sites/default/files/css/ 86 KB
13 KB 88ms
85ms Stylesheet
text/css 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/css/css_x4C0afR-mBnuicH6JS71v5dP_YIq7zsrYK4zxhO5MHA.css

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c780b469f47e9819ee89c1fa252ef5bf974ffd822aef3b2b60ae33c613b93070

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 75850
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896631
x-cache: HIT
x-ah-environment: prod
content-length: 12800
x-request-id: v-f6a8c65e-724d-11ed-8dc4-13f8414feaa3
last-modified: Thu, 01 Dec 2022 02:06:20 GMT
server: nginx
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:09 GMT

GET
H2 200 modernizr.min.js Show response
www.jgwentworth.com/core/assets/vendor/modernizr/ 7 KB
3 KB 89ms
87ms Script
application/javascript 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/core/assets/vendor/modernizr/modernizr.min.js?v=3.11.7

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 43028
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896597
x-cache: HIT
x-ah-environment: prod
content-length: 3090
x-request-id: v-0ac7bd0c-724e-11ed-aaf8-bb8a567ee6aa
last-modified: Thu, 01 Dec 2022 02:04:11 GMT
server: nginx
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:43 GMT

GET
H2 200 modernizr-additional-tests.js Show response
www.jgwentworth.com/core/misc/ 2 KB
1 KB 90ms
88ms Script
application/javascript 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/core/misc/modernizr-additional-tests.js?v=3.11.7

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ddbd99a98baa51ec26f0c36d7a048d0ebb99777a15507fab1b0a0f0b12c452e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 42993
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896597
x-cache: HIT
x-ah-environment: prod
content-length: 972
x-request-id: v-0ac7886e-724e-11ed-a663-8b32d9beadc0
last-modified: Thu, 01 Dec 2022 02:04:11 GMT
server: nginx
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:43 GMT

GET
H2 200 js_UfxF3WzY-XxfYAOtLXsBq5p8tE6u2gvltFxwDFh_N6o.js Show response
www.jgwentworth.com/sites/default/files/js/ 2 KB
1 KB 92ms
89ms Script
text/javascript 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/js/js_UfxF3WzY-XxfYAOtLXsBq5p8tE6u2gvltFxwDFh_N6o.js

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

51fc45dd6cd8f97c5f6003ad2d7b01ab9a7cb44eaeda0be5b45c700c587f37aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 75191
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896626
x-cache: HIT
x-ah-environment: prod
content-length: 816
x-request-id: v-f9609cdc-724d-11ed-9b5d-8b6e1b70162e
last-modified: Mon, 14 Nov 2022 21:03:14 GMT
server: nginx
vary: Host,Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:14 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 284ms
89ms Script
application/x-javascript 13.225.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-12.ewr50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 22:58:31 GMT
via: 1.1 ebeca2ec07c54274f6b9125c7b82aecc.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 2191
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6124
x-xss-protection: 1; mode=block
last-modified: Mon, 30 May 2022 14:38:02 GMT
server: AmazonS3
etag: "5add60196e5f96a414fb4b9586764e5d"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: HWWFfWlrbhqL7E4HV9OE4p0jjhUn1-svxIG7TYRVtnpveiKo3TFLOA==

GET
H2 200 JGW%20logo%20header.svg
www.jgwentworth.com/sites/default/files/2021-10/ 17 KB
17 KB 55ms
25ms Image
image/svg+xml 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jgwentworth.com/sites/default/files/2021-10/JGW%20logo%20header.svg

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9ddfb7636bacafe2727d03117bab13724cffb3fd73c7e8ec02ea27ed2740f8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 74437
date: Mon, 12 Dec 2022 23:35:01 GMT
via: varnish
x-content-type-options: nosniff
age: 896626
x-cache: HIT
x-ah-environment: prod
content-length: 17051
x-request-id: v-f972128c-724d-11ed-abc0-032ec910c83b
last-modified: Fri, 29 Oct 2021 22:58:00 GMT
server: nginx
vary: Host
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:14 GMT

GET
H2 200 afcc-accredited.png.webp
www.jgwentworth.com/sites/default/files/styles/coh_x_small/public/2021-11/ 5 KB
5 KB 69ms
39ms Image
image/png 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jgwentworth.com/sites/default/files/styles/coh_x_small/public/2021-11/afcc-accredited.png.webp?itok=LOjizzKI

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

53d8b24567a3264f7c5bf19d6bf59fde8431b1e056afb437c11ee5aa72e017e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 41597
date: Mon, 12 Dec 2022 23:35:01 GMT
via: varnish
x-content-type-options: nosniff
age: 896619
x-cache: HIT
x-ah-environment: prod
content-length: 5004
x-request-id: v-fddd5458-724d-11ed-b48c-bf65951c0f5e
last-modified: Tue, 18 Jan 2022 18:34:51 GMT
server: nginx
vary: Host
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:21 GMT

GET
H2 200 bbb-accredited.png.webp
www.jgwentworth.com/sites/default/files/styles/coh_x_small/public/2021-11/ 2 KB
2 KB 102ms
72ms Image
image/png 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jgwentworth.com/sites/default/files/styles/coh_x_small/public/2021-11/bbb-accredited.png.webp?itok=ef8jTvqu

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

435f0bd44d193c9a6aed52ccbf1cd24b7a4b77b0a36e1436bf07ad5bdbb3e134

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 42325
date: Mon, 12 Dec 2022 23:35:01 GMT
via: varnish
x-content-type-options: nosniff
age: 896619
x-cache: HIT
x-ah-environment: prod
content-length: 1764
x-request-id: v-fddd57d2-724d-11ed-96b8-b3ced79f4bba
last-modified: Tue, 18 Jan 2022 17:46:40 GMT
server: nginx
vary: Host
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:21 GMT

GET
H2 200 us-chamber.png.webp
www.jgwentworth.com/sites/default/files/styles/coh_x_small/public/2021-11/ 3 KB
3 KB 72ms
44ms Image
image/png 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jgwentworth.com/sites/default/files/styles/coh_x_small/public/2021-11/us-chamber.png.webp?itok=KBFW616b

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

db07ffce83da81ffdab004f3fe8b0fb5bbe02d3a18e2ea84f14af220b680015a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 38827
date: Mon, 12 Dec 2022 23:35:01 GMT
via: varnish
x-content-type-options: nosniff
age: 896619
x-cache: HIT
x-ah-environment: prod
content-length: 2954
x-request-id: v-fddd7ce4-724d-11ed-bdd2-ef2487e514f8
last-modified: Tue, 18 Jan 2022 17:46:43 GMT
server: nginx
vary: Host
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:21 GMT

GET
H2 200 iapda.png.webp
www.jgwentworth.com/sites/default/files/styles/coh_x_small/public/2021-11/ 7 KB
8 KB 74ms
45ms Image
image/png 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jgwentworth.com/sites/default/files/styles/coh_x_small/public/2021-11/iapda.png.webp?itok=1Pe-WjZn

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a8eeb2dd37e823731904718dc8837862c8d7f3195efc4e8e71f7f1ae2ee5136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 28725
date: Mon, 12 Dec 2022 23:35:01 GMT
via: varnish
x-content-type-options: nosniff
age: 896530
x-cache: HIT
x-ah-environment: prod
content-length: 7482
x-request-id: v-32e75a04-724e-11ed-ac6f-cfca61d24d32
last-modified: Tue, 18 Jan 2022 18:34:51 GMT
server: nginx
vary: Host
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:32:50 GMT

GET
H2 200 JGW%20logo%20white%20footer.svg
www.jgwentworth.com/sites/default/files/2021-10/ 12 KB
13 KB 64ms
37ms Image
image/svg+xml 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jgwentworth.com/sites/default/files/2021-10/JGW%20logo%20white%20footer.svg

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

09a4d30ab3e052491296793fdb71491f7d48c8e2768427ecd70f756f67ad7fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 59131
date: Mon, 12 Dec 2022 23:35:01 GMT
via: varnish
x-content-type-options: nosniff
age: 896615
x-cache: HIT
x-ah-environment: prod
content-length: 12687
x-request-id: v-0005f186-724e-11ed-8d96-57ea689db950
last-modified: Fri, 29 Oct 2021 22:58:31 GMT
server: nginx
vary: Host
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:25 GMT

GET
H2 200 js_xqZr1jYChpmfIPBFxNOF58SA_pBgDJsEEhHRue76xlw.js Show response
www.jgwentworth.com/sites/default/files/js/ 420 KB
117 KB 35ms
35ms Script
text/javascript 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/js/js_xqZr1jYChpmfIPBFxNOF58SA_pBgDJsEEhHRue76xlw.js

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c6a66bd6360286999f20f045c4d385e7c480fe90600c9b041211d1b9eefac65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 37647
date: Mon, 12 Dec 2022 23:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896597
x-cache: HIT
x-ah-environment: prod
content-length: 119739
x-request-id: v-0ac7d4cc-724e-11ed-b7db-8f36d56d0b78
last-modified: Wed, 16 Nov 2022 02:08:13 GMT
server: nginx
vary: Host,Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:43 GMT

GET
H3 200 jquery.validate.min.js Show response
cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/ 23 KB
8 KB 162ms
133ms Script
application/javascript 2606:4700::6810:5514

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/jquery.validate.min.js

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2705400
x-jsd-version: 1.17.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19154-FRA, cache-yyz4528-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"5add-anbkx9tHkFM1BYBGmqAQ/r/crNA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wg%2FLj%2FMlvK3R7E8NnHlEXbG9rtCh7Gf3CbPCPfs%2BwM0TIADbu1BpeD1RdVVU6d6DWI5%2BGJNlSDJIBfnSpaPAWkG0eu75onsQj1GJVF8OkEz21ljlfL52sLZKmId038kXpBwj%2FCp4Y66QoO2abwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 778a462738dad163-BUF

GET
H2 200 js_SoRsne5Tf1sdNkWbCGUr8F2-TfL_U_Lulo2INP79Qnc.js Show response
www.jgwentworth.com/sites/default/files/js/ 32 KB
10 KB 114ms
81ms Script
text/javascript 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/js/js_SoRsne5Tf1sdNkWbCGUr8F2-TfL_U_Lulo2INP79Qnc.js

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4a846c9dee537f5b1d36459b08652bf05dbe4df2ff53f2ee968d8834fefd4277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 34587
date: Mon, 12 Dec 2022 23:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896597
x-cache: HIT
x-ah-environment: prod
content-length: 10258
x-request-id: v-0ac7dc38-724e-11ed-9504-eb354968ddf0
last-modified: Wed, 16 Nov 2022 02:08:13 GMT
server: nginx
vary: Host,Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:43 GMT

GET
H3 200 rangeslider.min.js Show response
cdn.jsdelivr.net/npm/rangeslider.js@2.3.2/dist/ 8 KB
3 KB 147ms
119ms Script
application/javascript 2606:4700::6810:5514

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/rangeslider.js@2.3.2/dist/rangeslider.min.js

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

bc5844b469da436c41fb28c14d25f1b2cb6135c7dd6f3bbe9662d8842769d827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-jsd-version: 2.3.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA, cache-yyz4544-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1fd3-YMpPEDOhY3bi04aRWykrWCCu8Wc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wejrWl2W1aWg7%2Bjy9dYlDUxXOrdY7k1PH5GDJVOlBj%2ByoCzAcWKoYtzGWwZRSyl1YHJ6VhWViBOqir7t7GRbMmJ0QfoC%2FW0bHNnnW%2BDVyWZTjkZaCFKPZ%2FWojXggWju0AAvsrpOrkV7D7xMZoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 778a46280962d163-BUF

GET
H2 200 js_QRO_Y7FWNE9pL2zPNjw-XRAfQqoH_niN2uWccSQ0it8.js Show response
www.jgwentworth.com/sites/default/files/js/ 2 KB
1002 B 107ms
79ms Script
text/javascript 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/js/js_QRO_Y7FWNE9pL2zPNjw-XRAfQqoH_niN2uWccSQ0it8.js

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4113bf63b156344f692f6ccf363c3e5d101f42aa07fe788ddae59c7124348adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 34498
date: Mon, 12 Dec 2022 23:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 896597
x-cache: HIT
x-ah-environment: prod
content-length: 664
x-request-id: v-0ac7b0aa-724e-11ed-a611-bf4338f7c73b
last-modified: Thu, 01 Dec 2022 02:06:21 GMT
server: nginx
vary: Host,Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 16 Dec 2022 14:31:43 GMT

GET
H2 200 hotjar-2078737.js Show response
static.hotjar.com/c/ 7 KB
3 KB 282ms
101ms Script
application/javascript 108.138.106.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2078737.js?sv=6

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-126.jfk50.r.cloudfront.net

Software

Resource Hash

2057253c8b567db817ee5cfc9274317c9cd14c23e15c9d73326077ada9fe3ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 23:34:33 GMT
via: 1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 38
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/6a9d52b18b98a20c46b395a535adfca7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: li5-8EMS2X5FXMZTbksq7KbwzskYIbflyH1EmM6IGeygOi8pl1Zk5Q==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/qUWcaxQXVu4PCTqi2uQInzmbmHoVVadD/ 100 KB
27 KB 486ms
305ms Script
text/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/qUWcaxQXVu4PCTqi2uQInzmbmHoVVadD/analytics.min.js
Requested by: Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 255859e7478a65835731ac90cbd80ccc7db2615e52c3abd44f039ab2ca8eab75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: EVQK7WId85XYNsOVqxzj5JdAYvoANrr.
content-encoding: br
via: 1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
date: Mon, 12 Dec 2022 23:35:02 GMT
x-amz-cf-pop: JFK51-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sat, 10 Dec 2022 01:26:18 GMT
server: AmazonS3
etag: W/"cc3b3cf6a173e340993241a9a596057d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: mfJppD00KcF0RbE_R0uxIYh-l72sbSF11cbauXrh7MwhH_zsiMkB_w==

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 164ms
14ms Font
font/woff2 2607:f8b0:4006:820::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jgwentworth.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 17:54:57 GMT
x-content-type-options: nosniff
age: 452404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 17:54:57 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 214ms
33ms Script
application/javascript 208.89.12.153
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=22802941

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/sites/default/files/js/js_UfxF3WzY-XxfYAOtLXsBq5p8tE6u2gvltFxwDFh_N6o.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lptag.liveperson.net

Software

ws /

Resource Hash

145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 236ms
55ms Script
application/javascript 2606:4700::6811:925b

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:01 GMT
content-encoding: gzip
via: 1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
cf-cache-status: HIT
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
x-amz-cf-pop: EWR53-C3
x-amz-server-side-encryption: AES256
etag: W/"4d482a43613d3966f353ec9d97452e0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 778a46290f79d14f-BUF
x-amz-cf-id: MnBZt2yUHc6QO4V1GKBYeIw-toTdwBrO6bMg4ehL1VNGckgUfFlE6Q==

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 429 KB
140 KB 222ms
42ms Script
application/x-javascript 104.238.215.8
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.215.8 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS: mail.shweeng.com
Software: /
Resource Hash: 5d58f3bd30c7f50cdfd191bdf023d4122de5a8f7c10cbe2a8610ce9d5ff252ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:01 GMT
content-encoding: br
last-modified: Mon, 12 Dec 2022 13:33:34 GMT
etag: "6b48c-63972dae-bf31a9ea74e6f121;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 143255
expires: Tue, 13 Dec 2022 23:35:01 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 50ms
46ms Font
font/woff2 2607:f8b0:4006:820::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jgwentworth.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:09:30 GMT
x-content-type-options: nosniff
age: 577531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 07:09:30 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 58ms
57ms Font
font/woff2 2607:f8b0:4006:820::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jgwentworth.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:57:14 GMT
x-content-type-options: nosniff
age: 434267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 22:57:14 GMT

GET
H2 200 icomoon.woff2
www.jgwentworth.com/sites/default/files/cohesion/ 79 KB
80 KB 99ms
97ms Font
text/plain 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/sites/default/files/cohesion/icomoon.woff2

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/sites/default/files/cohesion/styles/base/jgwentworth-stylesheet.min.css?rmn0g7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6c23f91436031cb7cffc788646aaadf5b39710bc5753e5e24df35e67c634e8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jgwentworth.com/sites/default/files/cohesion/styles/base/jgwentworth-stylesheet.min.css?rmn0g7
Origin: https://www.jgwentworth.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires: Fri, 16 Dec 2022 14:31:14 GMT
date: Mon, 12 Dec 2022 23:35:01 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 18:16:56 GMT
server: nginx
age: 896626
vary: Host
x-cache: HIT
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 81344
x-request-id: v-f98fd7ea-724d-11ed-8b26-9357c3801ede
x-cache-hits: 70346

GET
H2 200 Locator-Bold.woff2
www.jgwentworth.com/themes/custom/jgwentworth/assets/ 13 KB
13 KB 90ms
89ms Font
text/plain 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/themes/custom/jgwentworth/assets/Locator-Bold.woff2

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/sites/default/files/css/css_x4C0afR-mBnuicH6JS71v5dP_YIq7zsrYK4zxhO5MHA.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

577a426fb57f374cce90717805661597ffab45c7ba7348509250bdb8ce1a11ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jgwentworth.com/sites/default/files/css/css_x4C0afR-mBnuicH6JS71v5dP_YIq7zsrYK4zxhO5MHA.css
Origin: https://www.jgwentworth.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires: Fri, 16 Dec 2022 14:31:14 GMT
date: Mon, 12 Dec 2022 23:35:01 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Thu, 01 Dec 2022 02:04:13 GMT
server: nginx
age: 896626
vary: Host
x-cache: HIT
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 13004
x-request-id: v-f98f9b18-724d-11ed-941d-8f35b17d3283
x-cache-hits: 70486

HEAD
H2 200 ds-aff-lp-3 Show response
www.jgwentworth.com/ 0
713 B 86ms
60ms XHR
text/html 44.194.8.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jgwentworth.com/ds-aff-lp-3

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/sites/default/files/js/js_xqZr1jYChpmfIPBFxNOF58SA_pBgDJsEEhHRue76xlw.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.8.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-8-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: http: data: blob: wss:; frame-ancestors 'self'; report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires: Sun, 19 Nov 1978 05:00:00 GMT
date: Mon, 12 Dec 2022 23:35:01 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: http: data: blob: wss:; frame-ancestors 'self'; report-uri /report-csp-violation
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
age: 896597
via: varnish
x-cache: HIT
x-drupal-dynamic-cache: MISS
x-ah-environment: prod
content-length: 15688
x-xss-protection: 1; mode=block
x-request-id: v-0af82988-724e-11ed-9e0f-a7a53b934963
x-ua-compatible: IE=edge
last-modified: Fri, 02 Dec 2022 14:30:56 GMT
server: nginx
etag: "1669991456-gzip"
x-frame-options: SAMEORIGIN
vary: Cookie,Accept-Encoding,Host
content-language: en
content-type: text/html; charset=UTF-8
x-generator: Drupal 9 (https://www.drupal.org)
cache-control: max-age=2764800, public
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-drupal-cache: HIT
x-cache-hits: 37530

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 323 KB
101 KB 172ms
96ms Script
application/javascript 2607:f8b0:4006:822::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/sites/default/files/google_tag/jgwentworth_gtm_production/google_tag.script.js?rmn0g7

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f77e6fc0cb121cbc481cbeb1a0dbbef12b21d4804993e606c1c4e2567c721ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103440
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 23:35:02 GMT

GET
H2 200 modules.bc0a4c72d88d266f15af.js Show response
script.hotjar.com/ 263 KB
68 KB 536ms
125ms Script
application/javascript 18.164.96.77

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bc0a4c72d88d266f15af.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2078737.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.77 -, , ASN (),

Reverse DNS

Software

Resource Hash

5266a11278de436c711a6fc1ab0618616f2495135c0157b21899c11f19ab163a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 464396
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68590
last-modified: Wed, 07 Dec 2022 14:34:24 GMT
etag: "2375e31c5dc0ca09d740bee5c1486c2b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Tp2rfa7cU-CXBP5jQQ2DP6Mj1Gnati0HP-LhnACYo_RPmGSXpJjfdw==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/qUWcaxQXVu4PCTqi2uQInzmbmHoVVadD/ 622 B
1 KB 212ms
141ms XHR
application/json 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/qUWcaxQXVu4PCTqi2uQInzmbmHoVVadD/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qUWcaxQXVu4PCTqi2uQInzmbmHoVVadD/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3b097dcae301ad5e189b55ae270e218299e5eb63dec6ce194b1d17113779444

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: bwB2ZKBUcVqC6kwcPpM7bLBhIiV1RR2h
date: Mon, 12 Dec 2022 21:53:31 GMT
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 6110
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 622
last-modified: Mon, 26 Sep 2022 18:26:25 GMT
server: AmazonS3
etag: "4a869492b411ef53e6dd427f1de95cd0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: VitG0f6wjTB3RCArp1CaE6XSR6icR_xqCkjC1JkrtKLqAhyEKq_Y6g==

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
415 B 355ms
252ms Script
application/javascript 2606:4700::6811:925b

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=610320926&u=https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1&r=http%3A%2F%2Fpriorfresh.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN (),
Reverse DNS
Software: cloudflare / PHP/7.4.32
Resource Hash: 29fd217123acfe38005373f6352fef334c2d244ab14c65b9dc091212497f97f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.32
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 46
cf-ray: 778a4631c917d14f-BUF

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/22802941/configuration/applications/taglets/ 290 KB
104 KB 156ms
140ms Script
application/x-javascript 208.89.12.153
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/22802941/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/sites/default/files/js/js_UfxF3WzY-XxfYAOtLXsBq5p8tE6u2gvltFxwDFh_N6o.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lptag.liveperson.net

Software

ws /

Resource Hash

81244f3fb3d09fd9ad855e76254b44fa14952e2b35631df112db05ada6a24639

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:02 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/jgwentworth.com/ 158 B
345 B 269ms
27ms Fetch
application/json 104.238.215.8
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/jgwentworth.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.215.8 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS: mail.shweeng.com
Software: /
Resource Hash: d63a9468df4d55617ce285860eb9d4ebdeea3d060e6c1ebedb098a1c91bd2999

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:02 GMT
last-modified: Mon, 12 Dec 2022 23:33:19 GMT
etag: "9e-6397ba3f-7fd90b6340f574a9;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 158
expires: Tue, 13 Dec 2022 23:35:02 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 6D63 2 KB
1 KB 289ms
29ms Document
text/html 108.138.128.99

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2078737.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.128.99 -, , ASN (),

Reverse DNS

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.jgwentworth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1679097
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
x-amz-cf-id: Us1Q7v_1EQQjV7JnJjwqAXYCNjGzhAu-XyfOv6EEgioy4QrscKvDQQ==
x-amz-cf-pop: JFK50-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 p
api.segment.io/v1/ 21 B
177 B 366ms
116ms Fetch
application/json 54.218.207.27

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qUWcaxQXVu4PCTqi2uQInzmbmHoVVadD/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.218.207.27 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.jgwentworth.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.jgwentworth.com
date: Mon, 12 Dec 2022 23:35:03 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 js
www.googletagmanager.com/gtag/ 238 KB
80 KB 104ms
103ms Script
application/javascript 2607:f8b0:4006:822::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XR6QS8J9EE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 12 Dec 2022 23:35:03 GMT

GET
H3 200 optimize.js
www.googleoptimize.com/ 107 KB
42 KB 127ms
37ms Script
application/javascript 2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-P5MXGC4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Nutley, United States, ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42936
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 23:35:03 GMT

GET
H2 200 bat.js
bat.bing.com/ 38 KB
12 KB 275ms
47ms Script
application/javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 12 Dec 2022 23:35:03 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D086E16F169C439D99D3FF2F286B5437 Ref B: EWR311000101011 Ref C: 2022-12-12T23:35:04Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 180ms
24ms Script
text/javascript 2001:4860:4802:34::178

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 21:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6519
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 12 Dec 2022 23:46:25 GMT

GET
H2 200 core.js
s.pinimg.com/ct/ 1 KB
1 KB 325ms
77ms Script
application/javascript 2600:1400:9000:297::1931

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:297::1931 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "8d9d0550c915347e312e24f00d311e50"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/788228284/ 2 KB
1 KB 271ms
102ms Script
text/javascript 2607:f8b0:4006:81d::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788228284/?random=1670888103962&cv=11&fst=1670888103962&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1&ref=http%3A%2F%2Fpriorfresh.com%2F&tiba=JG%20Wentworth%20Partner%20Debt%20Solutions%20%7C%20JG%20Wentworth&userId=7085fcbf-46c2-4b98-a1bf-274f069b2687&auid=1991918904.1670888104&uaw=0&data=page_path%3D%2Fds-aff-lp-3&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 23:35:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1016
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/794155004/ 2 KB
2 KB 254ms
91ms Script
text/javascript 2607:f8b0:4006:81d::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794155004/?random=1670888103992&cv=11&fst=1670888103992&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=SS&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1&ref=http%3A%2F%2Fpriorfresh.com%2F&tiba=JG%20Wentworth%20Partner%20Debt%20Solutions%20%7C%20JG%20Wentworth&userId=7085fcbf-46c2-4b98-a1bf-274f069b2687&auid=1991918904.1670888104&uaw=0&data=page_path%3D%2Fds-aff-lp-3&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 23:35:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1026
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.js
cdn.taboola.com/libtrc/unip/1372845/ 58 KB
18 KB 227ms
67ms Script
application/javascript 151.101.65.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1372845/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: i.JaODnvgaua0BOvzO205sSRID1C06_t
content-encoding: gzip
via: 1.1 varnish
date: Mon, 12 Dec 2022 23:35:04 GMT
x-amz-request-id: Q6V0BVQ9WAYCPTD7
age: 109
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18126
x-amz-id-2: XwO/V4wCkgnuplFfsUkzHV1hMXwAXI+dr/aLbhcjUcti7C/vdzpZhH9Q8kf5/MBDt60g4CKxAv0=
x-served-by: cache-ewr18135-EWR
last-modified: Sun, 11 Dec 2022 11:42:36 GMT
server: AmazonS3
x-timer: S1670888104.168744,VS0,VE7
etag: "863dd399999e78aa7d8105930418ec6f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 87
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 103 KB
28 KB 272ms
80ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: eu-west-1.vallegrana.com
URL: https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 23:35:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27316
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: V+lJeziVxw5qjdR0Hp0U5+vnM/4TEvWaKolL7XmB/pZ8kR9yFlIYkvulOytULIfMaMxnt7STvUIy1D7yv7Ahww==
x-fb-trip-id: 1814657579
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jgw.js
lwjs.azureedge.net/cjs/ 835 B
1 KB 398ms
85ms Script
text/javascript 2620:1ec:40::40

General

Check archive.org

Show headers Download Go to

Full URL: https://lwjs.azureedge.net/cjs/jgw.js?ver=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::40 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 12 Dec 2022 23:35:03 GMT
last-modified: Mon, 26 Apr 2021 18:47:25 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: eh7NkZTPdqxNu0Z91R8Shw==
etag: 0x8D908E3BBC3F223
x-azure-ref: 0qLqXYwAAAABKfK2grL19RIOuxcD2/A1LTU5aMjIxMDYwNjExMDQ5AGExNzUxNWVjLTBiZTUtNGQxNy05YWEyLWY3NGMxY2JkY2E5OA==
x-cache: TCP_HIT
content-type: text/javascript
x-ms-request-id: d2d61632-a01e-001d-211c-0eed42000000
x-ms-version: 2009-09-19
content-length: 835

GET
H2 200 events.js
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 422ms
240ms Script
application/javascript 184.51.148.162

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAKHVORC77UFDAKT3VE0&lib=ttq
Requested by: Host: eu-west-1.vallegrana.com
URL: https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.162 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 13a04f7f.81470a8
date: Mon, 12 Dec 2022 23:35:04 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-148-158.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 128,184.51.148.158
server-timing: cdn-cache; desc=MISS, edge; dur=69, origin; dur=59, inner; dur=3
content-length: 1289
pragma: no-cache
server: nginx
x-tt-logid: 202212122335044222E940866A3A0455BE
x-cache-remote: TCP_MISS from a23-220-104-207.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 59,23.220.104.207
x-tt-trace-host: 010f1fe534168020d9f6b48ef81cc9df5a29fbb2000d6d264fce12b6d1655146cd3d1c7a610055945a87c8dd9728bcb2efc7614263a9467b08c1012e31575db14313fe808c2e16254c788f5d7b4e08fbb0077f5747c65314ffbb441022bd14f26f
expires: Mon, 12 Dec 2022 23:35:04 GMT

GET
H2 200 events.js
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 262ms
85ms Script
application/javascript 184.51.148.162

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAKI0SRC77U1E8B1E11G&lib=ttq
Requested by: Host: eu-west-1.vallegrana.com
URL: https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.162 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 218175f6.81470a9
date: Mon, 12 Dec 2022 23:35:04 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-148-158.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 20,184.51.148.158
server-timing: cdn-cache; desc=MISS, edge; dur=18, origin; dur=7, inner; dur=4
content-length: 1250
pragma: no-cache
server: nginx
x-tt-logid: 202212122335045B72879F636D180471CC
x-cache-remote: TCP_MISS from a23-220-104-205.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.205
x-tt-trace-host: 010f1fe534168020d9f6b48ef81cc9df5a29fbb2000d6d264fce12b6d1655146cd2bb715f03f54b4428289e3c42552b54ff6a50a31e817e0bc1341bd41fea5b8fa84b2a9c2ca803d0b28bca2023f153a3e538c1e3b1f18f53cd9107ef535b4c010
expires: Mon, 12 Dec 2022 23:35:04 GMT

GET
H2 200 jgwga.js
lwjs.azureedge.net/cjs/ 838 B
1 KB 288ms
113ms Script
text/javascript 2620:1ec:40::40

General

Check archive.org

Show headers Download Go to

Full URL: https://lwjs.azureedge.net/cjs/jgwga.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::40 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 12 Dec 2022 23:35:03 GMT
last-modified: Tue, 14 Jun 2022 19:52:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: HQCuWKYwaNCaMZbF+uIZGQ==
etag: 0x8DA4E3F6DF8B947
x-azure-ref: 0qLqXYwAAAAAh6ptqq/QwRIVGyG6bLr5+TU5aMjIxMDYwNjExMDQ5AGExNzUxNWVjLTBiZTUtNGQxNy05YWEyLWY3NGMxY2JkY2E5OA==
x-cache: TCP_HIT
content-type: text/javascript
x-ms-request-id: 861863dd-c01e-0056-4b51-0e1111000000
x-ms-version: 2009-09-19
content-length: 838

GET
H2 200 jgwv3.js
lwjs.azureedge.net/cjs/ 4 KB
1 KB 195ms
58ms Script
text/javascript 2620:1ec:40::40

General

Check archive.org

Show headers Download Go to

Full URL: https://lwjs.azureedge.net/cjs/jgwv3.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THJ2TPG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::40 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 12 Dec 2022 23:35:03 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 13:46:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: VtQntWWiCWLwEFGXsqMsIA==
etag: 0x8DA85D71D304FAD
x-azure-ref: 0qLqXYwAAAAAz5utWEjupQLonnaoOOMj5TU5aMjIxMDYwNjExMDQ5AGExNzUxNWVjLTBiZTUtNGQxNy05YWEyLWY3NGMxY2JkY2E5OA==
x-cache: TCP_HIT
content-type: text/javascript
x-ms-request-id: 94645b6b-101e-00a1-7622-0e3b83000000
x-ms-version: 2009-09-19

GET
H2

200

ytc.js
s.yimg.com/wi/
Redirect Chain

https://protect-us.mimecast.com/s/gBT0C73BWJuAWNw8cAxIof?domain=s.yimg.com
https://protect-us.mimecast.com/r/jakVjxaSMV4Q6mUpIL771_FnYUnx2eZ3cnglOUOVqLGGRHv9MhJSqnaECGMYkfeuPH7aTJvR9ma7_wUKtNmArUdo6i1zQe5fqYQ5j6iWA0lfL3hH7khJAysJU-vc8tk5DaiKF_DsgGk72fPTDN86KX33dhkZCFf_iO2...
https://s.yimg.com/wi/ytc.js

16 KB
6 KB

230ms
81ms

Script
application/javascript

2001:4998:14:800::1000

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Server

2001:4998:14:800::1000 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:34:55 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: NS274KS8Q7WABZ5X
age: 11
x-amz-server-side-encryption: AES256
x-amz-id-2: BMYm42ZgE5JcVtYIRs9W/jmWknoFpv9+UJkokp4PZw1YQp3rLTzGSAeA1FyRJfeOOqLAwxicCFs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

Redirect headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 23:35:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://s.yimg.com/wi/ytc.js
Cache-control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 0

GET
H2 200 events.js
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 74ms
73ms Script
application/javascript 184.51.148.162

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCDPNHBC77U5BD5RDEJG&lib=ttq
Requested by: Host: eu-west-1.vallegrana.com
URL: https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.162 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 81470d6
date: Mon, 12 Dec 2022 23:35:04 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-148-158.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=23
content-length: 1256
pragma: no-cache
server: nginx
x-tt-logid: 20221212233504638D5F51374A870434D7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,184.51.148.158
x-tt-trace-host: 010f1fe534168020d9f6b48ef81cc9df5ab9740ebe1f51d10dea92327feb192c0684e83bc619fdc9811a5f0027d7284a101a5346d7330a11301a4f5b29f846325b083e22b1ea4487b2cab1d5b1ac11f8af
expires: Mon, 12 Dec 2022 23:35:04 GMT

GET
H2 200 events.js
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 70ms
69ms Script
application/javascript 184.51.148.162

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCDPP9RC77U4E617K5J0&lib=ttq
Requested by: Host: eu-west-1.vallegrana.com
URL: https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.162 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 81470d8
date: Mon, 12 Dec 2022 23:35:04 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-148-158.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=20
content-length: 1262
pragma: no-cache
server: nginx
x-tt-logid: 20221212233504EC9632C5D3FD3A03BEA2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,184.51.148.158
x-tt-trace-host: 010f1fe534168020d9f6b48ef81cc9df5ab9740ebe1f51d10dea92327feb192c0656133facad3a95ebe84067ee618abd4671e6841513330b760bf13f12033aee8aba5782c298eb45de34c66ed8b3e106b9
expires: Mon, 12 Dec 2022 23:35:04 GMT

GET
H/1.1 200
OK tv2track.js
collector-26362.us.tvsquared.com/ 20 KB
9 KB 329ms
34ms Script
application/javascript 3.15.122.113

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-26362.us.tvsquared.com/tv2track.js
Requested by: Host: eu-west-1.vallegrana.com
URL: https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.122.113 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 23:35:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 11:01:47 GMT
Server: nginx
ETag: "6306051b-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Mon, 12 Dec 2022 23:45:04 GMT

GET
H2 200 invoca-latest.min.js
solutions.invocacdn.com/js/ 124 KB
40 KB 227ms
42ms Script
text/javascript 13.33.60.79

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: eu-west-1.vallegrana.com
URL: https://eu-west-1.vallegrana.com/r/L0s0dFU3R3hFczZLc3VvRXVvOVR1L3pmWVJKdUFlZXl0Zy9pbEhGZytZaz01-link
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.79 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: nafYdifE25HIJ7E5_xPq2bg19QQXpqjq
content-encoding: gzip
via: 1.1 9b6576d35a1a9eda48ee30caf8cac918.cloudfront.net (CloudFront)
date: Mon, 12 Dec 2022 22:57:07 GMT
last-modified: Wed, 05 Oct 2022 20:29:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
age: 2278
etag: W/"4636ba1892918feeed6b191a409be199"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
x-amz-cf-id: wJiHEC8RLx8Qtbka126R2QolT80fevQ_bGTgk8lfUYNMkaipEau9Dg==

GET
H2 200 t_prism_sitemessages.php
trackcmp.net/ 0
289 B 243ms
87ms Script
text/javascript 2606:4700:4400::ac40:9197

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=610320926&prismid=bbc61d78-ead2-4b15-84a8-62a066b711b4&url=https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9197 -, , ASN (),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 778a463ced9ed14f-BUF
content-length: 0

GET
H2 200 en.build.json
cdn.acsbapp.com/cache/app/ 238 KB
25 KB 37ms
36ms Fetch
application/json 104.238.215.8
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.215.8 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS: mail.shweeng.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:04 GMT
content-encoding: br
last-modified: Mon, 12 Dec 2022 13:24:04 GMT
etag: "3b8a8-63972b74-c1f90ea9b5b895a1;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 25914
expires: Tue, 13 Dec 2022 23:35:04 GMT

GET
H2 200 /
accdn.lpsnmedia.net/api/account/22802941/configuration/setting/accountproperties/ 6 KB
3 KB 704ms
46ms Script
application/javascript 208.89.12.91

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/22802941/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/22802941/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.91 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:05 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 12 Dec 2022 23:36:05 GMT

GET
H2 200 ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 40 KB
15 KB 804ms
167ms Script
application/javascript 199.187.116.90

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/22802941/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.187.116.90 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:33 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 12 Dec 2023 23:35:05 GMT

GET
H2 200 UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 88 KB
30 KB 919ms
283ms Script
application/javascript 199.187.116.90

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/22802941/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.187.116.90 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:30 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 12 Dec 2023 23:35:05 GMT

GET
H2 200 lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 92 KB
31 KB 984ms
349ms Script
application/javascript 199.187.116.90

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/22802941/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.187.116.90 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:31 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 12 Dec 2023 23:35:05 GMT

GET
H2 200 surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 8 KB
3 KB 1154ms
518ms Script
application/javascript 199.187.116.90

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/22802941/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.187.116.90 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:33 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 12 Dec 2023 23:35:05 GMT

GET
H2 200 zones
accdn.lpsnmedia.net/api/account/22802941/configuration/le-campaigns/ 12 KB
3 KB 637ms
73ms Script
application/javascript 208.89.12.91

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/22802941/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/22802941/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.91 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:05 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 12 Dec 2022 23:36:05 GMT

POST
H2 200 visit-data
in.hotjar.com/api/v2/client/sites/2078737/ 147 B
322 B 619ms
120ms XHR
application/json 99.80.127.52

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2078737/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc0a4c72d88d266f15af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.127.52 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.jgwentworth.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 12 Dec 2022 23:35:05 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 2078737
vc.hotjar.io/sessions/ 0
259 B 591ms
118ms XHR
text/plain 18.164.96.95

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2078737?s=0.25&r=0.19897259772012355
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc0a4c72d88d266f15af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.95 -, , ASN (),
Reverse DNS
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:05 GMT
via: 1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: TgK5cLiUlKg3jTPzN7z0I2CHWMtklKQiZsIFTIcg6EB0Q_XLzSGLyw==

GET
H/1.1 200
OK tv2track.php
collector-26362.us.tvsquared.com/ 42 B
276 B 89ms
74ms Image
image/gif 3.15.122.113

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-26362.us.tvsquared.com/tv2track.php?action_name=JG%20Wentworth%20Partner%20Debt%20Solutions%20%7C%20JG%20Wentworth&idsite=TV-7236633672-1&rec=1&r=594842&h=23&m=35&s=5&url=https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1&urlref=http%3A%2F%2Fpriorfresh.com%2F&_id=a45023b8cdd33132&_idts=1670888105&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22%3CUSERREF%3E%5C%22%7D%22%5D%7D&gt_ms=828
Requested by: Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.122.113 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Mon, 12 Dec 2022 23:35:05 GMT
Server: nginx
Connection: keep-alive
Request-Id: 55a578f6-802c-490c-a0d1-def82f0794d9
Content-Length: 42
Content-Type: image/gif

GET
H2 200 tag-live.js
solutions.invocacdn.com/js/networks/2243/0806779911/ 8 KB
2 KB 88ms
87ms Script
text/javascript 13.33.60.79

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/2243/0806779911/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.79 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: 80hjGpQaIqDlKrO1tz0fnX4JrhNwQNsC
content-encoding: br
via: 1.1 9b6576d35a1a9eda48ee30caf8cac918.cloudfront.net (CloudFront)
date: Mon, 12 Dec 2022 23:30:26 GMT
last-modified: Mon, 29 Aug 2022 15:46:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
age: 280
etag: W/"81a2a9f6091d4c822fb3af0be8329c05"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-replication-status: COMPLETED
x-amz-cf-id: p0sgIlpX4acoaQW91_nPsjvSysUZfKULK0h3OAe01nv9hCDKxRtxdA==

GET
H2 200 main.9a94ee76.js
s.pinimg.com/ct/lib/ 58 KB
21 KB 81ms
77ms Script
application/javascript 2600:1400:9000:297::1931

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:297::1931 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "e43867aadc515024dd460d8611098a12"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20728

GET
H2 200 /
www.google.com/pagead/1p-user-list/788228284/ 42 B
548 B 199ms
49ms Image
image/gif 2607:f8b0:4006:823::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/788228284/?random=1670888103962&cv=11&fst=1670886000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1&ref=http%3A%2F%2Fpriorfresh.com%2F&tiba=JG%20Wentworth%20Partner%20Debt%20Solutions%20%7C%20JG%20Wentworth&userId=7085fcbf-46c2-4b98-a1bf-274f069b2687&data=page_path%3D%2Fds-aff-lp-3&fmt=3&is_vtc=1&random=2177899722&rmt_tld=0&ipr=y

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 23:35:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/794155004/ 42 B
108 B 179ms
51ms Image
image/gif 2607:f8b0:4006:823::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/794155004/?random=1670888103992&cv=11&fst=1670886000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=SS&frm=0&url=https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1&ref=http%3A%2F%2Fpriorfresh.com%2F&tiba=JG%20Wentworth%20Partner%20Debt%20Solutions%20%7C%20JG%20Wentworth&userId=7085fcbf-46c2-4b98-a1bf-274f069b2687&data=page_path%3D%2Fds-aff-lp-3&fmt=3&is_vtc=1&random=4108769035&rmt_tld=0&ipr=y

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 23:35:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logomono.svg
web1.acsbapp.com/apps/app/dist/media/ 4 KB
1 KB 215ms
36ms Image
image/svg+xml 138.128.247.123

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web1.acsbapp.com/apps/app/dist/media/logomono.svg
Requested by: Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.247.123 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:35:05 GMT
content-encoding: br
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1210
expires: Tue, 12 Dec 2023 23:35:05 GMT

GET
H2 200 main.MTRjZDliOGFlMA.js
analytics.tiktok.com/i18n/pixel/static/ 211 KB
62 KB 44ms
37ms Script
application/javascript 184.51.148.162

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjZDliOGFlMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAKI0SRC77U1E8B1E11G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.162 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 81479c3
date: Mon, 12 Dec 2022 23:35:05 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202212011510068E9ADA90126FD6FB2840
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a184-51-148-158.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 019fab6528daf5ae4cea145f9df16486703a6e69f7afcaa7f9e1c577fa94e4bf3ab786ea6df29e266a828f17b958326b213074c8806499ab66691f851892a94543dea9cc980bda1b0fa6f893c9544f1ac8
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 62323

GET
H2 200 json
trc.taboola.com/1372845/trc/3/ 3 KB
2 KB 168ms
84ms Script
application/javascript 151.101.65.44

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1372845/trc/3/json?tim=1670888105294&data=%7B%22id%22%3A562%2C%22ii%22%3A%22%2Fds-aff-lp-3%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670888105278%2C%22cv%22%3A%2220221211-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%22%2C%22e%22%3A%22http%3A%2F%2Fpriorfresh.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-lsingerjgwentworthcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670888105292%2C%22ref%22%3A%22http%3A%2F%2Fpriorfresh.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A74%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1372845/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms: 11
date: Mon, 12 Dec 2022 23:35:05 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-ewr18135-EWR
server: nginx
x-timer: S1670888105.443123,VS0,VE11
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 main.MTRjZDliOGFlMQ.js
analytics.tiktok.com/i18n/pixel/static/ 224 KB
64 KB 56ms
55ms Script
application/javascript 184.51.148.162

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjZDliOGFlMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCDPP9RC77U4E617K5J0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.162 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 8147a08
date: Mon, 12 Dec 2022 23:35:05 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2022120115080939BEE8F898A90382BD0B
vary: Accept-Encoding
x-cache: TCP_HIT from a184-51-148-158.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01630af45c3bbe5164927f2cc0d74c811206a42cf87e8149a273c05bdc12a10abaf40c0821fb87873d764f7d70e497ad499eed5916d1757ab1e860a190669af8db1edc420aace5ddf2149a58b948a1c862
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 64626

GET
H2 204 11005386.js
bat.bing.com/p/action/ 0
118 B 79ms
68ms Script
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/11005386.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 12 Dec 2022 23:35:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6575246245374A3FAE39594C7C6C3E9A Ref B: EWR311000101011 Ref C: 2022-12-12T23:35:05Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
177 B 95ms
92ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=11005386&tm=gtm002&Ver=2&mid=c77f96bf-f8ef-47a8-a403-79c4c7866833&sid=9b499e007a7511ed88fe555fda46291d&vid=9b4bf3207a7511ed92d9a76c51aa442b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=JG%20Wentworth%20Partner%20Debt%20Solutions%20%7C%20JG%20Wentworth&p=https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1&r=http%3A%2F%2Fpriorfresh.com%2F&lt=2637&evt=pageLoad&sv=1&rn=440398

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Dec 2022 23:35:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B07B4FD3835347C796492AAEA9DB3ACB Ref B: EWR311000101011 Ref C: 2022-12-12T23:35:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2426328650954781
connect.facebook.net/signals/config/ 294 KB
84 KB 172ms
92ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2426328650954781?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 23:35:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86397
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nwOIV3FPT4Z34JUGr92K0bJsRRXRtg1POgKMriIkjyoLNZfJpkI78ZPBN9DDD6aI5thWQJNhrDH0vNodGXoOvQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
350 B 404ms
56ms Ping
text/plain 2607:f8b0:4006:80f::200e

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XR6QS8J9EE&gtm=2oebu0&_p=1834770774&_gaz=1&cid=979317149.1670888106&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670888105&sct=1&seg=0&dl=https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1&dr=http%3A%2F%2Fpriorfresh.com%2F&dt=JG%20Wentworth%20Partner%20Debt%20Solutions%20%7C%20JG%20Wentworth&en=page_view&_fv=1&_nsi=1&_ss=1&epn.hit_timestamp=1670888103&ep.gtm_setting=GTM-THJ2TPG&ep.hostname=www.jgwentworth.com&ep.ga4_session_id=1670888103554.r61sk298&ep.page_path=%2Fds-aff-lp-3&ep.PageName=JG%20Wentworth%20Partner%20Debt%20Solutions&ep.Referrer=http%3A%2F%2Fpriorfresh.com%2F&ep.ga_session_id=1670888103555.j2xnnyde&ep.custom_session_id=1670888103555.069whumg&up.ajs_anonymous_id=7085fcbf-46c2-4b98-a1bf-274f069b2687
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XR6QS8J9EE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 23:35:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jgwentworth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 397ms
52ms Ping
text/plain 2607:f8b0:4004:c1b::9a

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XR6QS8J9EE&cid=979317149.1670888106&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XR6QS8J9EE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9a -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 23:35:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jgwentworth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 linkid.js
www.google-analytics.com/plugins/ua/ 2 KB
884 B 315ms
48ms Script
text/javascript 2001:4860:4802:34::178

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 13 Dec 2022 00:21:33 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 2 B
443 B 189ms
40ms XHR
text/plain 2607:f8b0:4004:c1b::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-951376-1&cid=979317149.1670888106&jid=1011022760&gjid=117179141&_gid=947787611.1670888106&_u=YCDAgEAjQAAAAEAEK~&z=867141394

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jgwentworth.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Dec 2022 23:35:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jgwentworth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 123ms
43ms Image
image/gif 2001:4860:4802:34::178

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1834770774&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jgwentworth.com%2Fds-aff-lp-3%3F%26utm_source%3DSonic%26utm_medium%3DAffiliate%26campaign_id%3D73d6782c6c144c348e3fb6050eba59a1&dr=http%3A%2F%2Fpriorfresh.com%2F&ul=en-us&de=UTF-8&dt=JG%20Wentworth%20Partner%20Debt%20Solutions%20%7C%20JG%20Wentworth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEAjQAAAAAAEK~&jid=1011022760&gjid=117179141&cid=979317149.1670888106&tid=UA-951376-1&_gid=947787611.1670888106&gtm=2wgbu0THJ2TPG&cd1=7085fcbf-46c2-4b98-a1bf-274f069b2687&cd3=1670888103934.69pv757&cd4=1670888103&cd10=GTM-THJ2TPG&cd11=http%3A%2F%2Fpriorfresh.com%2F&cd12=0&cd13=NAVIGATE&cd14=New&cd15=e0dadd2b-0e95-4f7f-ab65-a8624cba0d0e&cd16=1&cd18=(not%20set)&cd2=979317149.1670888106&cd17=pageview&z=488400106

Requested by

Host: www.jgwentworth.com
URL: https://www.jgwentworth.com/ds-aff-lp-3?&utm_source=Sonic&utm_medium=Affiliate&campaign_id=73d6782c6c144c348e3fb6050eba59a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jgwentworth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 23:56:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85129
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 0
0

GET 10150632.json
s.yimg.com/wi/config/ 0
0

GET ga-audiences
www.google.com/ads/ 0
0

GET cds-pips.js
cdn.taboola.com/scripts/ 0
0

GET eid-ls.es5.js
cdn.taboola.com/scripts/ 0
0

GET eid.es5.js
cdn.taboola.com/scripts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549

Domain: s.yimg.com
URL: https://s.yimg.com/wi/config/10150632.json

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-951376-1&cid=979317149.1670888106&jid=1011022760&_u=YCDAgEAjQAAAAEAEK~&z=183966079

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/eid-ls.es5.js

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/eid.es5.js

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
priorfresh.com/	1970-01-20 08:51:20	Name: clkcheck29580 Value: 291c55dd51063fbe2d415927a9683105_204069
.traversedlp.com/	1970-01-20 16:53:44	Name: v1.cookieId Value: s%3A2dc5221b-6acf-4934-b16d-44a7d6fa89b0.OuiS6ZMOrhSogVYf6xJvdp5tMBLC43VQS%2BuS%2BClyGMQ
.traversedlp.com/	1970-01-20 16:53:44	Name: v1.syncTimestamp Value: s%3A1670888099236.s8948mzMzYVMWP2ABiAZAZ0I%2FFq3bzY1ZqPIrDLpkoc
.mediawallahscript.com/	1970-01-20 17:44:08	Name: mUserCookie Value: %7B%7D
.mediawallahscript.com/	1970-01-20 17:44:08	Name: mCookie Value: 97da93c1-7a75-11ed-8e82-4fd4787fd522
.mediawallahscript.com/	1970-01-20 08:09:34	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_12_2022 Value: %7B%221KTuLJ%22%3A1%7D
www.jdhwunw29d.com/	1970-01-20 08:09:34	Name: uniqueClick_2CTPL Value: ac64d176-908a-4efe-9645-ac442bf57915:1670888099
www.jdhwunw29d.com/	1970-01-20 10:17:44	Name: transaction_id Value: 73d6782c6c144c348e3fb6050eba59a1
.rqtrk.eu/	1970-01-20 08:18:12	Name: browser_id Value: 1:021e41d0-667b-4a6f-94fc-6e771e2faa2a
.adsrvr.org/	1970-01-20 16:53:44	Name: TDID Value: bb046147-3fe0-46fe-acea-ffc56b20e5bb
.adsrvr.org/	1970-01-20 16:53:44	Name: TDCPM Value: CAEYBSABKAIyCwie1Yn0hqmuOxAFOAE.
prism.app-us1.com/	1970-01-20 08:51:20	Name: prism_610320926 Value: bbc61d78-ead2-4b15-84a8-62a066b711b4
.jgwentworth.com/	1970-01-20 16:53:44	Name: ajs_anonymous_id Value: 7085fcbf-46c2-4b98-a1bf-274f069b2687

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
acsbapp.com
analytics.google.com
analytics.tiktok.com
api.segment.io
api.traversedlp.com
bat.bing.com
bestlifevision.com
cdn.acsbapp.com
cdn.jsdelivr.net
cdn.segment.com
cdn.taboola.com
collector-26362.us.tvsquared.com
connect.facebook.net
diffuser-cdn.app-us1.com
eu-west-1.vallegrana.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
lwjs.azureedge.net
match.adsrvr.org
partner.mediawallahscript.com
priorfresh.com
prism.app-us1.com
protect-us.mimecast.com
s.pinimg.com
s.yimg.com
s3.uhuzhu.com
script.anura.io
script.hotjar.com
signals.aimtell.com
solutions.invocacdn.com
static.hotjar.com
static.traversedlp.com
stats.g.doubleclick.net
trackcmp.net
trc.taboola.com
vars.hotjar.com
vc.hotjar.io
web1.acsbapp.com
widget.trustpilot.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.jdhwunw29d.com
www.jgwentworth.com
cdn.taboola.com
lpcdn.lpsnmedia.net
s.yimg.com
www.google.com
104.238.215.8
108.138.106.126
108.138.128.99
13.225.214.12
13.225.223.151
13.33.60.79
138.128.247.123
15.197.193.217
15.235.42.102
151.101.65.44
18.161.34.61
18.164.96.77
18.164.96.95
184.51.148.162
199.187.116.90
2001:4860:4802:34::178
2001:4998:14:800::1000
205.139.111.117
208.89.12.153
208.89.12.91
23.250.10.250
2600:1400:9000:297::1931
2606:4700:130:436c:6f75:6466:6c61:7265
2606:4700:3035::ac43:c919
2606:4700:4400::ac40:9197
2606:4700::6810:5514
2606:4700::6811:925b
2606:4700::6812:1e97
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::200a
2607:f8b0:4006:81d::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::2004
2607:f8b0:4006:824::200e
2620:1ec:40::40
2620:1ec:c11::200
2a03:2880:f003:100:face:b00c:0:3
3.15.122.113
34.160.246.90
34.227.3.1
35.169.82.82
44.194.8.113
54.218.207.27
54.81.213.220
99.80.127.52
09a4d30ab3e052491296793fdb71491f7d48c8e2768427ecd70f756f67ad7fde
10f6adaaa88502b2fe547f93d83d952cd5756f2745e298908ee1059d985aff59
12eee1296c34bcf1ccf655329d26aaf93efc6dc43dfff3feb92d2d7d9a47948b
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1a13bdb246039777d465bb009b55de8d6c83c773da12a1b3e1b993b427a68cc6
2057253c8b567db817ee5cfc9274317c9cd14c23e15c9d73326077ada9fe3ac5
255859e7478a65835731ac90cbd80ccc7db2615e52c3abd44f039ab2ca8eab75
2806438b0118b3d348e7b2f6dcba960a85886f972e4cb14ff91427cfac4f34b5
29fd217123acfe38005373f6352fef334c2d244ab14c65b9dc091212497f97f1
33d72e90e43c8ddc11cbb6e40e343c96388c174db8eac2dce756dedabc4f88c1
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
4113bf63b156344f692f6ccf363c3e5d101f42aa07fe788ddae59c7124348adf
435f0bd44d193c9a6aed52ccbf1cd24b7a4b77b0a36e1436bf07ad5bdbb3e134
4a846c9dee537f5b1d36459b08652bf05dbe4df2ff53f2ee968d8834fefd4277
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51fc45dd6cd8f97c5f6003ad2d7b01ab9a7cb44eaeda0be5b45c700c587f37aa
5266a11278de436c711a6fc1ab0618616f2495135c0157b21899c11f19ab163a
52d34d9fbcd0fbbc245cc05cf2e9704209ce3a7681f37bebeeca51cf7dc29346
53d8b24567a3264f7c5bf19d6bf59fde8431b1e056afb437c11ee5aa72e017e5
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
577a426fb57f374cce90717805661597ffab45c7ba7348509250bdb8ce1a11ad
5898663ff48ff88caeb302ac3e2dfb7ea3e6b95ae88d4c3b1488cdfc724345e3
5d58f3bd30c7f50cdfd191bdf023d4122de5a8f7c10cbe2a8610ce9d5ff252ee
64ec957d06146b6a9809161cac9629cbf2cb57b309083b8bee8e1bb46018735e
6836141de7c17273c89b87ff48fddf1041d0bbb2bdd3212d37b84b67dbabe03a
6c23f91436031cb7cffc788646aaadf5b39710bc5753e5e24df35e67c634e8a1
7b4f73ddb754ae3fcf12f5f9eb7920d8cccb844ee2743d7dfd276c3592b0d63d
7bc9cc38d26c49fb418babef776023819924ad384663123a683540a4089f9175
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81244f3fb3d09fd9ad855e76254b44fa14952e2b35631df112db05ada6a24639
8c9029a03bdacdbeac4466dcde013ec1d100134704d07d40837935a8269d6bd7
9299053979930dcb09f484ed0dc43bd94c291ad72f0a73486e305a399625271b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353
9ddfb7636bacafe2727d03117bab13724cffb3fd73c7e8ec02ea27ed2740f8ff
a1589d7a1ae0c8623b8565d3a9cd603cb697a8448ba01c1f822773962d7c98d2
a8eeb2dd37e823731904718dc8837862c8d7f3195efc4e8e71f7f1ae2ee5136f
ab5f2f14dcf7bd5b3dbbe96db9699360945730f5a0ff1741545d1522a0a8a525
afe2836c92bfae4858e72db2fc04dcedce658d00b7204d2ac0d108439a694e98
b08443225bf241211f166f99572bbd4a767876b9752f325255f5c3aadab47e56
bc5844b469da436c41fb28c14d25f1b2cb6135c7dd6f3bbe9662d8842769d827
c6a66bd6360286999f20f045c4d385e7c480fe90600c9b041211d1b9eefac65c
c780b469f47e9819ee89c1fa252ef5bf974ffd822aef3b2b60ae33c613b93070
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
d63a9468df4d55617ce285860eb9d4ebdeea3d060e6c1ebedb098a1c91bd2999
db07ffce83da81ffdab004f3fe8b0fb5bbe02d3a18e2ea84f14af220b680015a
ddbd99a98baa51ec26f0c36d7a048d0ebb99777a15507fab1b0a0f0b12c452e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
f3b097dcae301ad5e189b55ae270e218299e5eb63dec6ce194b1d17113779444
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f77e6fc0cb121cbc481cbeb1a0dbbef12b21d4804993e606c1c4e2567c721ca7

www.jgwentworth.com Open in urlscan Pro 44.194.8.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

84 %HTTPS

43 %IPv6

40 Domains

51 Subdomains

44 IPs

2 Countries

1619 kBTransfer

5309 kBSize

13 Cookies

8 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

www.jgwentworth.com Open in urlscan Pro
44.194.8.113 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

84 %
HTTPS

43 %
IPv6

40
Domains

51
Subdomains

44
IPs

2
Countries

1619 kB
Transfer

5309 kB
Size

13
Cookies

123 HTTP transactions
0 data transactions