urlscan.io logo urlscan.io
SecurityTrails logo

secure.freshbooks.com Open in urlscan Pro
151.101.14.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.freshbooks.com/login/
Submission: On December 04 via api from CZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 26 HTTP transactions. The main IP is 151.101.14.217, located in Frankfurt am Main, Germany and belongs to FASTLY - Fastly, US. The main domain is secure.freshbooks.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on August 16th 2019. Valid for: a year.
This is the only time secure.freshbooks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 151.101.14.217 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 151.101.2.217 54113 (FASTLY)
1 23.45.102.81 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.14.110 54113 (FASTLY)
2 147.75.33.59 54825 (PACKET)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2 54.239.17.112 16509 (AMAZON-02)
2 162.247.242.21 23467 (NEWRELIC-...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 147.75.84.181 54825 (PACKET)
26 13
3    151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
secure.freshbooks.com
1    2a02:26f0:6c00:181::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cdn.optimizely.com
6    151.101.2.217 (United States)

ASN54113 (FASTLY - Fastly, US)
fb-assets.com
1    23.45.102.81 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-102-81.deploy.static.akamaitechnologies.com
cdn3.optimizely.com
3    2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
2    147.75.33.59 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-4
static.hotjar.com
script.hotjar.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
s.amazon-adsystem.com
2    162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    147.75.84.181 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
vars.hotjar.com
Domain Requested by
6 fb-assets.com secure.freshbooks.com
3 www.google-analytics.com 1 redirects www.googletagmanager.com
3 www.googletagmanager.com secure.freshbooks.com
www.googletagmanager.com
3 secure.freshbooks.com secure.freshbooks.com
2 bam.nr-data.net js-agent.newrelic.com
2 s.amazon-adsystem.com 1 redirects
2 bat.bing.com secure.freshbooks.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 static.hotjar.com www.googletagmanager.com
1 js-agent.newrelic.com secure.freshbooks.com
1 cdn3.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com secure.freshbooks.com
26 16

This site contains links to these domains. Also see Links.

Domain
my.freshbooks.com
www.freshbooks.com
Subject Issuer Validity Valid
r2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-08-16 -
2020-07-16		 a year crt.sh
cdn.optimizely.com
DigiCert ECC Secure Server CA		 2018-11-24 -
2020-02-23		 a year crt.sh
a3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-13 -
2020-09-10		 10 months crt.sh
*.optimizely.com
DigiCert ECC Secure Server CA		 2018-11-24 -
2020-02-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-10-06 -
2020-01-04		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2019-12-03 -
2020-11-06		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh
www.google.de
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-10-06 -
2020-01-04		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-10-06 -
2020-01-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://secure.freshbooks.com/login/
Frame ID: 67598A3848116285D4EC2A271DDAADFA
Requests: 25 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: 707DF7CFC46F07049A1FD3A11A980119
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i

Page Statistics

26
Requests

100 %
HTTPS

47 %
IPv6

13
Domains

16
Subdomains

13
IPs

5
Countries

400 kB
Transfer

1369 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De66c3a6a-136e-ccdd-1f2e-d59696f86f9f%26type%3DUNKNOWN%26m%3D7&ex-fch=416613&ex-src=https://www.freshbooks.com/&ex-hargs=v%3D1.0%3Bc%3D4729388690601%3Bp%3DE66C3A6A-136E-CCDD-1F2E-D59696F86F9F HTTP 302
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De66c3a6a-136e-ccdd-1f2e-d59696f86f9f%26type%3DUNKNOWN%26m%3D7&ex-fch=416613&ex-src=https://www.freshbooks.com/&ex-hargs=v%3D1.0%3Bc%3D4729388690601%3Bp%3DE66C3A6A-136E-CCDD-1F2E-D59696F86F9F&dcc=t
Request Chain 19
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2056307868&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.freshbooks.com%2Flogin%2F&dp=%2Flogin%2F&ul=en-us&de=UTF-8&dt=Login%20%7C%20FreshBooks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=FreshApp&ea=Classic%20Site%20visit&_u=YEBAAEAB~&jid=392635595&gjid=2064656685&cid=955411477.1575487471&tid=UA-3907864-11&_gid=213933534.1575487471&_r=1&gtm=2wgav9TSPQG43&cd23=classic&cd47=return&z=1674243549 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3907864-11&cid=955411477.1575487471&jid=392635595&_gid=213933534.1575487471&gjid=2064656685&_v=j79&z=1674243549 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3907864-11&cid=955411477.1575487471&jid=392635595&_v=j79&z=1674243549 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3907864-11&cid=955411477.1575487471&jid=392635595&_v=j79&z=1674243549&slf_rd=1&random=2703382263

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.freshbooks.com/login/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx / PHP/7.3.5
Resource Hash
bf212a44d92397947449e98174b817a72facff9a6e666a30f2eb83fe284eda9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
secure.freshbooks.com
:scheme
https
:path
/login/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
content-type
text/html; charset=utf-8
x-powered-by
PHP/7.3.5
x-frame-options
SAMEORIGIN
p3p
CP="FreshBooks does not have a P3P policy. To see our privacy policy, go here: http://www.freshbooks.com/policies/privacy"
set-cookie
app_session=a7a38dde7aa16d630bb183b8ce6b053d; path=/; domain=.freshbooks.com; secure; HttpOnly
content-encoding
gzip
expires
Tue, 04 Dec 2018 19:24:30 GMT
via
1.1 google 1.1 varnish
accept-ranges
bytes
date
Wed, 04 Dec 2019 19:24:30 GMT
x-served-by
cache-fra19143-FRA
x-cache
MISS
x-cache-hits
0
vary
Accept-Encoding
x-backend
5Cycn8u8lADMfSzSZSVKPm--F_gcp_private
cache-control
no-cache, no-store, must-revalidate, private
strict-transport-security
max-age=31536000; includeSubDomains; preload
pragma
no-cache
128069571.js
cdn.optimizely.com/js/ 		184 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/128069571.js
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e80412d42410a690d0136efae7eed8afb855419754d2810f33ac05b68bd81db
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
GizT.dQwARxIPNS1YWUISyWfM.Fubcli
content-encoding
gzip
x-amz-request-id
4236C7B1EEDF4E7E
status
200
access-control-max-age
86400
date
Wed, 04 Dec 2019 19:24:30 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
content-length
66046
x-amz-id-2
/LSW98LU7pOEjP1mlcyRIikjeIYRw/nNzu8O3u01Rxdcqp78luVbMKi6ivvcHN0qCMrDwGo9qTo=
last-modified
Mon, 28 Oct 2019 14:45:23 GMT
server
AmazonS3
etag
"c799878ba357fdcd3c88ee72333694a5"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
5246
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
responsive-login.v1573568469.css
fb-assets.com/cache/css/ 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fb-assets.com/cache/css/responsive-login.v1573568469.css
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
b8ceed2331c1dfdfa8bb2a9c425dd405580147fea05e6d0496c0fc945050ed53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:30 GMT
content-encoding
gzip
age
1912917
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
9408
x-served-by
cache-fra19138-FRA
last-modified
Tue, 12 Nov 2019 14:21:09 GMT
server
nginx
x-timer
S1575487471.865032,VS0,VE12
etag
"cdc3-59726f59fdf40-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 google, 1.1 varnish
expires
Fri, 09 Nov 2029 16:02:33 GMT
cache-control
public
accept-ranges
bytes
x-cache-hits
1
ajax-loader.v1573568037.gif
fb-assets.com/cache/images/login/ 		673 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fb-assets.com/cache/images/login/ajax-loader.v1573568037.gif
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
151c3be2e7b7cfcc5e18857d8da6c7c6a5ddbfd9108d17ad78c69fd1baa08d6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:30 GMT
via
1.1 google, 1.1 varnish
age
1912918
x-cache
HIT
status
200
content-length
673
x-served-by
cache-fra19138-FRA
last-modified
Fri, 08 Nov 2019 15:12:44 GMT
server
nginx
x-timer
S1575487471.865020,VS0,VE13
etag
"2a1-596d736bc5300"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
expires
Fri, 09 Nov 2029 15:56:45 GMT
cache-control
public
accept-ranges
bytes
x-cache-hits
1
check-your-inbox.v1573568037.png
fb-assets.com/cache/images/login/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fb-assets.com/cache/images/login/check-your-inbox.v1573568037.png
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
4ea31a451249fbe70e375a0e5dac2c291acf2eb5de60283645995494bd046ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:30 GMT
via
1.1 google, 1.1 varnish
age
1912917
x-cache
HIT
status
200
content-length
6495
x-served-by
cache-fra19138-FRA
last-modified
Tue, 12 Nov 2019 14:13:57 GMT
server
nginx
x-timer
S1575487471.865122,VS0,VE13
etag
"195f-59726dbe01340"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
expires
Fri, 09 Nov 2029 15:57:23 GMT
cache-control
public
accept-ranges
bytes
x-cache-hits
1
jquery-combine.v1573568436.js
secure.freshbooks.com/cache/js/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.freshbooks.com/cache/js/jquery-combine.v1573568436.js
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
f4248b8db405993fb6bea00935bcb609349eba1ab9e035bbc1bd24d7f2b84f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:30 GMT
content-encoding
gzip
x-backend
cluster_dir_chash_frankfurt_de
age
1913118
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
45862
x-served-by
cache-fra19143-FRA
pragma
no-cache
last-modified
Tue, 12 Nov 2019 14:20:36 GMT
server
nginx
etag
"2062e-59726f3a85500-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google, 1.1 varnish
expires
Mon, 12 Nov 2018 15:59:12 GMT
cache-control
no-cache, no-store, must-revalidate, private
accept-ranges
bytes
x-cache-hits
1
responsive-login.v1573568460.js
secure.freshbooks.com/cache/js/ 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.freshbooks.com/cache/js/responsive-login.v1573568460.js
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
c668d79f2a909bb29e4599e1908967cee17b31e3fca7296923f35695a2912bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:30 GMT
content-encoding
gzip
x-backend
cluster_dir_chash_frankfurt_de
age
1912917
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
40757
x-served-by
cache-fra19143-FRA
pragma
no-cache
last-modified
Tue, 12 Nov 2019 14:21:00 GMT
server
nginx
etag
"1d947-59726f5168b00-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google, 1.1 varnish
expires
Mon, 12 Nov 2018 16:02:33 GMT
cache-control
no-cache, no-store, must-revalidate, private
accept-ranges
bytes
x-cache-hits
1
geo2.js
cdn3.optimizely.com/js/ 		295 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo2.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/128069571.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.45.102.81 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-102-81.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f4594634ae49556e011269584ce065f26b63e7c67f7182a980ab6ac8916ff2f3

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server
AmazonS3
x-amz-request-id
32BE45AD1E8598E7
ETag
"adadfc5d7afd13e353d9d52cec1c7827"
Content-Type
application/javascript
Cache-Control
max-age=63455
Date
Wed, 04 Dec 2019 19:24:31 GMT
Connection
keep-alive
Content-Length
295
x-amz-id-2
61yDz8sxYQ5xAtupMwCXsXVoC2LAx1y/SQifEqePuP3oUNRCiK2sIB3aOi430ivtv/3LeiaRjAE=
gtm.js
www.googletagmanager.com/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MCH68J&l=fbGtmDataLayer
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c557265ba486f27f9f9ae01a5d7ba68bed438e96e7034785317b8f7f7de5418
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:31 GMT
content-encoding
br
last-modified
Wed, 04 Dec 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
19633
x-xss-protection
0
expires
Wed, 04 Dec 2019 19:24:31 GMT
default_white_ca.v1573568037.png
fb-assets.com/cache/images/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fb-assets.com/cache/images/logos/default_white_ca.v1573568037.png
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
d48b5842bc7d8999d4bff39f3bd473e185a05cebc581ed2845d1f0165aea1d1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://fb-assets.com/cache/css/responsive-login.v1573568469.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:31 GMT
via
1.1 google, 1.1 varnish
age
1912917
x-cache
HIT
status
200
content-length
4203
x-served-by
cache-fra19138-FRA
last-modified
Tue, 12 Nov 2019 14:13:57 GMT
server
nginx
x-timer
S1575487471.047491,VS0,VE7
etag
"106b-59726dbe01340"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
expires
Fri, 09 Nov 2029 15:57:28 GMT
cache-control
public
accept-ranges
bytes
x-cache-hits
1
itcfranklingothicstd-book-webfont.woff
fb-assets.com/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fb-assets.com/fonts/itcfranklingothicstd-book-webfont.woff
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
17ccc87afcae0336dc1922b2b7706eb848892343725971989649bc886f2d3f06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fb-assets.com/cache/css/responsive-login.v1573568469.css
Origin
https://secure.freshbooks.com

Response headers

date
Wed, 04 Dec 2019 19:24:31 GMT
via
1.1 google, 1.1 varnish
age
828420
x-cache
HIT
status
200
content-length
27444
x-served-by
cache-fra19166-FRA
last-modified
Tue, 12 Nov 2019 14:13:57 GMT
server
nginx
x-timer
S1575487471.060334,VS0,VE10
etag
"6b34-59726dbe01340"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
responsive-loader.v1573568037.gif
fb-assets.com/cache/images/responsive/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fb-assets.com/cache/images/responsive/responsive-loader.v1573568037.gif
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/cache/js/responsive-login.v1573568460.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
40cf2b718c628ab7faf283a0b5b72480e017d76683ef596716c0a5a46e1e7225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://fb-assets.com/cache/css/responsive-login.v1573568469.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:31 GMT
via
1.1 google, 1.1 varnish
age
1906673
x-cache
HIT
status
200
content-length
3208
x-served-by
cache-fra19138-FRA
last-modified
Tue, 12 Nov 2019 14:13:57 GMT
server
nginx
x-timer
S1575487471.067846,VS0,VE1
etag
"c88-59726dbe01340"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
expires
Fri, 09 Nov 2029 15:57:12 GMT
cache-control
public
accept-ranges
bytes
x-cache-hits
1
gtm.js
www.googletagmanager.com/ 		235 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TSPQG43&l=fbGtmDataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCH68J&l=fbGtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7edaa5e885b262dc8b3cfb5d911720ae36c3d845d72b78fc413e29b481e33d8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:31 GMT
content-encoding
br
last-modified
Wed, 04 Dec 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
47197
x-xss-protection
0
expires
Wed, 04 Dec 2019 19:24:31 GMT
gtm.js
www.googletagmanager.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W43H77K&l=fbGtmDataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCH68J&l=fbGtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce81182376d0f7163c49f32f9f88f68f5da576f8cd523bb267ce67b8868faaa4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:31 GMT
content-encoding
br
last-modified
Wed, 04 Dec 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
18605
x-xss-protection
0
expires
Wed, 04 Dec 2019 19:24:31 GMT
nr-1153.min.js
js-agent.newrelic.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1153.min.js
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0f4eb8ed7fc767a6dc7512f7597e4d34e4259e797c7c2ee224d7a97d14ecd23

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:31 GMT
content-encoding
gzip
x-amz-request-id
FFF93ED5F88A1822
x-cache
HIT
status
200
content-length
10041
x-amz-id-2
cTbmD7KheDnvH20xCq8BJ9Iq4Y9OXIhqhMfhON513gk+dbSmvVt2yVtjnFtyar3DfNOTYN9O34Q=
x-served-by
cache-fra19155-FRA
last-modified
Fri, 08 Nov 2019 16:26:28 GMT
server
AmazonS3
x-timer
S1575487471.114006,VS0,VE0
etag
"d3b942e7c79a167d59ed590feee5e193"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
9685
hotjar-1330770.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1330770.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSPQG43&l=fbGtmDataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.59 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-4
Software
openresty /
Resource Hash
70723cf508071dad608a59315d12599c278c2888b4cbeaa3e3aeebf036a59aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
14
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1905
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/e06c7fa0eebc2915767485ed11f6119b
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.082
accept-ranges
bytes
section-io-id
6c8cf0a46ccc285c3a0959314812971b
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:30 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: 54514F655DAB4400B25187FFD62A224D Ref B: VIEEDGE0807 Ref C: 2019-12-04T19:24:31Z
access-control-allow-origin
*
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSPQG43&l=fbGtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3054
date
Wed, 04 Dec 2019 18:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 04 Dec 2019 20:33:37 GMT
iui3
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De66c3a6a-136e-ccdd-1f2e-d59696f86f9f%26type%3DUNKNOWN%26m%3D7&ex-fch=416613&ex-src=https://www.freshbooks.com/&ex-hargs=v%3D1.0%3B...
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De66c3a6a-136e-ccdd-1f2e-d59696f86f9f%26type%3DUNKNOWN%26m%3D7&ex-fch=416613&ex-src=https://www.freshbooks.com/&ex-hargs=v%3D1.0%3B...
43 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De66c3a6a-136e-ccdd-1f2e-d59696f86f9f%26type%3DUNKNOWN%26m%3D7&ex-fch=416613&ex-src=https://www.freshbooks.com/&ex-hargs=v%3D1.0%3Bc%3D4729388690601%3Bp%3DE66C3A6A-136E-CCDD-1F2E-D59696F86F9F&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Dec 2019 19:24:31 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 04 Dec 2019 19:24:31 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De66c3a6a-136e-ccdd-1f2e-d59696f86f9f%26type%3DUNKNOWN%26m%3D7&ex-fch=416613&ex-src=https://www.freshbooks.com/&ex-hargs=v%3D1.0%3Bc%3D4729388690601%3Bp%3DE66C3A6A-136E-CCDD-1F2E-D59696F86F9F&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
41a722aaf8
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/41a722aaf8?a=124700584&v=1153.61ee9ba&to=MlAHNkpUXEZRBxAPDAsaJhdLQV1YHycLCBcXWgkOXUdtfUQJCDkiBlYKF1ZBbXlfAw0ITAlaAgtW&rst=600&ref=https://secure.freshbooks.com/login/&ap=101&be=266&fe=575&dc=519&perf=%7B%22timing%22:%7B%22of%22:1575487470538,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:18,%22c%22:18,%22s%22:23,%22ce%22:34,%22rq%22:34,%22rp%22:260,%22rpe%22:262,%22dl%22:262,%22di%22:519,%22ds%22:519,%22de%22:526,%22dc%22:574,%22l%22:574,%22le%22:575%7D,%22navigation%22:%7B%7D%7D&fp=508&fcp=508&at=HhcQQAJOTxkSBUZcGBhI&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1153.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2056307868&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.freshbooks.com%2Flogin%2F&dp=%2Flogin%2F&ul=en-us&de=UTF-8&dt=Login%20%7C%20FreshBooks&s...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3907864-11&cid=955411477.1575487471&jid=392635595&_gid=213933534.1575487471&gjid=2064656685&_v=j79&z=1674243549
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3907864-11&cid=955411477.1575487471&jid=392635595&_v=j79&z=1674243549
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3907864-11&cid=955411477.1575487471&jid=392635595&_v=j79&z=1674243549&slf_rd=1&random=2703382263
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3907864-11&cid=955411477.1575487471&jid=392635595&_v=j79&z=1674243549&slf_rd=1&random=2703382263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Dec 2019 19:24:31 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Dec 2019 19:24:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3907864-11&cid=955411477.1575487471&jid=392635595&_v=j79&z=1674243549&slf_rd=1&random=2703382263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=2056307868&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.freshbooks.com%2Flogin%2F&dp=%2Flogin%2F&ul=en-us&de=UTF-8&dt=Login%20%7C%20FreshBooks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEAB~&jid=&gjid=&cid=955411477.1575487471&tid=UA-3907864-11&_gid=213933534.1575487471&gtm=2wgav9TSPQG43&cd23=classic&cd47=return&z=1341540021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 00:51:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1189987
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.1563bfc088652f728ad5.js
script.hotjar.com/ 		399 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.1563bfc088652f728ad5.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1330770.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.59 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-4
Software
/
Resource Hash
464f98ed0cc4bd0a6f0858a99c60f2e018645009265ed955a0a2eb0f5ca81e00

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 19:24:31 GMT
content-encoding
br
last-modified
Thu, 28 Nov 2019 17:38:37 GMT
access-control-allow-origin
*
etag
"6f4d0398872f50ffe1212d1d3fe37a64"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.044
section-io-origin-status
200
accept-ranges
bytes
section-io-id
d09ba0504fac8fe32e60fe7137cda962
content-length
70909
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5090123&Ver=2&mid=12a312f5-79b2-02a8-7522-0b5c5cb682b9&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Login%20%7C%20FreshBooks&p=https%3A%2F%2Fsecure.freshbooks.com%2Flogin%2F&r=&lt=575&evt=pageLoad&msclkid=N&rn=813221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.freshbooks.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Wed, 04 Dec 2019 19:24:30 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: F330D03D78964F1CA8B0DE22AD8C1CCA Ref B: VIEEDGE0807 Ref C: 2019-12-04T19:24:31Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame 707D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1330770.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.181 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-b736908ce6b0e933fad3a2e45df61b38.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://secure.freshbooks.com/login/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://secure.freshbooks.com/login/

Response headers

status
200
date
Wed, 04 Dec 2019 19:24:31 GMT
content-type
text/html
content-length
808
cache-control
max-age=31536000
content-encoding
br
last-modified
Mon, 25 Nov 2019 17:40:38 GMT
etag
"ed7551919779fd07dbfe6d776c643379"
section-io-origin-status
200
section-io-origin-time-seconds
0.028
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
046dcc772de50afa3feb02075b6529cb
41a722aaf8
bam.nr-data.net/events/1/ 		24 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/41a722aaf8?a=124700584&v=1153.61ee9ba&to=MlAHNkpUXEZRBxAPDAsaJhdLQV1YHycLCBcXWgkOXUdtfUQJCDkiBlYKF1ZBbXlfAw0ITAlaAgtW&rst=10599&ref=https://secure.freshbooks.com/login/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1153.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://secure.freshbooks.com/login/
Origin
https://secure.freshbooks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://secure.freshbooks.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| geolocation object| optly object| optimizely object| fbGtmDataLayer function| _ function| $ function| jQuery function| require function| define function| Class object| jQuery11020841783965342799 function| open_progress_window function| Check_Uncheck function| zero_trim function| generateDateRangeValidator function| validateDateRange object| Hogan object| JST object| Fresh object| jQuery110206009962793976404 object| google_tag_manager function| postscribe function| hj object| _hjSettings object| uetq string| DATALAYER_OBJECT_NAME function| referrerOverride function| sendCampaignData function| initNewOptimizelyIntegration function| initOptimizelyIntegration object| shareasaleSSCID function| shareasaleSetCookie function| shareasaleGetParameterByName string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _UA-3907864-11_sendHitTask object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| UET

5 Cookies

Domain/Path Name / Value
.freshbooks.com/ Name: optimizelyPendingLogEvents
Value: %5B%5D
.freshbooks.com/ Name: optimizelyBuckets
Value: %7B%7D
.freshbooks.com/ Name: optimizelyEndUserId
Value: oeu1575487471024r0.4849623718206124
.freshbooks.com/ Name: optimizelySegments
Value: %7B%22174387911%22%3A%22direct%22%2C%22174474678%22%3A%22gc%22%2C%22174628827%22%3A%22false%22%2C%222231210773%22%3A%22none%22%2C%222794920169%22%3A%22true%22%7D
.freshbooks.com/ Name: app_session
Value: a7a38dde7aa16d630bb183b8ce6b053d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
bat.bing.com
cdn.optimizely.com
cdn3.optimizely.com
fb-assets.com
js-agent.newrelic.com
s.amazon-adsystem.com
script.hotjar.com
secure.freshbooks.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
147.75.33.59
147.75.84.181
151.101.14.110
151.101.14.217
151.101.2.217
162.247.242.21
23.45.102.81
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:818::2004
2a00:1450:4001:81b::2008
2a00:1450:400c:c08::9d
2a02:26f0:6c00:181::13b8
54.239.17.112
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
151c3be2e7b7cfcc5e18857d8da6c7c6a5ddbfd9108d17ad78c69fd1baa08d6c
17ccc87afcae0336dc1922b2b7706eb848892343725971989649bc886f2d3f06
40cf2b718c628ab7faf283a0b5b72480e017d76683ef596716c0a5a46e1e7225
464f98ed0cc4bd0a6f0858a99c60f2e018645009265ed955a0a2eb0f5ca81e00
4e80412d42410a690d0136efae7eed8afb855419754d2810f33ac05b68bd81db
4ea31a451249fbe70e375a0e5dac2c291acf2eb5de60283645995494bd046ce0
6c557265ba486f27f9f9ae01a5d7ba68bed438e96e7034785317b8f7f7de5418
70723cf508071dad608a59315d12599c278c2888b4cbeaa3e3aeebf036a59aa8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a7edaa5e885b262dc8b3cfb5d911720ae36c3d845d72b78fc413e29b481e33d8
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b8ceed2331c1dfdfa8bb2a9c425dd405580147fea05e6d0496c0fc945050ed53
bf212a44d92397947449e98174b817a72facff9a6e666a30f2eb83fe284eda9d
c0f4eb8ed7fc767a6dc7512f7597e4d34e4259e797c7c2ee224d7a97d14ecd23
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c668d79f2a909bb29e4599e1908967cee17b31e3fca7296923f35695a2912bfd
ce81182376d0f7163c49f32f9f88f68f5da576f8cd523bb267ce67b8868faaa4
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d48b5842bc7d8999d4bff39f3bd473e185a05cebc581ed2845d1f0165aea1d1b
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4248b8db405993fb6bea00935bcb609349eba1ab9e035bbc1bd24d7f2b84f6e
f4594634ae49556e011269584ce065f26b63e7c67f7182a980ab6ac8916ff2f3