www2.freecreditclick.com Open in urlscan Pro
104.18.8.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.us-west-1.amazonaws.com/jrdkhfrdhgiurhsgserh/jrdkhfrdhgiurhsgserh.html#N3UwSHV2VEpmcGpmV1JhWS92VG1OcGpHWkdIUWtFeUc3WXBWd...
Effective URL:
https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=526476...
Submission: On April 28 via api (April 28th 2022, 4:52:57 pm UTC) from BE — Scanned from US

Summary HTTP 39 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 13 domains to perform 39 HTTP transactions. The main IP is 104.18.8.174, located in and belongs to CLOUDFLARENET, US. The main domain is www2.freecreditclick.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 8th 2022. Valid for: a year.

This is the only time www2.freecreditclick.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.219.120.232 52.219.120.232	16509 (AMAZON-02) (AMAZON-02)
1 1	193.201.184.114 193.201.184.114	62214 (RACKFORES...) (RACKFOREST-AS)
2 2	185.232.15.219 185.232.15.219	35913 (DEDIPATH-LLC) (DEDIPATH-LLC)
1 1	54.221.243.88 54.221.243.88	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.161.18.191 35.161.18.191	16509 (AMAZON-02) (AMAZON-02)
29	104.18.8.174 104.18.8.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.209.122.199 3.209.122.199	14618 (AMAZON-AES) (AMAZON-AES)
2	18.233.212.58 18.233.212.58	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:212... 2600:9000:2120:d600:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.19.8.217 3.19.8.217	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
1	13.33.46.69 13.33.46.69	16509 (AMAZON-02) (AMAZON-02)
39	9

1 52.219.120.232 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1.amazonaws.com

s3.us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.201.184.114 (Hungary) 1 redirects

ASN62214 (RACKFOREST-AS, HU)
PTR: numberex.co.uk

applefar.org.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.232.15.219 (Los Angeles, United States) 2 redirects

ASN35913 (DEDIPATH-LLC, US)

mshrmbrgr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qttycold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.243.88 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-243-88.compute-1.amazonaws.com

novatrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.161.18.191 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-18-191.us-west-2.compute.amazonaws.com

marketing.novatrk3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trkot.cake.aclz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 104.18.8.174 (None, )

ASN13335 (CLOUDFLARENET, US)

www2.freecreditclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.122.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-122-199.compute-1.amazonaws.com

seal-dallas.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.233.212.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-212-58.compute-1.amazonaws.com

apigateway.scoresense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2120:d600:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.19.8.217 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-8-217.us-east-2.compute.amazonaws.com

seal.digicert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.46.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-69.ewr52.r.cloudfront.net

48d283h5o7.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	freecreditclick.com www2.freecreditclick.com	257 KB
2	digicert.com seal.digicert.com — Cisco Umbrella Rank: 8070	7 KB
2	scoresense.com apigateway.scoresense.com — Cisco Umbrella Rank: 345320	1 KB
2	amazonaws.com s3.us-west-1.amazonaws.com — Cisco Umbrella Rank: 5648 48d283h5o7.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 354146	507 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	48 KB
1	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 9295	8 KB
1	bbb.org seal-dallas.bbb.org — Cisco Umbrella Rank: 73052	4 KB
1	aclz.net 1 redirects trkot.cake.aclz.net — Cisco Umbrella Rank: 843621	913 B
1	novatrk3.com 1 redirects marketing.novatrk3.com	285 B
1	novatrk.com 1 redirects novatrk.com	824 B
1	qttycold.com 1 redirects qttycold.com	716 B
1	mshrmbrgr.com 1 redirects mshrmbrgr.com	298 B
1	applefar.org.uk 1 redirects applefar.org.uk	374 B
39	13

	Domain	Requested by
29	www2.freecreditclick.com	s3.us-west-1.amazonaws.com www2.freecreditclick.com
2	seal.digicert.com	www2.freecreditclick.com
2	apigateway.scoresense.com	www2.freecreditclick.com
1	48d283h5o7.execute-api.us-east-1.amazonaws.com	www2.freecreditclick.com
1	www.googletagmanager.com	www2.freecreditclick.com
1	cdn.ywxi.net
1	seal-dallas.bbb.org	www2.freecreditclick.com
1	trkot.cake.aclz.net	1 redirects
1	marketing.novatrk3.com	1 redirects
1	novatrk.com	1 redirects
1	qttycold.com	1 redirects
1	mshrmbrgr.com	1 redirects
1	applefar.org.uk	1 redirects
1	s3.us-west-1.amazonaws.com
39	14

This site contains links to these domains. Also see Links.

Domain
members2.scoresense.com
www.mcafeesecure.com
www.bbb.org
img1.cdn180.net

Subject Issuer	Validity	Valid
*.s3-us-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-16`	a year	crt.sh
www2.freecreditclick.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-08` - `2023-01-10`	a year	crt.sh
*.bbb.org GeoTrust RSA CA 2018	`2020-05-15` - `2022-07-03`	2 years	crt.sh
*.onetechnologies.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-08` - `2023-01-10`	a year	crt.sh
*.ywxi.net Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
seal.digicert.com DigiCert SHA2 Secure Server CA	`2020-03-30` - `2022-06-03`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2022-03-10` - `2023-04-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
Frame ID: 858ED5E7D560A452604DA78B10D08BDD
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get Your Credit Scores Now

Page URL History Show full URLs

https://s3.us-west-1.amazonaws.com/jrdkhfrdhgiurhsgserh/jrdkhfrdhgiurhsgserh.html Page URL
http://applefar.org.uk/N3UwSHV2VEpmcGpmV1JhWS92VG1OcGpHWkdIUWtFeUc3WXBWdlV1b1ZjRnhRZEdTM25NY2trTnVV... HTTP 302
https://mshrmbrgr.com/?E=tOunO9Rqd6DYMxyNuHbc8AvZOkeavcEx&s1=26&s2=1042_2&s3=2804_2949_123_9467_md HTTP 302
https://qttycold.com/?E=tOunO9Rqd6DYMxyNuHbc8AvZOkeavcEx&s1=26&s2=1042_2&s3=2804_2949_123_9467_md... HTTP 302
https://novatrk.com/?a=5543&c=1098&s1=705033&s2=390971001&s3=26 HTTP 302
http://marketing.novatrk3.com/?a=292&oc=283&c=476&s1=5543&s2=705033&s3=52647672&s4=282 HTTP 302
https://trkot.cake.aclz.net/?a=292&oc=283&c=476&s1=5543&s2=705033&s3=52647672&s4=282&ckmguid=f205648c-23... HTTP 302
https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

39
Requests

97 %
HTTPS

17 %
IPv6

13
Domains

14
Subdomains

9
IPs

3
Countries

326 kB
Transfer

668 kB
Size

18
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://members2.scoresense.com/Authentication#Login
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.mcafeesecure.com/verify?host=www2.freecreditclick.com

Search URL Search Domain Scan URL

URL: https://www.bbb.org/dallas/business-reviews/internet-marketing-services/one-technologies-in-dallas-tx-90008571#bbbseal

Search URL Search Domain Scan URL

URL: https://img1.cdn180.net/cdnassetsv2/legal/OneTechnologies_TermsAndConditions.pdf
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://img1.cdn180.net/cdnassetsv2/legal/OneTechnologies_PrivacyPolicy.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://img1.cdn180.net/cdnassetsv2/documentation/insurance/id-theft-insurance-summary.pdf
Title: summary

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3.us-west-1.amazonaws.com/jrdkhfrdhgiurhsgserh/jrdkhfrdhgiurhsgserh.html Page URL
http://applefar.org.uk/N3UwSHV2VEpmcGpmV1JhWS92VG1OcGpHWkdIUWtFeUc3WXBWdlV1b1ZjRnhRZEdTM25NY2trTnVVbTFxdHlqdjdsTTQ0dkFwdDlJb1BHQ1NTTzNiVnkwZldlN2lKSG5iTWd6V1FoS29XMW89 HTTP 302
https://mshrmbrgr.com/?E=tOunO9Rqd6DYMxyNuHbc8AvZOkeavcEx&s1=26&s2=1042_2&s3=2804_2949_123_9467_md HTTP 302
https://qttycold.com/?E=tOunO9Rqd6DYMxyNuHbc8AvZOkeavcEx&s1=26&s2=1042_2&s3=2804_2949_123_9467_md&ckmguid=86a2ed14-1eed-4ec7-8596-8ee273cff035 HTTP 302
https://novatrk.com/?a=5543&c=1098&s1=705033&s2=390971001&s3=26 HTTP 302
http://marketing.novatrk3.com/?a=292&oc=283&c=476&s1=5543&s2=705033&s3=52647672&s4=282 HTTP 302
https://trkot.cake.aclz.net/?a=292&oc=283&c=476&s1=5543&s2=705033&s3=52647672&s4=282&ckmguid=f205648c-23fc-4610-ab14-56dd9af8f027 HTTP 302
https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK jrdkhfrdhgiurhsgserh.html
s3.us-west-1.amazonaws.com/jrdkhfrdhgiurhsgserh/ 151 B
507 B 344ms
95ms Document
text/html 52.219.120.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-west-1.amazonaws.com/jrdkhfrdhgiurhsgserh/jrdkhfrdhgiurhsgserh.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.120.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 151
Content-Type: text/html
Date: Thu, 28 Apr 2022 16:52:49 GMT
ETag: "b5c8bd440b8754d8b401d4fb2cdc8f38"
Last-Modified: Thu, 28 Apr 2022 01:48:54 GMT
Server: AmazonS3
x-amz-id-2: Aahc1mvJvBHMDkenTMK92e8pZSQdNYZ+0s6xe/vxm77oux1q7QwFIQLsXiUSNpcm7OOhENcjdmU=
x-amz-request-id: VWMZ6FCR3G6BNH51

GET
H2

200

Primary Request landing-qh398h4f.html Show response
www2.freecreditclick.com/welcome/4p/d/
Redirect Chain

http://applefar.org.uk/N3UwSHV2VEpmcGpmV1JhWS92VG1OcGpHWkdIUWtFeUc3WXBWdlV1b1ZjRnhRZEdTM25NY2trTnVVbTFxdHlqdjdsTTQ0dkFwdDlJb1BHQ1NTTzNiVnkwZldlN2lKSG5iTWd6V1FoS29XMW89
https://mshrmbrgr.com/?E=tOunO9Rqd6DYMxyNuHbc8AvZOkeavcEx&s1=26&s2=1042_2&s3=2804_2949_123_9467_md
https://qttycold.com/?E=tOunO9Rqd6DYMxyNuHbc8AvZOkeavcEx&s1=26&s2=1042_2&s3=2804_2949_123_9467_md&ckmguid=86a2ed14-1eed-4ec7-8596-8ee273cff035
https://novatrk.com/?a=5543&c=1098&s1=705033&s2=390971001&s3=26
http://marketing.novatrk3.com/?a=292&oc=283&c=476&s1=5543&s2=705033&s3=52647672&s4=282
https://trkot.cake.aclz.net/?a=292&oc=283&c=476&s1=5543&s2=705033&s3=52647672&s4=282&ckmguid=f205648c-23fc-4610-ab14-56dd9af8f027
https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEven...

135 KB
28 KB

326ms
213ms

Document
text/html

104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619

Requested by

Host: s3.us-west-1.amazonaws.com
URL: https://s3.us-west-1.amazonaws.com/jrdkhfrdhgiurhsgserh/jrdkhfrdhgiurhsgserh.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c43e41ab4c3d8ee28b7fdd24aeabb5a0de5fe89e0150cde87f1ef9f06e8d8d8d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://s3.us-west-1.amazonaws.com/jrdkhfrdhgiurhsgserh/jrdkhfrdhgiurhsgserh.html#N3UwSHV2VEpmcGpmV1JhWS92VG1OcGpHWkdIUWtFeUc3WXBWdlV1b1ZjRnhRZEdTM25NY2trTnVVbTFxdHlqdjdsTTQ0dkFwdDlJb1BHQ1NTTzNiVnkwZldlN2lKSG5iTWd6V1FoS29XMW89
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, max-age=86400
cf-cache-status: REVALIDATED
cf-ray: 70314f968c7415a7-EWR
content-encoding: br
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-type: text/html
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 29 Apr 2022 16:52:53 GMT
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache-status: NOTCACHED
x-content-type-options: nosniff
x-lb: 01C
x-powered-by: ASP.NET
x-request-id: 622dabca9b7d8140d8ece05732f43fa1
x-xss-protection: 1

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 385
Content-Type: text/html; charset=utf-8
Date: Thu, 28 Apr 2022 16:52:52 GMT
Location: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 bureau-logos_w314xh36.png
www2.freecreditclick.com/welcome/4p/d/images/bureau-logos/ 2 KB
3 KB 207ms
206ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/bureau-logos/bureau-logos_w314xh36.png

Requested by

Host: www2.freecreditclick.com
URL: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

485bd3e193f72619a38fe5ff2156a3f82cf12d378e66fcdff65b72ff483b0981

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 04C
cf-polished: origFmt=png, origSize=2372
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="bureau-logos_w314xh36.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 1822
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: c35ab95283a12fabdd8c50dd355fd4bf
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f97fe3a15a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 hero-desktop_w960xh452.png
www2.freecreditclick.com/welcome/4p/d/images/hero-desktop/ 38 KB
38 KB 199ms
199ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/hero-desktop/hero-desktop_w960xh452.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8e17db0396244ee524d66c7953b3f3fb1851fbb88895647bd6714dfdebd000c9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 01C
cf-polished: origFmt=png, origSize=41429
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="hero-desktop_w960xh452.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 38770
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: 75b6fb2c1ba99762bbfad09f83e65bb2
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f980e3f15a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 one-technologies-90008571.png
seal-dallas.bbb.org/logo/frhzbus/ 3 KB
4 KB 113ms
33ms Image
image/png 3.209.122.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal-dallas.bbb.org/logo/frhzbus/one-technologies-90008571.png
Requested by: Host: www2.freecreditclick.com
URL: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.122.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-122-199.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 82732b9d07094dffe8e6e689ef4f428b6d824faebf0f49ea50a1e293fe11140e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:53 GMT
last-modified: Thu, 28 Apr 2022 15:56:37 GMT
server: Apache
p3p: CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"
etag: 8f58d6443ff61048efef4a1908d4393d
node: Two-EC2-Seal
content-type: image/png
content-disposition: inline; filename="seal-for-90008571.png"
cachefilename: ee5129da9099f9cdba0f54181622062c.png
content-length: 3310
seal-provided-by: Hurdman
cachehit: YES
expires: Fri, 29 Apr 2022 03:56:37 GMT

GET
H2 200 4Stars-Gold_w350xh73.png
www2.freecreditclick.com/welcome/4p/d/images/4Stars-Gold/ 3 KB
5 KB 218ms
215ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/4Stars-Gold/4Stars-Gold_w350xh73.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8a3c1afd079ae5e2ffae3b7e45bd5261b425fc2bff9964213ddbf6ba4ac768f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 01C
cf-polished: origFmt=png, origSize=3566
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="4Stars-Gold_w350xh73.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 3372
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: cbd38407bae2eb35617932751e9d011d
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f980e4b15a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 tina-w_w122xh122.png
www2.freecreditclick.com/welcome/4p/d/images/tina-w/ 9 KB
9 KB 201ms
198ms Image
image/png 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/tina-w/tina-w_w122xh122.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

90f06e263fc8dd9d0c918025d670fe05fe02cc726a093a58fb122fbaae707b8c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:53 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-lb: 04C
x-powered-by: ASP.NET
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 9234
x-xss-protection: 1
x-request-id: e67ec16b7cc6ebec8b61f5fd98ce8d3b
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
etag: "0cc1868da58d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
cf-polished: origSize=10833, status=webp_bigger
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
accept-ranges: bytes
cf-ray: 70314f980e4c15a7-EWR
cf-bgj: imgq:100,h2pri

GET
H2 200 george-w_w122xh122.png
www2.freecreditclick.com/welcome/4p/d/images/george-w/ 8 KB
8 KB 220ms
217ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/george-w/george-w_w122xh122.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

df42360f835c4ddec6fddfbb18d0164f317b0395275ffcbb9166c6a4cfc0df8e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 03C
cf-polished: origFmt=png, origSize=8877
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="george-w_w122xh122.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 8104
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: cc49359960c4bbd697aff90efa900790
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f980e4d15a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 usa-today_w200xh81.png
www2.freecreditclick.com/welcome/4p/d/images/usa-today/ 3 KB
3 KB 236ms
233ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/usa-today/usa-today_w200xh81.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

01670ffa47a3375b5e3fc96b2ce1a49bf6d67970383df7f1ef8fef26477a90e6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 02C
cf-polished: origFmt=png, origSize=2978
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="usa-today_w200xh81.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 2706
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: cf13a1688d93c55300f2b9adcb6c81e4
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f980e4f15a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 yahoo-finance_w183xh67.png
www2.freecreditclick.com/welcome/4p/d/images/yahoo-finance/ 4 KB
5 KB 203ms
200ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/yahoo-finance/yahoo-finance_w183xh67.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c28d5d6821e55658aeb25faca48a9a11326f0026a1b2a81ea0bc99702dd16d35

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 04C
cf-polished: origFmt=png, origSize=4502
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="yahoo-finance_w183xh67.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 4314
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: eaa5565c6e4fc7b053db2df8f5b788fe
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f980e5015a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 market-watch_w259xh38.png
www2.freecreditclick.com/welcome/4p/d/images/market-watch/ 2 KB
3 KB 204ms
200ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/market-watch/market-watch_w259xh38.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ad9a6919d7ecf9d87f9f8581e83d7c0f3a8f73117af11176f9877026cc13c244

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 01C
cf-polished: origFmt=png, origSize=2862
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="market-watch_w259xh38.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 2494
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: 1ce299fcf9adb9c892f5ac0916ad18ca
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f980e5215a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 nbc-news_w134xh108.png
www2.freecreditclick.com/welcome/4p/d/images/nbc-news/ 4 KB
5 KB 219ms
216ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/nbc-news/nbc-news_w134xh108.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f56ac862cd66ad527731a62ddd470206428692e17eb97497bfdd3c6692e86bf8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 01C
cf-polished: origFmt=png, origSize=4554
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="nbc-news_w134xh108.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 4128
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: 3f499d85f30c8e5ffcd0f0764e8489b3
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f980e5415a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 mobile_screen_w315xh454.png
www2.freecreditclick.com/welcome/4p/d/images/mobile_screen/ 33 KB
34 KB 220ms
217ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/mobile_screen/mobile_screen_w315xh454.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5e1e342e7d0f4cf3c0ca872ae216d9cb1eba69f389c8c4bd8dc56797ff5da230

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 01C
cf-polished: origFmt=png, origSize=36545
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="mobile_screen_w315xh454.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 33308
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: c89acec87502caf75dcc4a92b49b4463
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f980e5615a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 monthly-updates_w128xh102.png
www2.freecreditclick.com/welcome/4p/d/images/monthly-updates/ 2 KB
3 KB 230ms
227ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/monthly-updates/monthly-updates_w128xh102.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d4657f29127feb1481b6f700caeb3bfe5c4180b8fa74c6012876b94cf453fa83

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 02C
cf-polished: origFmt=png, origSize=2208
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="monthly-updates_w128xh102.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 1944
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: ff3b15f70b8d3bf841420ef5f112c3cd
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f982e7015a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 daily-monitoring_w154xh88.png
www2.freecreditclick.com/welcome/4p/d/images/daily-monitoring/ 3 KB
5 KB 225ms
223ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/daily-monitoring/daily-monitoring_w154xh88.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

242f23f0e167876b2f4d3416b4d5da59fe3be6eec83f0a23b5d9240c20f577a3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 01C
cf-polished: origFmt=png, origSize=3825
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="daily-monitoring_w154xh88.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 3438
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: 19eb6ccc568f9eaff93dc29335fd29f7
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f982e7215a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 credit-insights_w104xh122.png
www2.freecreditclick.com/welcome/4p/d/images/credit-insights/ 4 KB
4 KB 243ms
241ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/credit-insights/credit-insights_w104xh122.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

436c9b16839af52f7f281e7b0414935e5005a77d21c58a395bce340347002e60

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 01C
cf-polished: origFmt=png, origSize=4429
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="credit-insights_w104xh122.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 4106
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: 0eb1c5e84c9f5de1bc63091624d9f7bb
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f982e7315a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 id-theft_w132xh92.png
www2.freecreditclick.com/welcome/4p/d/images/id-theft/ 2 KB
2 KB 231ms
228ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/id-theft/id-theft_w132xh92.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6100745d7d4c756c2211cc122c4098a3342ae270418901921f49497f5d363420

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 03C
cf-polished: origFmt=png, origSize=1968
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="id-theft_w132xh92.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 1644
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: a1f54e0f8306a1d29ea9284f1b9566e0
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f982e7415a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 sherpa_w325xh240.png
www2.freecreditclick.com/welcome/4p/d/images/sherpa/ 11 KB
11 KB 224ms
221ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/sherpa/sherpa_w325xh240.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ec4f94b19b9ac2e60f796f35ea4cc1959f92d3dc8cf7ded36233b554f580430c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 04C
cf-polished: origFmt=png, origSize=12555
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="sherpa_w325xh240.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 11396
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: 8b6f71020fe50b8b9e876b37d36ee3ab
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f982e7515a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 lock_icon_w100xh100.png
www2.freecreditclick.com/welcome/4p/d/images/lock_icon/ 932 B
2 KB 234ms
232ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/lock_icon/lock_icon_w100xh100.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d3896963ad4bc68de983cc92a223816a9324bd8b4293d4a043b9e2557ec982c0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 02C
cf-polished: origFmt=png, origSize=1148
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="lock_icon_w100xh100.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 932
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: 30dba61c7eed3074c909cbb13415fb32
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f982e7615a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET 1mill_w130xh130.png
www2.freecreditclick.com/welcome/4p/d/images/1mill/ 0
0

GET
H2 200 wl_www2.freecreditclick.com_w440xh150.png
www2.freecreditclick.com/welcome/4p/d/images/wl/ 8 KB
9 KB 221ms
220ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/wl/wl_www2.freecreditclick.com_w440xh150.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

56ff6ed2cf671fa364c8aa42d0c5d1f5f4b70914fd816c26b0baeec682738891

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 01C
cf-polished: origFmt=png, origSize=9562
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="wl_www2.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 8316
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: 9522ec3745d15bdea3690b1530289416
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f982e7915a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 1mill_w130xh130.png
www2.freecreditclick.com/welcome/4p/d/images/1mill/ 7 KB
8 KB 201ms
201ms Image
image/webp 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.freecreditclick.com/welcome/4p/d/images/1mill/1mill_w130xh130.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

10fdf28749a35324412600c9bea3511bbfaa05b1eb3ccd41176bfcca143a6123

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
etag: "0cc1868da58d81:0"
cf-cache-status: REVALIDATED
x-lb: 02C
cf-polished: origFmt=png, origSize=7761
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-disposition: inline; filename="1mill_w130xh130.webp"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-length: 7020
x-xss-protection: 1
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
x-powered-by: ASP.NET
date: Thu, 28 Apr 2022 16:52:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-request-id: a14451be176a69ef1ada4f8daffadefb
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 70314f985ecb15a7-EWR
x-content-type-options: nosniff
cf-bgj: imgq:100,h2pri

GET
H2 200 config.json Show response
www2.freecreditclick.com/welcome/4p/d/ 804 B
506 B 204ms
204ms Fetch
application/json 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.freecreditclick.com/welcome/4p/d/config.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

17fee7f9a48a119fce08dbc8f22336811b77df29e9977937bcb4c5ddb69b9efa

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-lb: 03C
x-powered-by: ASP.NET
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
x-request-id: 5d7bea2f5d7bfec2852f79ede404eaef
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Wed, 27 Apr 2022 14:23:32 GMT
server: cloudflare
etag: W/"0a435f425ad81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=86400
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
cf-ray: 70314f986edb15a7-EWR
expires: Fri, 29 Apr 2022 16:52:53 GMT

GET
H2 200 start_here_form.js Show response
www2.freecreditclick.com/welcome/4p/d/components/start_here_form/ 34 KB
12 KB 205ms
204ms Script
application/javascript 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.freecreditclick.com/welcome/4p/d/components/start_here_form/start_here_form.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

70e94342688b017dea2df310b3e6edbd5196018ee09349bdd71b63e6c47aa25a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-lb: 01C
x-powered-by: ASP.NET
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
vary: Accept-Encoding
x-xss-protection: 1
x-request-id: 8ee35bef7085f62c41cdfbd2aad85eab
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
etag: W/"0cc1868da58d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-type: application/javascript
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
cf-ray: 70314f986edc15a7-EWR
cf-bgj: minify

GET
H2 200 submit_button.js Show response
www2.freecreditclick.com/welcome/4p/d/components/submit_button/ 31 KB
10 KB 200ms
200ms Script
application/javascript 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.freecreditclick.com/welcome/4p/d/components/submit_button/submit_button.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

48ee2ad961fff525b6753ab7c7b6bc1b77da5be1013b6691cc8c49f6a86194ba

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-lb: 04C
x-powered-by: ASP.NET
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
vary: Accept-Encoding
x-xss-protection: 1
x-request-id: de6cbf9991c7f45cb0d75402eb1bcef9
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
etag: W/"0cc1868da58d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-type: application/javascript
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
cf-ray: 70314f986edd15a7-EWR
cf-bgj: minify

GET
H2 200 comparison_chart.js Show response
www2.freecreditclick.com/welcome/4p/d/components/comparison_chart/ 26 KB
8 KB 201ms
201ms Script
application/javascript 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.freecreditclick.com/welcome/4p/d/components/comparison_chart/comparison_chart.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6e1599bb2a1e8fe56b9beafda5dc9d5d94cd6ee0e91687f4989d0c67a7f4eff9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-lb: 01C
x-powered-by: ASP.NET
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
vary: Accept-Encoding
x-xss-protection: 1
x-request-id: e89c3b6f793056428d2d4d3065d0db15
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
etag: W/"0cc1868da58d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-type: application/javascript
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
cf-ray: 70314f986ee015a7-EWR
cf-bgj: minify

GET
H2 200 credit_secrets.js Show response
www2.freecreditclick.com/welcome/4p/d/components/credit_secrets/ 27 KB
9 KB 203ms
203ms Script
application/javascript 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.freecreditclick.com/welcome/4p/d/components/credit_secrets/credit_secrets.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6e6544003b1c5e133689b316be54787ed4f0ecf67f81e5d4263899e7bad3c484

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-lb: 02C
x-powered-by: ASP.NET
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
vary: Accept-Encoding
x-xss-protection: 1
x-request-id: b40c0dc095ec40f1f787026d10072234
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
etag: W/"0cc1868da58d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-type: application/javascript
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
cf-ray: 70314f987ee215a7-EWR
cf-bgj: minify

GET
H2 200 accordion.js Show response
www2.freecreditclick.com/welcome/4p/d/components/accordion/ 2 KB
785 B 213ms
212ms Script
application/javascript 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.freecreditclick.com/welcome/4p/d/components/accordion/accordion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5023c48bf612d76a61d4ef4f3b41a716611cdba82565b3c7ac8e5fc40289c3c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-lb: 02C
x-powered-by: ASP.NET
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
vary: Accept-Encoding
x-xss-protection: 1
x-request-id: f66ed49fa094c79b47ca3c396d32fc03
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
etag: W/"0cc1868da58d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-type: application/javascript
expires: Fri, 29 Apr 2022 16:52:53 GMT
cache-control: public, max-age=86400
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
cf-ray: 70314f987ee715a7-EWR
cf-bgj: minify

POST
H2 200 enroll Show response
apigateway.scoresense.com/ 2 KB
1 KB 246ms
246ms Fetch
application/json 18.233.212.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apigateway.scoresense.com/enroll?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
Requested by: Host: www2.freecreditclick.com
URL: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.212.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-212-58.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0ef7ed2adc47decf9074d9dfb5d3c98d09341c74ea34e54800610a58df1324e2

Request headers

Accept: application/json
Referer: https://www2.freecreditclick.com/
Authorization: undefined
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key
Content-Type: application/json

Response headers

date: Thu, 28 Apr 2022 16:52:53 GMT
via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 1648
x-amz-cf-pop: IAD89-P1
x-amzn-requestid: 7f990d19-5e60-4ef4-847c-6189580736d4
x-cache: Miss from cloudfront
content-encoding: gzip
x-amz-apigw-id: RTPv5GOhoAMF8OQ=
x-request-id: 69fad6ee1a5df6c908a58c87afe1c858
server: nginx
x-amzn-trace-id: Root=1-626ac665-0f2f901111da39b96e83f458
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: Zm6-nkyVuA-TWTCous-eWejOqIZAX0Czo0sZw4KeUWo300hlHO36Fg==

OPTIONS
H2 200 enroll
apigateway.scoresense.com/ 0
0 139ms
42ms Preflight
application/json 18.233.212.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apigateway.scoresense.com/enroll?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.233.212.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-212-58.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://www2.freecreditclick.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,X-Correlation-Id,X-Forwarded-For,X-Forwarded-User-Agent,X-Forwarded-Referer,X-Forwarded-Referrer,Referer,X-Forwarded-Host
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 28 Apr 2022 16:52:53 GMT
server: nginx
via: 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront)
x-amz-apigw-id: RTPv5EgkoAMFtFA=
x-amz-cf-id: s9D4PYs7nnD5lQX_-hhG-sXu2ApVRI_GpfDv5hr1l5R3P7Xkt_TV1w==
x-amz-cf-pop: IAD89-P1
x-amzn-requestid: f72e23b0-d565-4173-8756-7c064252a910
x-amzn-trace-id: Root=1-626ac665-1b4a079e6f8f8de317c740f8
x-cache: Miss from cloudfront
x-request-id: da919860d14e4c516d8f0fc64e772c42

GET
H2 200 101.gif
cdn.ywxi.net/meter/www2.freecreditclick.com/ 19 KB
8 KB 109ms
31ms Image
image/svg+xml 2600:9000:2120:d600:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ywxi.net/meter/www2.freecreditclick.com/101.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:d600:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1444
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 7295
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 a1882a601559755135741e91a9f86c28.cloudfront.net (CloudFront)
cache-control: public
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: NdxtXiYkxgFWOG71Jp-J1iMau7-QvAWBBMJB9nm7cGiOUzCPGVuDdQ==
expires: Thu, 28 Apr 2022 17:28:49 GMT

GET
H/1.1 200
OK seal.min.js Show response
seal.digicert.com/seals/cascade/ 7 KB
4 KB 112ms
35ms Script
application/javascript 3.19.8.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.digicert.com/seals/cascade/seal.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.19.8.217 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-19-8-217.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

277b0281ce8610bb77c2a8332c8544d26fa6ae6c6a29dd9418a3805d92a6ac14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 28 Apr 2022 16:52:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Apr 2022 14:42:19 GMT
Server: nginx
ETag: W/"1df4-5ddb7eed148c0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block, 1; mode=block

POST
H2 200 LogAction Show response
www2.freecreditclick.com/json/AjaxLogger.aspx/ 10 B
1 KB 189ms
189ms XHR
application/json 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.freecreditclick.com/json/AjaxLogger.aspx/LogAction

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a6f4226558575c4f25a7e74bafc438f0538c600ba4ac98d5f131a6ebd660d796

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/json; charset=UTF-8

Response headers

date: Thu, 28 Apr 2022 16:52:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
content-length: 10
x-xss-protection: 1
x-request-id: e0d70d29a09500ce258729d271733521
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
cf-ray: 70314f9c3c0315a7-EWR
x-lb: 04C

GET
H/1.1 200
OK /
seal.digicert.com/seals/cascade/ 3 KB
4 KB 36ms
36ms Image
image/png 3.19.8.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.digicert.com/seals/cascade/?tag=wBO1sSvg&referer=www2.freecreditclick.com&format=png&lang=en&seal_number=15&seal_size=s&an=min

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.19.8.217 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-19-8-217.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

202d124cfbdf21fb5f5d09094c9b9ab6523960595e009145765e24bc4050971c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 28 Apr 2022 16:52:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Apr 2022 00:00:00 +0000
Server: nginx
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-control: max-age=86400
Connection: keep-alive
Content-Length: 3419
X-XSS-Protection: 1; mode=block, 1; mode=block
Expires: Fri, 29 Apr 2022 11:03:55 +0000

GET
H2 200 gtm.js Show response
www2.freecreditclick.com/welcome/4p/d/ 9 KB
3 KB 204ms
203ms Script
application/javascript 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.freecreditclick.com/welcome/4p/d/gtm.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

de21522fafc1a705d9f8014251cc1b69541853acac67b2eb542288833f089523

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-lb: 01C
x-powered-by: ASP.NET
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
vary: Accept-Encoding
x-xss-protection: 1
x-request-id: 077b5e427d21bc97c2c9a3b35d82c885
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
etag: W/"0cc1868da58d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-type: application/javascript
expires: Fri, 29 Apr 2022 16:52:55 GMT
cache-control: public, max-age=86400
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
cf-ray: 70314fa658b515a7-EWR
cf-bgj: minify

GET
H2 200 boomerang-async.js Show response
www2.freecreditclick.com/welcome/4p/d/ 17 KB
6 KB 199ms
199ms Script
application/javascript 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.freecreditclick.com/welcome/4p/d/boomerang-async.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

43b13abb2153e9323369d150e5e5a2d930d24ab3c94111a68542fb438cfe3f9d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-lb: 04C
x-powered-by: ASP.NET
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
vary: Accept-Encoding
x-xss-protection: 1
x-request-id: 3f9f096ffc9bbeb9175335b35ee2925d
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
etag: W/"0cc1868da58d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-type: application/javascript
expires: Fri, 29 Apr 2022 16:52:55 GMT
cache-control: public, max-age=86400
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
cf-ray: 70314fa658b815a7-EWR
cf-bgj: minify

GET
H2 200 boomerang-1.0.0.min.js Show response
www2.freecreditclick.com/welcome/4p/d/vendor/ 69 KB
20 KB 207ms
206ms Script
application/javascript 104.18.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.freecreditclick.com/welcome/4p/d/vendor/boomerang-1.0.0.min.js

Requested by

Host: www2.freecreditclick.com
URL: https://www2.freecreditclick.com/welcome/4p/d/boomerang-async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0b8047b617f3793fe2f729f4825f2ce7f072e80383be602c1a6b4bd712744d7d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/welcome/4p/d/landing-qh398h4f.html?id=3795&ord=1&append=1&edata=5543&edata2=705033&edata3=52647672&edata4=282&edata5=&ckmreqid=176087619&ckmat=1&siteId=214&cakeEventId=2&transid=176087619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-lb: 04C
x-powered-by: ASP.NET
x-cache-status: NOTCACHED
content-security-policy-report-only: default-src 'self' data 'unsafe-inline' 'unsafe-eval' *.scoresense.com *.scoresensebasic.com *.freescoreonline.com *.nationalcreditreport.com *.freescore360.com https://img1.cdn180.net *.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apigateway.scoresense.com/ https://www.cardratings.com https://img1.cdn180.net https://safetechpageencryptionvar.chasepayment.com https://safetechpageencryptionvar.chasepaymentech.com *.salesforceliveagent.com cardratings.com seal-dallas.bbb.org seal.digicert.com https://safetechpageencryption.chasepaymentech.com https://www.googletagmanager.com www.google-analytics.com bat.bing.com *.siteintercept.qualtrics.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.facebook.net seal-dallas.bbb.org ; img-src * 'self' data: https:; connect-src 'self' ws: wss: *.decibelinsight.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.onetechnologies.net stats.g.doubleclick.net *.siteintercept.qualtrics.com https://apigateway.scoresense.com https://seal.digicert.com https://images.scanalert.com https://seal-dallas.bbb.org https://onetechnologies.secure.force.com https://www.gstatic.com https://fonts.googleapis.com https://c.la1-c1-ia5.salesforceliveagent.com https://www.googletagmanager.com https://consumerconnect.tui.transunion.com ; font-src 'self' https://fonts.gstatic.com ; frame-src ; frame-ancestors *.scoresense.com *.freescoreonline.com *.nationalcreditreport.com; report-to ot-reporter; report-uri https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
x-request-id: 3a5823c3b6db3b5b0df8587996b677e3
reporting-endpoints: ot-reporter='https://xtvenwskmk.execute-api.us-east-1.amazonaws.com/infosec'
last-modified: Mon, 25 Apr 2022 19:26:48 GMT
server: cloudflare
etag: W/"0cc1868da58d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval' blob:; style-src * data: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline' 'unsafe-eval' blob:; font-src * data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors scoresense.com freescoreonline.com nationalcreditreport.com;
cf-ray: 70314fa7aa2715a7-EWR
expires: Fri, 29 Apr 2022 16:52:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
48 KB 95ms
35ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PKKZ9W

Requested by

Host: www2.freecreditclick.com
URL: https://www2.freecreditclick.com/welcome/4p/d/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f174e9ad2c41a5343734fe44831d69675cae41fc3c17a254a59df09212aae67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www2.freecreditclick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:52:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48890
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 16:05:56 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Apr 2022 16:52:55 GMT

POST
H2 200 ingest
48d283h5o7.execute-api.us-east-1.amazonaws.com/prod/ 0
0 121ms
63ms Ping
application/json 13.33.46.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://48d283h5o7.execute-api.us-east-1.amazonaws.com/prod/ingest
Requested by: Host: www2.freecreditclick.com
URL: https://www2.freecreditclick.com/welcome/4p/d/vendor/boomerang-1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.46.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-69.ewr52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www2.freecreditclick.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www2.freecreditclick.com
URL: https://www2.freecreditclick.com/welcome/4p/d/images/1mill/1mill_w130xh130.png

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.qttycold.com/	1969-12-31 23:59:59	Name: st Value: gNbFE+u03/fViCb0Ku1uMVIJM/WOF/669Qi0WqM8f8YuNaQmTmlo9g==
.qttycold.com/	1970-01-20 20:12:03	Name: tym Value: O3IbX+VWk5k59SOlvaSkWFIJM/WOF/669Qi0WqM8f8YuNaQmTmlo9g==
.qttycold.com/	1970-01-20 03:22:36	Name: c2144 Value: gNbFE+u03/eQR+RoClPHfUC2FBo6z7CVlAu6+eNE633MbBuK6zJUYg==
.novatrk.com/	1969-12-31 23:59:59	Name: sid Value: u8jcJ6RdnavGx6xApOqs+7GtP1cJEpoUgA3mWIXzFegNBpMG8c2rwQ==
.novatrk.com/	1970-01-20 20:12:03	Name: trk Value: UcDnnMafivrGx6xApOqs+7GtP1cJEpoUgA3mWIXzFegNBpMG8c2rwQ==
.novatrk.com/	1970-01-20 03:22:36	Name: c282 Value: u8jcJ6RdnavvSoYc7gW0qj9iwlJyXai7Wsu3BYNrfVzuXaGFIQ7frQ==
.trkot.cake.aclz.net/	1969-12-31 23:59:59	Name: sid Value: 1aSILVXLEjVOw0FpHMsuESsmnDQR+bFDAm6v8ea2nt/vJSjlYV/qxA==
.trkot.cake.aclz.net/	1970-01-20 20:12:03	Name: trk Value: GdjzC54H/iH2S+6UYBvJ3ysmnDQR+bFDAm6v8ea2nt/vJSjlYV/qxA==
.trkot.cake.aclz.net/	1970-01-20 20:12:03	Name: c214 Value: 1aSILVXLEjX4YDh7WWbdBYXOtCtjOp9VDFFoOWrv0QqmHvwlLbnMvg==
.freecreditclick.com/	1970-01-20 02:39:28	Name: lid Value: 6A885D7B-A0F9-4AB7-8524-0EA3E791425D
.freecreditclick.com/	1969-12-31 23:59:59	Name: cid Value: 6A885D7B-A0F9-4AB7-8524-0EA3E791425D
.freecreditclick.com/	1970-01-20 02:39:28	Name: MediaVisitId Value: -1799742370
.freecreditclick.com/	1969-12-31 23:59:59	Name: ProspectID Value: 583006639
.freecreditclick.com/	1970-01-20 02:39:28	Name: VisitID Value: 742472364
www2.freecreditclick.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: xltdac1mvz05c32ulk41ppmx
.freecreditclick.com/	1969-12-31 23:59:59	Name: DCV Value:
.freecreditclick.com/	1970-01-20 04:49:00	Name: _gcl_au Value: 1.1.2102762255.1651164776
.freecreditclick.com/	1970-01-20 02:49:29	Name: RT Value: "z=1&dm=freecreditclick.com&si=e9790fc4-157b-4e11-ac38-07696ed0c59d&ss=l2j8vdaw&sl=1&tt=3r9&bcn=https%3A%2F%2F48d283h5o7.execute-api.us-east-1.amazonaws.com%2Fprod%2Fingest&ld=5mq"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

48d283h5o7.execute-api.us-east-1.amazonaws.com
apigateway.scoresense.com
applefar.org.uk
cdn.ywxi.net
marketing.novatrk3.com
mshrmbrgr.com
novatrk.com
qttycold.com
s3.us-west-1.amazonaws.com
seal-dallas.bbb.org
seal.digicert.com
trkot.cake.aclz.net
www.googletagmanager.com
www2.freecreditclick.com
www2.freecreditclick.com
104.18.8.174
13.33.46.69
18.233.212.58
185.232.15.219
193.201.184.114
2600:9000:2120:d600:14:6bfc:5740:93a1
2607:f8b0:4006:80e::2008
3.19.8.217
3.209.122.199
35.161.18.191
52.219.120.232
54.221.243.88
01670ffa47a3375b5e3fc96b2ce1a49bf6d67970383df7f1ef8fef26477a90e6
0b8047b617f3793fe2f729f4825f2ce7f072e80383be602c1a6b4bd712744d7d
0ef7ed2adc47decf9074d9dfb5d3c98d09341c74ea34e54800610a58df1324e2
10fdf28749a35324412600c9bea3511bbfaa05b1eb3ccd41176bfcca143a6123
17fee7f9a48a119fce08dbc8f22336811b77df29e9977937bcb4c5ddb69b9efa
202d124cfbdf21fb5f5d09094c9b9ab6523960595e009145765e24bc4050971c
242f23f0e167876b2f4d3416b4d5da59fe3be6eec83f0a23b5d9240c20f577a3
277b0281ce8610bb77c2a8332c8544d26fa6ae6c6a29dd9418a3805d92a6ac14
436c9b16839af52f7f281e7b0414935e5005a77d21c58a395bce340347002e60
43b13abb2153e9323369d150e5e5a2d930d24ab3c94111a68542fb438cfe3f9d
485bd3e193f72619a38fe5ff2156a3f82cf12d378e66fcdff65b72ff483b0981
48ee2ad961fff525b6753ab7c7b6bc1b77da5be1013b6691cc8c49f6a86194ba
5023c48bf612d76a61d4ef4f3b41a716611cdba82565b3c7ac8e5fc40289c3c8
56ff6ed2cf671fa364c8aa42d0c5d1f5f4b70914fd816c26b0baeec682738891
5e1e342e7d0f4cf3c0ca872ae216d9cb1eba69f389c8c4bd8dc56797ff5da230
6100745d7d4c756c2211cc122c4098a3342ae270418901921f49497f5d363420
6e1599bb2a1e8fe56b9beafda5dc9d5d94cd6ee0e91687f4989d0c67a7f4eff9
6e6544003b1c5e133689b316be54787ed4f0ecf67f81e5d4263899e7bad3c484
70e94342688b017dea2df310b3e6edbd5196018ee09349bdd71b63e6c47aa25a
74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794
82732b9d07094dffe8e6e689ef4f428b6d824faebf0f49ea50a1e293fe11140e
8a3c1afd079ae5e2ffae3b7e45bd5261b425fc2bff9964213ddbf6ba4ac768f8
8e17db0396244ee524d66c7953b3f3fb1851fbb88895647bd6714dfdebd000c9
90f06e263fc8dd9d0c918025d670fe05fe02cc726a093a58fb122fbaae707b8c
a6f4226558575c4f25a7e74bafc438f0538c600ba4ac98d5f131a6ebd660d796
ad9a6919d7ecf9d87f9f8581e83d7c0f3a8f73117af11176f9877026cc13c244
c28d5d6821e55658aeb25faca48a9a11326f0026a1b2a81ea0bc99702dd16d35
c43e41ab4c3d8ee28b7fdd24aeabb5a0de5fe89e0150cde87f1ef9f06e8d8d8d
d3896963ad4bc68de983cc92a223816a9324bd8b4293d4a043b9e2557ec982c0
d4657f29127feb1481b6f700caeb3bfe5c4180b8fa74c6012876b94cf453fa83
de21522fafc1a705d9f8014251cc1b69541853acac67b2eb542288833f089523
df42360f835c4ddec6fddfbb18d0164f317b0395275ffcbb9166c6a4cfc0df8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4f94b19b9ac2e60f796f35ea4cc1959f92d3dc8cf7ded36233b554f580430c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f174e9ad2c41a5343734fe44831d69675cae41fc3c17a254a59df09212aae67c
f56ac862cd66ad527731a62ddd470206428692e17eb97497bfdd3c6692e86bf8

www2.freecreditclick.com Open in urlscan Pro 104.18.8.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

17 %IPv6

13 Domains

14 Subdomains

9 IPs

3 Countries

326 kBTransfer

668 kBSize

18 Cookies

6 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www2.freecreditclick.com Open in urlscan Pro
104.18.8.174 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

17 %
IPv6

13
Domains

14
Subdomains

9
IPs

3
Countries

326 kB
Transfer

668 kB
Size

18
Cookies

39 HTTP transactions
1 data transactions