auth.freshbooks.com Open in urlscan Pro
35.244.157.255 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u2405942.ct.sendgrid.net/ls/click?upn=V8Syk0kr94qboRzsW1pKP4R4b4H5aL-2Full6Xzws7p8MLWo6rjAJ-2FztHGJ8FbMDAYiq9n_QxrIJnCwh3...
Effective URL:
https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f1...
Submission: On August 21 via manual (August 21st 2023, 5:33:11 pm UTC) from US — Scanned from DE

Summary HTTP 118 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 25 domains to perform 118 HTTP transactions. The main IP is 35.244.157.255, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is auth.freshbooks.com. The Cisco Umbrella rank of the primary domain is 307645.
TLS certificate: Issued by GTS CA 1D4 on July 1st 2023. Valid for: 3 months.

This is the only time auth.freshbooks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.35 167.89.118.35	11377 (SENDGRID) (SENDGRID)
17	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:262f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.66.147.95 18.66.147.95	16509 (AMAZON-02) (AMAZON-02)
1	108.156.60.4 108.156.60.4	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.128 143.204.215.128	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.32 13.225.78.32	16509 (AMAZON-02) (AMAZON-02)
2	54.165.55.94 54.165.55.94	14618 (AMAZON-AES) (AMAZON-AES)
4	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:220... 2600:9000:2204:ee00:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9a92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	35.244.157.255 35.244.157.255	15169 (GOOGLE) (GOOGLE)
1	52.222.149.104 52.222.149.104	16509 (AMAZON-02) (AMAZON-02)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1f85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.236.68 52.222.236.68	16509 (AMAZON-02) (AMAZON-02)
16	91.235.134.25 91.235.134.25	30286 (THM) (THM)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
7	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c03::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
118	31

1 167.89.118.35 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net

u2405942.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

my.freshbooks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:262f (United States)

ASN13335 (CLOUDFLARENET, US)

js.maxmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.147.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-95.fra60.r.cloudfront.net

static.ada.support	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-4.ams1.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-128.fra53.r.cloudfront.net

static.fbot.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-32.fra2.r.cloudfront.net

campaign.fbot.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.55.94 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-55-94.compute-1.amazonaws.com

public.fbot.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:346 (United States)

ASN13335 (CLOUDFLARENET, US)

snippet.growsumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:ee00:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a92 (United States)

ASN13335 (CLOUDFLARENET, US)

geoip-js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bd4 (United States)

ASN13335 (CLOUDFLARENET, US)

grsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.244.157.255 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 255.157.244.35.bc.googleusercontent.com

auth.freshbooks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-104.cdg52.r.cloudfront.net

rollout.maple.ada.support	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f85 (United States)

ASN13335 (CLOUDFLARENET, US)

partnerlinks.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-68.fra56.r.cloudfront.net

freshbooksbot.maple.ada.support	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 91.235.134.25 (United States)

ASN30286 (THM, US)

secure.freshbooks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (Grosse Pointe, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

32rts1pkzgwhnsbuqkzfcfg4rjzmzonvjkofgf6244ce8125a6cff177am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	freshbooks.com 1 redirects my.freshbooks.com — Cisco Umbrella Rank: 202690 auth.freshbooks.com — Cisco Umbrella Rank: 307645 secure.freshbooks.com	2 MB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62 Failed region1.google-analytics.com — Cisco Umbrella Rank: 2102	22 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	678 KB
8	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2465 rs.fullstory.com — Cisco Umbrella Rank: 2314	139 KB
7	ada.support static.ada.support — Cisco Umbrella Rank: 9956 rollout.maple.ada.support — Cisco Umbrella Rank: 195607 freshbooksbot.maple.ada.support — Cisco Umbrella Rank: 339249	69 KB
5	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 2775 32rts1pkzgwhnsbuqkzfcfg4rjzmzonvjkofgf6244ce8125a6cff177am1.e.aa.online-metrix.net	17 KB
4	fbot.me static.fbot.me — Cisco Umbrella Rank: 26520 campaign.fbot.me — Cisco Umbrella Rank: 26633 public.fbot.me — Cisco Umbrella Rank: 34651	93 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5345	759 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2706 www.google.com — Cisco Umbrella Rank: 3	479 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 412 Failed	13 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com Failed	39 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 122	407 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 157 Failed	414 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1419 Failed	77 KB
1	partnerlinks.io partnerlinks.io — Cisco Umbrella Rank: 17878	203 B
1	grsm.io grsm.io — Cisco Umbrella Rank: 16913	234 B
1	geoip-js.com geoip-js.com — Cisco Umbrella Rank: 17193	294 B
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 1090	140 KB
1	growsumo.com snippet.growsumo.com — Cisco Umbrella Rank: 53442	3 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 15601	43 KB
1	maxmind.com js.maxmind.com — Cisco Umbrella Rank: 25622	2 KB
1	sendgrid.net 1 redirects u2405942.ct.sendgrid.net — Cisco Umbrella Rank: 317983	237 B
0	stackadapt.com Failed tags.srv.stackadapt.com Failed
0	sf14g.com Failed t.sf14g.com Failed
0	facebook.net Failed connect.facebook.net Failed
118	25

	Domain	Requested by
17	my.freshbooks.com	my.freshbooks.com
16	secure.freshbooks.com	auth.freshbooks.com secure.freshbooks.com
11	auth.freshbooks.com	1 redirects my.freshbooks.com auth.freshbooks.com
9	www.googletagmanager.com	my.freshbooks.com www.googletagmanager.com auth.freshbooks.com
5	region1.google-analytics.com	www.googletagmanager.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com auth.freshbooks.com
4	h.online-metrix.net	1 redirects secure.freshbooks.com
4	rs.fullstory.com	my.freshbooks.com edge.fullstory.com
4	edge.fullstory.com	my.freshbooks.com edge.fullstory.com
4	static.ada.support	my.freshbooks.com static.ada.support
3	www.google.de	auth.freshbooks.com
3	bat.bing.com	my.freshbooks.com bat.bing.com auth.freshbooks.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	freshbooksbot.maple.ada.support	static.ada.support
2	public.fbot.me	static.fbot.me
1	32rts1pkzgwhnsbuqkzfcfg4rjzmzonvjkofgf6244ce8125a6cff177am1.e.aa.online-metrix.net
1	www.google.com	auth.freshbooks.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	partnerlinks.io	my.freshbooks.com
1	rollout.maple.ada.support	my.freshbooks.com
1	grsm.io	snippet.growsumo.com
1	fonts.gstatic.com	my.freshbooks.com
1	geoip-js.com	js.maxmind.com
1	cdn.pendo.io	my.freshbooks.com
1	snippet.growsumo.com	my.freshbooks.com
1	campaign.fbot.me	my.freshbooks.com
1	static.fbot.me	my.freshbooks.com
1	cdn.plaid.com	my.freshbooks.com
1	js.maxmind.com	my.freshbooks.com
1	u2405942.ct.sendgrid.net	1 redirects
0	tags.srv.stackadapt.com Failed	my.freshbooks.com
0	t.sf14g.com Failed	my.freshbooks.com
0	connect.facebook.net Failed	my.freshbooks.com
118	36

This site contains links to these domains. Also see Links.

Domain
www.freshbooks.com

Subject Issuer	Validity	Valid
*.freshbooks.com R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.maxmind.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-10-19`	a year	crt.sh
*.ada.support Amazon RSA 2048 M01	`2023-03-01` - `2024-01-29`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
*.fbot.me Amazon RSA 2048 M02	`2023-04-29` - `2024-05-27`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
cdn.pendo.io Amazon RSA 2048 M02	`2023-06-30` - `2024-07-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
auth.freshbooks.com GTS CA 1D4	`2023-07-01` - `2023-09-29`	3 months	crt.sh
*.maple.ada.support Amazon RSA 2048 M03	`2023-08-04` - `2024-08-31`	a year	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-07-18` - `2023-10-16`	3 months	crt.sh
secure.freshbooks.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2024-08-18`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-06-14` - `2024-07-01`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
Frame ID: 066F8B4675490AE9B0D3549180A912FE
Requests: 96 HTTP requests in this frame

Frame: https://freshbooksbot.maple.ada.support/embed/x-storage/3681e6c/index.html
Frame ID: E29E3C1FA774AAE8BE0B94657993DBAF
Requests: 1 HTTP requests in this frame

Frame: https://freshbooksbot.maple.ada.support/embed/button/3681e6c/index.html
Frame ID: 379D335DA688FD8EF0BFE27EE0B75C3C
Requests: 1 HTTP requests in this frame

Frame: https://secure.freshbooks.com/fp/check.js;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&jb=353b2e2662736f753555696e6667777324687b6f3f5769666c6d777127323239322e6a736277354360726f6d6d246a7360354368706d6565273230393934
Frame ID: 6ABADCB4ED1EEE1984938A242FFBE60D
Requests: 11 HTTP requests in this frame

Frame: https://secure.freshbooks.com/fp/HP?session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&org_id=32rts1pk&nonce=44ce8125a6cff177&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 11BC7BC78CDA7F142926089D40847640
Requests: 3 HTTP requests in this frame

Frame: https://secure.freshbooks.com/fp/ls_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177
Frame ID: 0A48D7673B7B9D2FFD517080B243FECA
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177
Frame ID: 370F194D562006DFA17FA8F59C113E69
Requests: 2 HTTP requests in this frame

Frame: https://secure.freshbooks.com/fp/top_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177
Frame ID: 42D2C90FE8C269BB629B0556D683F566
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FreshBooks

Page URL History Show full URLs

https://u2405942.ct.sendgrid.net/ls/click?upn=V8Syk0kr94qboRzsW1pKP4R4b4H5aL-2Full6Xzws7p8MLWo6rjAJ-2FztHGJ8F... HTTP 302
https://my.freshbooks.com/ Page URL
https://auth.freshbooks.com/oauth/authorize?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10... HTTP 302
https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

118
Requests

89 %
HTTPS

50 %
IPv6

25
Domains

36
Subdomains

31
IPs

3
Countries

3420 kB
Transfer

13324 kB
Size

21
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.freshbooks.com/policies/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.freshbooks.com/policies/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.freshbooks.com/policies/security-safeguards
Title: Security Safeguards

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u2405942.ct.sendgrid.net/ls/click?upn=V8Syk0kr94qboRzsW1pKP4R4b4H5aL-2Full6Xzws7p8MLWo6rjAJ-2FztHGJ8FbMDAYiq9n_QxrIJnCwh3ocIIXgNldzCXp92HtscaUwKuWk79ilU903z3ROpFGYoyb0Hv5VjIJjWTdBCNlp-2FQy-2BgcUL9CEfnYR6-2Bo3Qqvq-2F-2F9TKrCNQfK08frGEyo7WY8-2BCA5iFHsXCftuue08QukEngVGItU8-2BZ-2BlSJBW0aN-2FxQ8IWoV8h7e6gw1Yis6VX15wKeE34slqAAHzMQGbfoWrclb-2FhSxaV-2BgOJ7Yiv3sA0bnuZ5KWOrnnhtjENAZKHUWrFUPovgjnogdV-2FX9NQVWKlZt4LcQ-2B2RA-3D-3D HTTP 302
https://my.freshbooks.com/ Page URL
https://auth.freshbooks.com/oauth/authorize?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&redirect_uri=https%3A%2F%2Fmy.freshbooks.com%2Foauth-callback.html&response_type=code&scope=admin%3Aall&state=c1b1d3cc7fd933565a5b4c0545d4c86ff7fb06233c31af24f2e99d03&locale=en&code_challenge=iFcmbdh2zHXu8Z-Exl6sJPMdtBUSdBMxhTWChMBz5mw&code_challenge_method=S256&type=sign_up HTTP 302
https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u2405942.ct.sendgrid.net/ls/click?upn=V8Syk0kr94qboRzsW1pKP4R4b4H5aL-2Full6Xzws7p8MLWo6rjAJ-2FztHGJ8FbMDAYiq9n_QxrIJnCwh3ocIIXgNldzCXp92HtscaUwKuWk79ilU903z3ROpFGYoyb0Hv5VjIJjWTdBCNlp-2FQy-2BgcUL9CEfnYR6-2Bo3Qqvq-2F-2F9TKrCNQfK08frGEyo7WY8-2BCA5iFHsXCftuue08QukEngVGItU8-2BZ-2BlSJBW0aN-2FxQ8IWoV8h7e6gw1Yis6VX15wKeE34slqAAHzMQGbfoWrclb-2FhSxaV-2BgOJ7Yiv3sA0bnuZ5KWOrnnhtjENAZKHUWrFUPovgjnogdV-2FX9NQVWKlZt4LcQ-2B2RA-3D-3D HTTP 302
https://my.freshbooks.com/

Request Chain 86

https://www.googleadservices.com/pagead/conversion/962469797/wcm?cc=ZZ&dn=18886743175&cl=8tJHCP28pfwBEKW_-MoD&ref=https%3A%2F%2Fmy.freshbooks.com%2F&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18886743175&cl=8tJHCP28pfwBEKW_-MoD

Request Chain 98

https://h.online-metrix.net/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&k=2

118 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
my.freshbooks.com/
Redirect Chain

https://u2405942.ct.sendgrid.net/ls/click?upn=V8Syk0kr94qboRzsW1pKP4R4b4H5aL-2Full6Xzws7p8MLWo6rjAJ-2FztHGJ8FbMDAYiq9n_QxrIJnCwh3ocIIXgNldzCXp92HtscaUwKuWk79ilU903z3ROpFGYoyb0Hv5VjIJjWTdBCNlp-2FQy-...
https://my.freshbooks.com/

20 KB
7 KB

214ms
122ms

Document
text/html

151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cdf5903ee5e7fbb810aab6a31a6f7efa30cdc33f7db7d8d3bcf9f44b2e522b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-type: text/html
country: DE
date: Mon, 21 Aug 2023 17:33:02 GMT
etag: W/"64e37f8c-5061"
expires: Sun, 21 Aug 2022 17:33:02 GMT
last-modified: Mon, 21 Aug 2023 15:15:24 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-frame-options: SAMEORIGIN
x-served-by: cache-fra-eddf8230062-FRA

Redirect headers

Connection: keep-alive
Content-Length: 57
Content-Type: text/html; charset=utf-8
Date: Mon, 21 Aug 2023 17:33:01 GMT
Location: https://my.freshbooks.com/#/signup
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 vendor.8f459ea21c8f5208c979615bd49e5754.css
my.freshbooks.com/assets/ 1 KB
662 B 11ms
7ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/assets/vendor.8f459ea21c8f5208c979615bd49e5754.css

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

60fd2cbf2d9895cc44d8c6ae2e9966547f9d7cf00cf537e2012ac44d9d847054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 2
date: Mon, 21 Aug 2023 17:33:02 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1732954
x-cache: HIT
content-length: 573
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Tue, 01 Aug 2023 15:53:48 GMT
server: nginx
etag: W/"64c92a8c-5e7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mui.48fbdf409ab4b9a03bf546d3caab97a9.css
my.freshbooks.com/assets/ 627 KB
103 KB 10ms
7ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/assets/mui.48fbdf409ab4b9a03bf546d3caab97a9.css

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f9197295f5f9c1fe17cd6b03d510bf9b45e35db44f7e99b8714f53488364bafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 3
date: Mon, 21 Aug 2023 17:33:02 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10431
x-cache: HIT
content-length: 105380
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Mon, 21 Aug 2023 14:06:34 GMT
server: nginx
etag: W/"64e36f6a-9ca4b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-webfont.af7ae505a9eed503f8b8.woff2
my.freshbooks.com/assets/fonts/font-awesome/ 75 KB
76 KB 23ms
20ms Font
font/woff2 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/assets/fonts/font-awesome/fontawesome-webfont.af7ae505a9eed503f8b8.woff2

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://my.freshbooks.com/
Origin: https://my.freshbooks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 2
date: Mon, 21 Aug 2023 17:33:02 GMT
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1778056
x-cache: HIT
content-length: 77160
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Wed, 19 Jul 2023 19:01:32 GMT
server: nginx
etag: "64b8330c-12d68"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 freshbooksicons-regular-webfont.04321b1752d65011aa3b.woff
my.freshbooks.com/assets/fonts/freshbooks-icons/ 24 KB
24 KB 12ms
8ms Font
font/woff 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/assets/fonts/freshbooks-icons/freshbooksicons-regular-webfont.04321b1752d65011aa3b.woff

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5bb249b79c0e3b578f6be52a06d8a07772edf1e3801cb345187b4b66f3f097e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://my.freshbooks.com/
Origin: https://my.freshbooks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 2
date: Mon, 21 Aug 2023 17:33:02 GMT
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 927056
x-cache: HIT
content-length: 24936
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Wed, 02 Aug 2023 18:51:02 GMT
server: nginx
etag: "64caa596-6168"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 founders-grotesk-medium.2e0018da6bbcae1bd14b.woff2
my.freshbooks.com/assets/fonts/founders-grotesk/ 38 KB
38 KB 23ms
20ms Font
font/woff2 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/assets/fonts/founders-grotesk/founders-grotesk-medium.2e0018da6bbcae1bd14b.woff2

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5997d14729e9f31ac6094aa9f54a1e9a938a33cd53b7d42185cd0b62125703e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://my.freshbooks.com/
Origin: https://my.freshbooks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 2
date: Mon, 21 Aug 2023 17:33:02 GMT
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 909613
x-cache: HIT
content-length: 38567
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Thu, 10 Aug 2023 17:48:19 GMT
server: nginx
etag: "64d522e3-96a7"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk.7530c97e048cf0d8d4ee.css
my.freshbooks.com/assets/ 11 KB
2 KB 20ms
19ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/assets/chunk.7530c97e048cf0d8d4ee.css

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

314c69f414daba194b23455baffcb6fb128e48d41923df589e4a0510b6dabe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 3
date: Mon, 21 Aug 2023 17:33:02 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6391
x-cache: HIT
content-length: 2314
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Mon, 21 Aug 2023 15:15:17 GMT
server: nginx
etag: W/"64e37f85-2ade"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 freshbooks-logo-white-with-green-leaf-160px.cedefbd5229679c877e7.svg
my.freshbooks.com/assets/images/ 3 KB
1 KB 9ms
7ms Image
image/svg+xml 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.freshbooks.com/assets/images/freshbooks-logo-white-with-green-leaf-160px.cedefbd5229679c877e7.svg

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6a6ba9b31a0e2832b5a472b74ca0ff724de769d2fce0444705134cb0512dec0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 2
date: Mon, 21 Aug 2023 17:33:02 GMT
via: 1.1 google, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1787780
x-cache: HIT
content-length: 1397
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Mon, 12 Jun 2023 20:07:18 GMT
server: nginx
etag: "64877af6-d22"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chrome.b745fc465263f9010fe7.png
my.freshbooks.com/assets/images/browser-icons/ 7 KB
7 KB 10ms
8ms Image
image/png 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.freshbooks.com/assets/images/browser-icons/chrome.b745fc465263f9010fe7.png

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5657f5166120f5e646a6bf67a77a8d1a7defefe756a0bda4eb91b607c0864f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 2
date: Mon, 21 Aug 2023 17:33:02 GMT
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1791974
x-cache: HIT
content-length: 6843
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Mon, 31 Jul 2023 16:34:44 GMT
server: nginx
etag: "64c7e2a4-1abb"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firefox.8f96aa2991353f798ac1.png
my.freshbooks.com/assets/images/browser-icons/ 9 KB
10 KB 10ms
8ms Image
image/png 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.freshbooks.com/assets/images/browser-icons/firefox.8f96aa2991353f798ac1.png

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ca5cf24d018715b533be05c6d924dd73e59e5e1ae048cb08071505cc2d9e7dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 2
date: Mon, 21 Aug 2023 17:33:02 GMT
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1780181
x-cache: HIT
content-length: 9663
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Fri, 21 Jul 2023 17:44:03 GMT
server: nginx
etag: "64bac3e3-25bf"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 safari.d094d4cb273e9e1eaf83.png
my.freshbooks.com/assets/images/browser-icons/ 10 KB
10 KB 11ms
9ms Image
image/png 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.freshbooks.com/assets/images/browser-icons/safari.d094d4cb273e9e1eaf83.png

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

014cc014e36da0fb8537855973715246ee444bf369e59b369589478325ad627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 2
date: Mon, 21 Aug 2023 17:33:02 GMT
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1690557
x-cache: HIT
content-length: 9828
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Fri, 28 Jul 2023 17:50:42 GMT
server: nginx
etag: "64c3fff2-2664"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendor.a243a93cf7f1b515fc7394585111813c.js Show response
my.freshbooks.com/assets/ 691 KB
206 KB 13ms
12ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/assets/vendor.a243a93cf7f1b515fc7394585111813c.js

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

406d0cae7dbc494470355ad3eadd2e72e068891897d26df9e1ad039303535f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 1
date: Mon, 21 Aug 2023 17:33:02 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1053542
x-cache: HIT
content-length: 210553
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Wed, 09 Aug 2023 12:29:31 GMT
server: nginx
etag: W/"64d386ab-acddd"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk.8a6e0378221762eec910.js Show response
my.freshbooks.com/assets/ 787 KB
217 KB 14ms
14ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/assets/chunk.8a6e0378221762eec910.js

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3be5f4628f982858b6c58e29906e509d76131893a05ba426a661c25791d124bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 1
date: Mon, 21 Aug 2023 17:33:02 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 398941
x-cache: HIT
content-length: 221744
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Wed, 09 Aug 2023 17:40:21 GMT
server: nginx
etag: W/"64d3cf85-c4ae8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk.7530c97e048cf0d8d4ee.js Show response
my.freshbooks.com/assets/ 4 MB
854 KB 15ms
12ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/assets/chunk.7530c97e048cf0d8d4ee.js

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c8a9c808195e4d74ed6caa81981652a9f0e97180a7b5cebe730552aa08140381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 1
date: Mon, 21 Aug 2023 17:33:02 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6391
x-cache: HIT
content-length: 874268
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Mon, 21 Aug 2023 15:15:17 GMT
server: nginx
etag: W/"64e37f85-42dbfb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 geoip2.js Show response
js.maxmind.com/js/apis/geoip2/v2.1/ 3 KB
2 KB 61ms
26ms Script
application/javascript 2606:4700::6810:262f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by: Host: my.freshbooks.com
URL: https://my.freshbooks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:262f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Aug 2023 18:10:26 GMT
server: cloudflare
age: 1665
etag: W/"64de6292-da4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7fa49e696f2939ec-FRA
expires: Mon, 21 Aug 2023 21:33:02 GMT

GET
H2 200 embed2.js Show response
static.ada.support/ 17 KB
6 KB 60ms
10ms Script
text/javascript 18.66.147.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ada.support/embed2.js

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-95.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bdf7e05f94f097739c98cd47aab973192291af18e2045f53d59750fc6ea0d4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: BsrqbP3U2hb.a17svKLV3bCW0fRkIy.o
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
date: Mon, 21 Aug 2023 00:20:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 61964
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 04 Jan 2023 22:06:00 GMT
server: AmazonS3
etag: W/"318258ae2fd2aaa16faa799f071935d1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age: 300
vary: Accept-Encoding
x-amz-cf-id: aWIGkf63Hmmm8cuYKpWYOKCnjl0kyoCu1X3iI-Z8VIwvWLKoe3xrdQ==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 143 KB
43 KB 114ms
45ms Script
application/javascript 108.156.60.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: my.freshbooks.com
URL: https://my.freshbooks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-4.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf335a68f0be85a338baeeefb488bbce98e2a159a9c66f51311707e8aeadc6e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: cxYa7I_vXMyJqm_7tLsp1JojPZCGgKmA
content-encoding: gzip
via: 1.1 1b575b46b9e4dd6b829accb4ea728b00.cloudfront.net (CloudFront)
date: Sun, 20 Aug 2023 19:11:35 GMT
x-amz-request-id: CR674QZR867DP0DK
x-amz-cf-pop: AMS1-P2
x-amz-server-side-encryption: AES256
age: 80520
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: UqlRzhbSndM4TTDJVTk0tvXhSWGKhiBRHpkhy4Y5tUSpAJImiCIZd7izUS/98P0uch3wWLJ9FEc=
last-modified: Fri, 18 Aug 2023 18:41:22 GMT
server: AmazonS3
etag: W/"188189e857f4649abb28050c81c977c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: -jxpPuBmKFkzpUxuWFzQmu8yrrR-I94pB0MdsiUV2bojAst0JiMecA==

GET
H2 200 ua-parser.min.js Show response
my.freshbooks.com/assets/ 19 KB
7 KB 8ms
6ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/assets/ua-parser.min.js

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5c02ff7c4a1a8a01ceeedbfce6fac51ba2c3bd0680abe69d444c8fd2c482f9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 2
date: Mon, 21 Aug 2023 17:33:02 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1793395
x-cache: HIT
content-length: 7476
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Mon, 31 Jul 2023 16:34:44 GMT
server: nginx
etag: W/"64c7e2a4-4cf6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 friendbuy.js Show response
static.fbot.me/ 362 KB
83 KB 58ms
13ms Script
application/javascript 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fbot.me/friendbuy.js
Requested by: Host: my.freshbooks.com
URL: https://my.freshbooks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7bbcde1da9666ff54873a8771bf051b8a252c9e4e32e65c35f23839cbe0897a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: Fr8CBLG99jHsIWNK5JOjb5i6y9YDlPx3
content-encoding: gzip
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
date: Mon, 21 Aug 2023 17:32:00 GMT
last-modified: Tue, 25 Jul 2023 20:32:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 63
x-amz-server-side-encryption: AES256
etag: W/"bb7175fc92b700ba6d04ab3933f7428f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: CaHI5NOEIXY-2Z2TZaFQkPBqNQw6_Z78c_fZecxI6rR1n2N2JD0H2A==

GET
H2 200 campaigns.js Show response
campaign.fbot.me/7b5fac28-19d7-402c-aa96-4ce4288bea24/ 78 KB
9 KB 62ms
14ms Script
application/javascript 13.225.78.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.fbot.me/7b5fac28-19d7-402c-aa96-4ce4288bea24/campaigns.js
Requested by: Host: my.freshbooks.com
URL: https://my.freshbooks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-32.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11a4a11886ec076693c55c12e1e4aed41fb968de1d59927a595b0ae55285f196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: w4N52xJjB5A47domZYGFu3swXeqLauo3
content-encoding: gzip
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
date: Mon, 21 Aug 2023 17:33:02 GMT
last-modified: Wed, 02 Aug 2023 15:03:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 14
x-amz-server-side-encryption: AES256
etag: W/"324d3a31076b8258f2be2a6658585b42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=30
x-amz-cf-id: m3aOIS3BdLaslyqghoulRmFgAmj2rqL5Q8LTWBfepOEo6-P9K-DrFw==

OPTIONS
H2 200 xhr
public.fbot.me/events/7b5fac28-19d7-402c-aa96-4ce4288bea24/profile/ Frame 0
0 326ms
105ms Preflight 54.165.55.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://public.fbot.me/events/7b5fac28-19d7-402c-aa96-4ce4288bea24/profile/xhr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.55.94 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-55-94.compute-1.amazonaws.com
Software: nginx/1.25.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://my.freshbooks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://my.freshbooks.com
content-length: 2
date: Mon, 21 Aug 2023 17:33:02 GMT
info: {"connection":"upgrade","host":"public.fbot.me","x-forwarded-for":"185.213.155.144","x-forwarded-proto":"https","x-forwarded-port":"443","x-amzn-trace-id":"Root=1-64e39fce-10dfcb584306727032c2cfc2","pragma":"no-cache","cache-control":"no-cache","accept":"*/*","access-control-request-method":"POST","access-control-request-headers":"authorization,content-type","origin":"https://my.freshbooks.com","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36","sec-fetch-mode":"cors","sec-fetch-site":"cross-site","sec-fetch-dest":"empty","referer":"https://my.freshbooks.com/","accept-encoding":"gzip, deflate, br"}
server: nginx/1.25.1

POST
H2 200 xhr
public.fbot.me/events/7b5fac28-19d7-402c-aa96-4ce4288bea24/profile/ 522 B
778 B 569ms
355ms Fetch
application/json 54.165.55.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://public.fbot.me/events/7b5fac28-19d7-402c-aa96-4ce4288bea24/profile/xhr
Requested by: Host: static.fbot.me
URL: https://static.fbot.me/friendbuy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.55.94 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-55-94.compute-1.amazonaws.com
Software: nginx/1.25.1 /
Resource Hash

Request headers

Accept: application/json
Referer: https://my.freshbooks.com/
accept-language: de-DE,de;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://my.freshbooks.com
date: Mon, 21 Aug 2023 17:33:03 GMT
access-control-allow-credentials: true
server: nginx/1.25.1
content-length: 522
content-type: application/json

GET
H2 200 embed-manifest.json Show response
static.ada.support/ 136 B
697 B 31ms
13ms Fetch
application/json 18.66.147.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ada.support/embed-manifest.json

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-95.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

480b49fa9e8c14a10479dd63c7672ecf36b489659e458fad02f3f25035113523

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: WGMfJ11bxCGo.L2cl1dIcQ_6nGCeGndV
date: Sun, 20 Aug 2023 02:55:48 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 139035
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 136
last-modified: Thu, 13 Jul 2023 20:28:30 GMT
server: AmazonS3
etag: "ddcc3ba92c013f12daec3d54f2383cf3"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: mVRqXB5b37rO1OY1xYqlamNayHVEjh4csicP7pUcL2fVfwBmLkOixQ==

GET
H2 200 fs.js
edge.fullstory.com/s/ 242 KB
66 KB 59ms
15ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: my.freshbooks.com
URL: https://my.freshbooks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://my.freshbooks.com/
Origin: https://my.freshbooks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:27:03 GMT
content-encoding: br
age: 359
x-guploader-uploadid: ADPycdu0xU1Z1ZFaWu1AAD-sb-D_tipaagZ3RIDxL-TxvezKZXATHhFbZ-lAA5CIIqPGOtw-WjnXDJWRM6V3N9AmlwiPdmMD-olu
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67382
last-modified: Thu, 17 Aug 2023 14:49:44 GMT
server: UploadServer
etag: "73ae3407fb422f1b2d35137c774b84b1"
vary: Accept-Encoding
x-goog-generation: 1692283784371563
x-goog-hash: crc32c=1E7iYA==, md5=c640B/tCLxstNRN8d0uEsQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 67382
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 21 Aug 2023 18:27:03 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 125 KB
48 KB 164ms
62ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MCH68J&l=gtmDl

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49070
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 17:09:30 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Aug 2023 17:33:02 GMT

GET
H2 200 growsumo.min.js
snippet.growsumo.com/ 6 KB
3 KB 57ms
24ms Script
application/javascript 2606:4700::6812:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.growsumo.com/growsumo.min.js
Requested by: Host: my.freshbooks.com
URL: https://my.freshbooks.com/assets/chunk.7530c97e048cf0d8d4ee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:02 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jun 2023 17:28:19 GMT
server: cloudflare
age: 7
etag: W/"649f10b3-193c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fa49e6bbdc59119-FRA
expires: Mon, 21 Aug 2023 21:33:02 GMT

GET
H2 200 pendo.js
cdn.pendo.io/agent/static/449ba727-1632-4333-780d-825cdee3f2d3/ 419 KB
140 KB 124ms
20ms Script
application/javascript 2600:9000:2204:ee00:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/449ba727-1632-4333-780d-825cdee3f2d3/pendo.js
Requested by: Host: my.freshbooks.com
URL: https://my.freshbooks.com/assets/chunk.7530c97e048cf0d8d4ee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:ee00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:29:04 GMT
content-encoding: gzip
via: 1.1 ac979e099d122e39d3a8fac95688a69a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 238
x-guploader-uploadid: ADPycdvyW8Bj-bapLp8HBhT7fYT6FlZPbzxch71OeDVAtTwDj-zz9yYblpaTQ1rLCpz9H5V8Npw-Vc4y6eWYe2-rPr7Ga8o9OGRF
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 142176
last-modified: Thu, 17 Aug 2023 18:12:31 GMT
server: UploadServer
etag: "7be152ffe5447d269833187625f2c25d"
vary: Accept-Encoding
x-goog-generation: 1692295951813395
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=zitqGw==, md5=e+FS/+VEfSaYMxh2JfLCXQ==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 142176
accept-ranges: bytes
x-amz-cf-id: utQNuAdtFdKQutJgjNX0507PRBeEMKXEL_j5r3pHH2kjWLulIw_7HA==
expires: Mon, 21 Aug 2023 17:36:34 GMT

GET
H2 200 en.11a47d7debc8bb8529c7.json
my.freshbooks.com/assets/translations/ 859 KB
170 KB 10ms
9ms Fetch
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://my.freshbooks.com/assets/translations/en.11a47d7debc8bb8529c7.json

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 1
date: Mon, 21 Aug 2023 17:33:02 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 296992
x-cache: HIT
content-length: 174189
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Fri, 18 Aug 2023 06:30:50 GMT
server: nginx
etag: W/"64df101a-d6d06"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed2.3681e6c.js
static.ada.support/ 182 KB
55 KB 25ms
11ms Script
text/javascript 18.66.147.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ada.support/embed2.3681e6c.js

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-95.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: ShniEngUFVh_CVKzYWDOWsqxVCOV21RR
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
date: Mon, 21 Aug 2023 02:49:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 53022
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 13 Jul 2023 20:21:11 GMT
server: AmazonS3
etag: W/"7617e772e7f840a26dc751d39f3d205f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: 172800
vary: Accept-Encoding
x-amz-cf-id: nBz6B0IgW1P1nf0Jd3Pa18__WaZoPpGI_GJDDtm-3LZ1xtMjI4Os4g==

GET
H2 200 web
edge.fullstory.com/s/settings/z10/v1/ 5 KB
2 KB 223ms
222ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/z10/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:03 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdtt0rGySD5343DMaa4Sm8KmEmxWycv5SZqJM29eVamXImpTSAIHTfPJRvEb9-Ukc0v6NJNaAaZpAHKv30bWoMg4c2xqy4j-
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1342
last-modified: Mon, 21 Aug 2023 17:23:37 GMT
server: UploadServer
etag: "e9666b444e4181731acc495351b87ef4"
x-goog-generation: 1692284617121269
x-goog-hash: crc32c=QgWBjA==, md5=6WZrRE5BgXMazElTUbh+9A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1342
accept-ranges: bytes
content-type: application/json
expires: Mon, 21 Aug 2023 17:48:03 GMT

GET
H2 402 me
geoip-js.com/geoip/v2.1/city/ 93 B
294 B 168ms
62ms XHR
application/vnd.maxmind.com-error+json 2606:4700:4400::ac40:9a92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fmy.freshbooks.com

Requested by

Host: js.maxmind.com
URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/vnd.maxmind.com-error+json; charset=UTF-8; version=2.1
access-control-allow-origin: *
cf-ray: 7fa49e713e2e9945-FRA
content-length: 93

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 18 KB
18 KB 122ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/assets/mui.48fbdf409ab4b9a03bf546d3caab97a9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.freshbooks.com/
Origin: https://my.freshbooks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:42:46 GMT
x-content-type-options: nosniff
age: 190217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18000
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 12:42:46 GMT

GET
H2 200 freshbooks-leaf-midnight-blue.0287aeec34d07a639c10.svg
my.freshbooks.com/assets/images/ 664 B
588 B 18ms
17ms Image
image/svg+xml 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.freshbooks.com/assets/images/freshbooks-leaf-midnight-blue.0287aeec34d07a639c10.svg

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 1
date: Mon, 21 Aug 2023 17:33:03 GMT
via: 1.1 google, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 389371
x-cache: HIT
content-length: 463
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Mon, 14 Aug 2023 15:04:21 GMT
server: nginx
etag: "64da4275-298"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
country: DE
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pk_90faa148c68d490d95f329abd0943230
grsm.io/pr/gpk/ 0
234 B 183ms
140ms XHR
text/plain 2606:4700::6812:bd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://grsm.io/pr/gpk/pk_90faa148c68d490d95f329abd0943230
Requested by: Host: snippet.growsumo.com
URL: https://snippet.growsumo.com/growsumo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://my.freshbooks.com
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 7fa49e715f373825-FRA
content-length: 0

GET
H2

200

Primary Request sign_up Show response
auth.freshbooks.com/service/auth/en/integrations/
Redirect Chain

https://auth.freshbooks.com/oauth/authorize?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&redirect_uri=https%3A%2F%2Fmy.freshbooks.com%2Foauth-callback.html&response_ty...
https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up

8 KB
4 KB

178ms
162ms

Document
text/html

35.244.157.255
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/assets/chunk.7530c97e048cf0d8d4ee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.157.255 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

255.157.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

fd14747ef9cec67821019ba8c2b1438b6c97c0917b27b5c3f7edb52e664eb274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.freshbooks.com/#/signup
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 17:33:04 GMT
etag: W/"fd14747ef9cec67821019ba8c2b1438b"
referrer-policy: strict-origin-when-cross-origin
retry-after: 59
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-ratelimit-limit: 600
x-ratelimit-remaining: 598
x-ratelimit-reset: 1692639244
x-request-id: 17914c82-656d-4076-b8e4-b4fda05b1bb3
x-runtime: 0.017120
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 17:33:03 GMT
location: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
referrer-policy: strict-origin-when-cross-origin
retry-after: 60
server: nginx
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-ratelimit-limit: 600
x-ratelimit-remaining: 599
x-ratelimit-reset: 1692639244
x-request-id: fd026bfc-78e7-4cd5-bfb9-56c0eb923cbc
x-runtime: 0.013404
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js
www.googletagmanager.com/ 519 KB
123 KB 144ms
109ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TSPQG43&l=gtmDl

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCH68J&l=gtmDl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125898
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 16:09:21 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Aug 2023 17:33:03 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 107 KB
42 KB 182ms
148ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W43H77K&l=gtmDl

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCH68J&l=gtmDl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42736
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 17:09:30 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Aug 2023 17:33:03 GMT

GET
H2 200 client.json
rollout.maple.ada.support/freshbooksbot/ 7 KB
7 KB 258ms
27ms XHR
application/json 52.222.149.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rollout.maple.ada.support/freshbooksbot/client.json?ada_request_origin=embed
Requested by: Host: my.freshbooks.com
URL: https://my.freshbooks.com/assets/vendor.a243a93cf7f1b515fc7394585111813c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-104.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:32:51 GMT
via: 1.1 6d865250c628e9708a223a07778aa5b8.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
age: 252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6809
last-modified: Sun, 13 Aug 2023 16:40:28 GMT
server: AmazonS3
etag: "bfb53e9f3e55e3909f1e41c20af309e6"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: no-cache
vary: Origin
accept-ranges: bytes
x-amz-cf-id: DMcrR98hIozMOMzSGEmfTt0cbB0GtP_rEBlewyDeWw5U8Ut9Hxi6NQ==

GET
H2 200 chat-manifest.json
static.ada.support/ 136 B
697 B 12ms
9ms Fetch
application/json 18.66.147.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ada.support/chat-manifest.json

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-95.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: sAk0H0KwmpqXQRHIKl83WCv0KEmaf9v7
date: Sun, 20 Aug 2023 03:04:54 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 138490
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 136
last-modified: Wed, 09 Aug 2023 16:25:06 GMT
server: AmazonS3
etag: "bfab00f50bc15be77c5414d4b09da502"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: sMnu8bPST-K7wIYflMK9c7zcPndvq3pfNWUlAwN_TfnKworkai919Q==

POST
H2 200 page
rs.fullstory.com/rec/ 6 KB
2 KB 289ms
104ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: my.freshbooks.com
URL: https://my.freshbooks.com/assets/vendor.a243a93cf7f1b515fc7394585111813c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://my.freshbooks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 21 Aug 2023 17:33:03 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://my.freshbooks.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1542

GET
H2 200 pk_90faa148c68d490d95f329abd0943230
partnerlinks.io/pr/gpk/ 0
203 B 171ms
0ms XHR
text/plain 2606:4700::6812:1f85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partnerlinks.io/pr/gpk/pk_90faa148c68d490d95f329abd0943230
Requested by: Host: my.freshbooks.com
URL: https://my.freshbooks.com/assets/vendor.a243a93cf7f1b515fc7394585111813c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:03 GMT
server: cloudflare
vary: Accept-Encoding
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://my.freshbooks.com
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
cf-ray: 7fa49e7339ff4d4f-FRA
content-length: 0

GET
H2 200 index.html
freshbooksbot.maple.ada.support/embed/x-storage/3681e6c/ Frame E29E 0
0 126ms
0ms Document
text/html 52.222.236.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://freshbooksbot.maple.ada.support/embed/x-storage/3681e6c/index.html

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.3681e6c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-68.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://my.freshbooks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 114218
cache-control: 172800
content-length: 237
content-type: text/html
date: Sun, 20 Aug 2023 09:49:27 GMT
etag: "93f912ceabb0586748b7b0061a4f94fa"
last-modified: Thu, 13 Jul 2023 20:21:11 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
x-amz-cf-id: BgH2o9ABGhgx4IF8lREm9ELb9BCEK9bt2NvSQgy6C9Lbem9FPrVaiw==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: .rhZb0zUTZqqH8qfNGz3oen.8griWw0E
x-cache: Hit from cloudfront

GET
H2 200 index.html
freshbooksbot.maple.ada.support/embed/button/3681e6c/ Frame 379D 0
0 86ms
0ms Document
text/html 52.222.236.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://freshbooksbot.maple.ada.support/embed/button/3681e6c/index.html

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.3681e6c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-68.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://my.freshbooks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44127
cache-control: 172800
content-encoding: gzip
content-type: text/html
date: Mon, 21 Aug 2023 05:17:38 GMT
etag: W/"2dac51d31a483f0c6df2f926f31650fa"
last-modified: Thu, 13 Jul 2023 20:21:11 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
x-amz-cf-id: ZqMsRWYBdNRw-9-lQkZV0pn8bV7jZnBK0buV1AvMPGA4nXm-5I2GWA==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: Hhy5o7nSbzbGG7gpLf3uOJrO86AI4eze
x-cache: Hit from cloudfront

GET optimize.js
www.googleoptimize.com/ 0
0

GET /
www.googleadservices.com/pagead/conversion/962469797/ 0
0

GET loader.js
www.gstatic.com/wcm/ 0
0

GET bat.js
bat.bing.com/ 0
0

GET fbevents.js
connect.facebook.net/en_US/ 0
0

GET sf14g.js
t.sf14g.com/ 0
0

GET events.js
tags.srv.stackadapt.com/ 0
0

GET js
www.googletagmanager.com/gtag/ 0
0

GET analytics.js
www.google-analytics.com/ 0
0

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H/1.1 200
OK tags.js Show response
secure.freshbooks.com/fp/ 93 KB
13 KB 683ms
17ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/tags.js?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&page_id=identity_registration

Requested by

Host: auth.freshbooks.com
URL: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

975dad0b23b374d86f8f577f96f270f47271a15867894fb7849f21352d128b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 17:33:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 google_tag_manager-2703a1afe3773c851d6996f0e1818c2c2c18c2b2e5ac240aae457f31ceee88e3.js Show response
auth.freshbooks.com/service/auth/build/scss/ 330 B
292 B 133ms
132ms Script
application/javascript 35.244.157.255
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.freshbooks.com/service/auth/build/scss/google_tag_manager-2703a1afe3773c851d6996f0e1818c2c2c18c2b2e5ac240aae457f31ceee88e3.js
Requested by: Host: auth.freshbooks.com
URL: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.157.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 255.157.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2703a1afe3773c851d6996f0e1818c2c2c18c2b2e5ac240aae457f31ceee88e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:04 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 21 Aug 2023 10:05:04 GMT
server: nginx
vary: Accept-Encoding
x-ratelimit-remaining: 596
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ratelimit-reset: 1692639245
x-ratelimit-limit: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270
retry-after: 60

GET
H3 200 application-6f57506bf8bc6a047bb922f8c052f1ce4f07fad9b30fbb206393095c1e740c0f.css
auth.freshbooks.com/service/auth/build/scss/ 64 KB
14 KB 143ms
142ms Stylesheet
text/css 35.244.157.255
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.freshbooks.com/service/auth/build/scss/application-6f57506bf8bc6a047bb922f8c052f1ce4f07fad9b30fbb206393095c1e740c0f.css
Requested by: Host: auth.freshbooks.com
URL: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.157.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 255.157.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 016129790e7a7815a78ba4a4c40f0fc8b5dba5f323dec19e1b95a7204d80cc40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:04 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 21 Aug 2023 10:06:58 GMT
server: nginx
vary: Accept-Encoding
x-ratelimit-remaining: 596
content-type: text/css
access-control-allow-origin: *
x-ratelimit-reset: 1692639245
x-ratelimit-limit: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13921
retry-after: 60

GET
H3 200 freshbooks-logo-web-3e75f8788b92568866a832aa88b521c1bbe63fc522896cdbbd946cfcb50cf95c.svg
auth.freshbooks.com/service/auth/build/scss/ 8 KB
8 KB 138ms
133ms Image
image/svg+xml 35.244.157.255
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth.freshbooks.com/service/auth/build/scss/freshbooks-logo-web-3e75f8788b92568866a832aa88b521c1bbe63fc522896cdbbd946cfcb50cf95c.svg
Requested by: Host: auth.freshbooks.com
URL: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.157.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 255.157.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e75f8788b92568866a832aa88b521c1bbe63fc522896cdbbd946cfcb50cf95c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
via: 1.1 google
last-modified: Mon, 21 Aug 2023 10:05:04 GMT
server: nginx
x-ratelimit-remaining: 592
content-type: image/svg+xml
access-control-allow-origin: *
x-ratelimit-reset: 1692639246
x-ratelimit-limit: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8050
retry-after: 60

GET
H3 200 google-signin-logo-0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b.svg
auth.freshbooks.com/service/auth/build/scss/ 688 B
708 B 141ms
140ms Image
image/svg+xml 35.244.157.255
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth.freshbooks.com/service/auth/build/scss/google-signin-logo-0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b.svg
Requested by: Host: auth.freshbooks.com
URL: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.157.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 255.157.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
via: 1.1 google
last-modified: Mon, 21 Aug 2023 10:05:04 GMT
server: nginx
x-ratelimit-remaining: 589
content-type: image/svg+xml
access-control-allow-origin: *
x-ratelimit-reset: 1692639246
x-ratelimit-limit: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 688
retry-after: 60

GET
H3 200 apple-signin-logo-73c61c9c2bb19d907b848133fcb689aac4a5ab9ceb1c77dae1253a85bb08adb8.svg
auth.freshbooks.com/service/auth/build/scss/ 3 KB
3 KB 149ms
148ms Image
image/svg+xml 35.244.157.255
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth.freshbooks.com/service/auth/build/scss/apple-signin-logo-73c61c9c2bb19d907b848133fcb689aac4a5ab9ceb1c77dae1253a85bb08adb8.svg
Requested by: Host: auth.freshbooks.com
URL: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.157.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 255.157.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 73c61c9c2bb19d907b848133fcb689aac4a5ab9ceb1c77dae1253a85bb08adb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
via: 1.1 google
last-modified: Mon, 21 Aug 2023 10:05:04 GMT
server: nginx
x-ratelimit-remaining: 592
content-type: image/svg+xml
access-control-allow-origin: *
x-ratelimit-reset: 1692639246
x-ratelimit-limit: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3261
retry-after: 60

GET
H3 200 login-9777515a68097fd6f3f39afe4653ec46395edb389b4e0c1ff6e86c69f3ebf624.js Show response
auth.freshbooks.com/service/auth/build/scss/ 109 KB
37 KB 156ms
155ms Script
application/javascript 35.244.157.255
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.freshbooks.com/service/auth/build/scss/login-9777515a68097fd6f3f39afe4653ec46395edb389b4e0c1ff6e86c69f3ebf624.js
Requested by: Host: auth.freshbooks.com
URL: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.157.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 255.157.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9777515a68097fd6f3f39afe4653ec46395edb389b4e0c1ff6e86c69f3ebf624

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/service/auth/en/integrations/sign_up?client_id=531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb&registration_type=sign_up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 21 Aug 2023 10:08:32 GMT
server: nginx
vary: Accept-Encoding
x-ratelimit-remaining: 595
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ratelimit-reset: 1692639245
x-ratelimit-limit: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37878
retry-after: 59

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
48 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MCH68J

Requested by

Host: auth.freshbooks.com
URL: https://auth.freshbooks.com/service/auth/build/scss/google_tag_manager-2703a1afe3773c851d6996f0e1818c2c2c18c2b2e5ac240aae457f31ceee88e3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7eca92411d70f2c3660528e17bcb88ee51615e5103bd5b0c892cf3a4884545ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49085
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 17:09:30 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Aug 2023 17:33:04 GMT

GET
H3 200 FranklinGothicURW-Lig-796c90dc338e79b440537d1fdad6c671cfe413f7538047ce5804350cc3ebb13b.woff
auth.freshbooks.com/service/auth/build/scss/ 46 KB
46 KB 136ms
135ms Font
application/font-woff 35.244.157.255
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.freshbooks.com/service/auth/build/scss/FranklinGothicURW-Lig-796c90dc338e79b440537d1fdad6c671cfe413f7538047ce5804350cc3ebb13b.woff
Requested by: Host: auth.freshbooks.com
URL: https://auth.freshbooks.com/service/auth/build/scss/application-6f57506bf8bc6a047bb922f8c052f1ce4f07fad9b30fbb206393095c1e740c0f.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.157.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 255.157.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 796c90dc338e79b440537d1fdad6c671cfe413f7538047ce5804350cc3ebb13b

Request headers

Referer: https://auth.freshbooks.com/service/auth/build/scss/application-6f57506bf8bc6a047bb922f8c052f1ce4f07fad9b30fbb206393095c1e740c0f.css
Origin: https://auth.freshbooks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
via: 1.1 google
last-modified: Mon, 21 Aug 2023 10:05:04 GMT
server: nginx
x-ratelimit-remaining: 589
content-type: application/font-woff
access-control-allow-origin: *
x-ratelimit-reset: 1692639246
x-ratelimit-limit: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46672
retry-after: 60

GET
H3 200 FranklinGothicURW-Boo-3e0b7c02a50ed36c3dcac5b12b7faef74741bfc5ccbe1f1d5cac305f10db79b6.woff
auth.freshbooks.com/service/auth/build/scss/ 45 KB
45 KB 133ms
133ms Font
application/font-woff 35.244.157.255
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.freshbooks.com/service/auth/build/scss/FranklinGothicURW-Boo-3e0b7c02a50ed36c3dcac5b12b7faef74741bfc5ccbe1f1d5cac305f10db79b6.woff
Requested by: Host: auth.freshbooks.com
URL: https://auth.freshbooks.com/service/auth/build/scss/application-6f57506bf8bc6a047bb922f8c052f1ce4f07fad9b30fbb206393095c1e740c0f.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.157.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 255.157.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e0b7c02a50ed36c3dcac5b12b7faef74741bfc5ccbe1f1d5cac305f10db79b6

Request headers

Referer: https://auth.freshbooks.com/service/auth/build/scss/application-6f57506bf8bc6a047bb922f8c052f1ce4f07fad9b30fbb206393095c1e740c0f.css
Origin: https://auth.freshbooks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
via: 1.1 google
last-modified: Mon, 21 Aug 2023 10:05:04 GMT
server: nginx
x-ratelimit-remaining: 589
content-type: application/font-woff
access-control-allow-origin: *
x-ratelimit-reset: 1692639246
x-ratelimit-limit: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45612
retry-after: 60

GET
H3 200 fontawesome-webfont-199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1.woff
auth.freshbooks.com/service/auth/build/scss/ 64 KB
64 KB 153ms
152ms Font
application/font-woff 35.244.157.255
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.freshbooks.com/service/auth/build/scss/fontawesome-webfont-199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1.woff?v=4.0.3
Requested by: Host: auth.freshbooks.com
URL: https://auth.freshbooks.com/service/auth/build/scss/application-6f57506bf8bc6a047bb922f8c052f1ce4f07fad9b30fbb206393095c1e740c0f.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.157.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 255.157.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://auth.freshbooks.com/service/auth/build/scss/application-6f57506bf8bc6a047bb922f8c052f1ce4f07fad9b30fbb206393095c1e740c0f.css
Origin: https://auth.freshbooks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
via: 1.1 google
last-modified: Mon, 21 Aug 2023 10:05:04 GMT
server: nginx
x-ratelimit-remaining: 589
content-type: application/font-woff
access-control-allow-origin: *
x-ratelimit-reset: 1692639246
x-ratelimit-limit: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65452
retry-after: 60

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 519 KB
123 KB 109ms
108ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TSPQG43&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCH68J

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1c4056d73689ffc0da2199e4655df7939cdf048ed893943f4d84f5b1aef1587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125896
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 17:09:30 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Aug 2023 17:33:05 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
42 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W43H77K&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCH68J

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78faa277a20ccd46facab7b2ed62bb83a8bd0267e7fac271f985c7f8dc36dcbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42712
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 16:09:21 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Aug 2023 17:33:05 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 489 KB
77 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-P83JLLB

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSPQG43&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a185ca3a3d85b9ad485f2bcc1895d913c8a6977e3a93e7af018f76dbb8a3859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 21 Aug 2023 17:33:05 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSPQG43&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 21 Aug 2023 17:57:34 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 32ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: my.freshbooks.com
URL: https://my.freshbooks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 21 Aug 2023 17:33:04 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 66B696228C904457AD7AF53C2B0A599B Ref B: FRAEDGE2005 Ref C: 2023-08-21T17:33:05Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12469

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ 242 KB
66 KB 15ms
15ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: my.freshbooks.com
URL: https://my.freshbooks.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 63c6fcb4e0dd6d63b97574ba2717220a0ceb9fe55b7d34e7ed6133eaa82d5886

Request headers

Referer: https://auth.freshbooks.com/
Origin: https://auth.freshbooks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:27:03 GMT
content-encoding: br
age: 362
x-guploader-uploadid: ADPycdu0xU1Z1ZFaWu1AAD-sb-D_tipaagZ3RIDxL-TxvezKZXATHhFbZ-lAA5CIIqPGOtw-WjnXDJWRM6V3N9AmlwiPdmMD-olu
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67382
last-modified: Thu, 17 Aug 2023 14:49:44 GMT
server: UploadServer
etag: "73ae3407fb422f1b2d35137c774b84b1"
vary: Accept-Encoding
x-goog-generation: 1692283784371563
x-goog-hash: crc32c=1E7iYA==, md5=c640B/tCLxstNRN8d0uEsQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 67382
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 21 Aug 2023 18:27:03 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HZDP94KDJX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSPQG43&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a75031f422c3541904230d98ecc24f0efe6b22df5f00632bc3d066153254dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83062
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 21 Aug 2023 17:33:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSPQG43&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 15:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6522
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 21 Aug 2023 17:44:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
85 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LNDHWTHSMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSPQG43&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f75d78f041783ca9a332f609a6a0623acd2d708f2c8f08be2ffe5e3f66dfc41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87111
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 21 Aug 2023 17:33:05 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
85 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LVMTGDY4G2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSPQG43&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db4cbef6225a6267c30856d949a3926121891430cda8bd0ed61dac4207d9a7f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 21 Aug 2023 17:33:05 GMT

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
19 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 11:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18760
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 11:41:04 GMT

GET
H2 204 5090123.js Show response
bat.bing.com/p/action/ 0
116 B 35ms
35ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5090123.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 21 Aug 2023 17:33:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A0797E0B2C940AD839C6D678A4B143E Ref B: FRAEDGE2005 Ref C: 2023-08-21T17:33:05Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5090123&Ver=2&mid=967db2f4-dc12-4238-9449-f57551f68e94&sid=c963f430404811ee834fa1fa88324bbc&vid=c9642c30404811eebc82bb5a408dd4cc&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=FreshBooks&p=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&r=https%3A%2F%2Fmy.freshbooks.com%2F&lt=1589&evt=pageLoad&sv=1&rn=337834

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Aug 2023 17:33:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5B803339D70F4AE491B5C4FA5EE26D28 Ref B: FRAEDGE2005 Ref C: 2023-08-21T17:33:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 web Show response
edge.fullstory.com/s/settings/z10/v1/ 5 KB
1 KB 20ms
19ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/z10/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 30273216be326e4262d4b789b0aedcc94582ca59e9e6ac26c4000bd3b629f10b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:03 GMT
content-encoding: gzip
age: 2
x-guploader-uploadid: ADPycdtt0rGySD5343DMaa4Sm8KmEmxWycv5SZqJM29eVamXImpTSAIHTfPJRvEb9-Ukc0v6NJNaAaZpAHKv30bWoMg4c2xqy4j-
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1342
last-modified: Mon, 21 Aug 2023 17:23:37 GMT
server: UploadServer
etag: "e9666b444e4181731acc495351b87ef4"
x-goog-generation: 1692284617121269
x-goog-hash: crc32c=QgWBjA==, md5=6WZrRE5BgXMazElTUbh+9A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1342
accept-ranges: bytes
content-type: application/json
expires: Mon, 21 Aug 2023 17:48:03 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 44ms
43ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1534430721&t=pageview&_s=1&dl=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&dr=https%3A%2F%2Fmy.freshbooks.com%2F&dp=%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&ul=en-us&de=UTF-8&dt=FreshBooks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAACAEK~&jid=1376823405&gjid=1011505002&cid=1804164304.1692639186&tid=UA-3907864-11&_gid=807315700.1692639186&_r=1&_slc=1&gtm=45He38g0n81TSPQG43&cd23=nfb&cd52=23616588-bf2d-4b9a-9802-654136026835&cd57=(none)&cd58=(none)&cd59=(none)&cd60=(none)&cd61=(none)&cd62=(none)&cd63=(none)&cd64=(none)&cd65=(none)&cd66=(none)&cd67=(none)&cd68=(none)&cd69=(none)&cd71=(none)&cd72=(none)&cd73=(none)&cd74=(none)&cd75=(none)&cd76=(none)&cd77=(none)&cd78=(none)&cd79=(none)&cd81=(none)&z=1575917315

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.freshbooks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.freshbooks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 53ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HZDP94KDJX&gtm=45je38g0&_p=1534430721&cid=1804164304.1692639186&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692639185&sct=1&seg=0&dl=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&dr=https%3A%2F%2Fmy.freshbooks.com%2F&dt=FreshBooks&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HZDP94KDJX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.freshbooks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LVMTGDY4G2&gtm=45je38g0&_p=1534430721&cid=1804164304.1692639186&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&sid=1692639185&sct=1&seg=0&dr=https%3A%2F%2Fmy.freshbooks.com%2F&dt=FreshBooks&en=page_view&_fv=1&_ss=1&ep.responsive_style=3%3A%20Above%201100px&ep.cc_timestamp=2023-08-21T19%3A33%3A05.265%2B02%3A00&ep.user_hour_of_day=2023082119&ep.day_of_week=Monday&ep.login_status=No&ep.user_time_zone=GMT%20%2B0200
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LVMTGDY4G2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.freshbooks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 25ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LNDHWTHSMK&gtm=45je38g0&_p=1534430721&_gaz=1&cid=1804164304.1692639186&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&sid=1692639185&sct=1&seg=0&dr=https%3A%2F%2Fmy.freshbooks.com%2F&dt=FreshBooks&en=page_view&_fv=1&_ss=1&ep.responsive_style=3%3A%20Above%201100px&ep.cc_timestamp=2023-08-21T19%3A33%3A05.256%2B02%3A00&ep.user_hour_of_day=2023082119&ep.day_of_week=Monday&ep.login_status=No&ep.user_time_zone=GMT%20%2B0200
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LNDHWTHSMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.freshbooks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 67ms
18ms Ping
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LNDHWTHSMK&cid=1804164304.1692639186&gtm=45je38g0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LNDHWTHSMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.freshbooks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 168ms
76ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LNDHWTHSMK&cid=1804164304.1692639186&gtm=45je38g0&aip=1&z=1907754285

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1534430721&t=event&ni=1&_s=1&dl=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&dr=https%3A%2F%2Fmy.freshbooks.com%2F&dp=%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&ul=en-us&de=UTF-8&dt=FreshBooks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=scrollto-&_u=aEDAAEABQAAAACAEK~&jid=&gjid=&cid=1804164304.1692639186&tid=UA-3907864-11&_gid=807315700.1692639186&gtm=45He38g0n81TSPQG43&cd23=nfb&cd41=GA1.1.1804164304.1692639186&cd52=23616588-bf2d-4b9a-9802-654136026835&cd57=(none)&cd58=(none)&cd59=(none)&cd60=(none)&cd61=(none)&cd62=(none)&cd63=(none)&cd64=(none)&cd65=(none)&cd66=(none)&cd67=(none)&cd68=(none)&cd69=(none)&cd71=(none)&cd72=(none)&cd73=(none)&cd74=(none)&cd75=(none)&cd76=(none)&cd77=(none)&cd78=(none)&cd79=(none)&cd81=(none)&z=1183663305

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 23:30:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64984
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1534430721&t=event&ni=1&_s=1&dl=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&dr=https%3A%2F%2Fmy.freshbooks.com%2F&dp=%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&ul=en-us&de=UTF-8&dt=FreshBooks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=scrollto-&_u=aEDAAEABQAAAACAEK~&jid=&gjid=&cid=1804164304.1692639186&tid=UA-3907864-11&_gid=807315700.1692639186&gtm=45He38g0n81TSPQG43&cd23=nfb&cd41=GA1.2.1804164304.1692639186&cd52=23616588-bf2d-4b9a-9802-654136026835&cd57=(none)&cd58=(none)&cd59=(none)&cd60=(none)&cd61=(none)&cd62=(none)&cd63=(none)&cd64=(none)&cd65=(none)&cd66=(none)&cd67=(none)&cd68=(none)&cd69=(none)&cd71=(none)&cd72=(none)&cd73=(none)&cd74=(none)&cd75=(none)&cd76=(none)&cd77=(none)&cd78=(none)&cd79=(none)&cd81=(none)&z=1493390680

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 23:30:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64984
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/962469797/wcm?cc=ZZ&dn=18886743175&cl=8tJHCP28pfwBEKW_-MoD&ref=https%3A%2F%2Fmy.freshbooks.com%2F&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18886743175&cl=8tJHCP28pfwBEKW_-MoD

80 B
244 B

69ms
68ms

XHR
application/json

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18886743175&cl=8tJHCP28pfwBEKW_-MoD

Requested by

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Mon, 21 Aug 2023 17:33:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18886743175&cl=8tJHCP28pfwBEKW_-MoD
access-control-allow-origin: https://auth.freshbooks.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3907864-11&cid=1804164304.1692639186&jid=1376823405&gjid=1011505002&_gid=807315700.1692639186&_u=aEBAAEAAQAAAACAEK~&z=42761178

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.freshbooks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 21 Aug 2023 17:33:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.freshbooks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 6 KB
2 KB 128ms
128ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d54e51da00b374d4689055f504fde0b6744b5744fd01a6d29f0793536fde1ed0

Request headers

Referer: https://auth.freshbooks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 21 Aug 2023 17:33:06 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://auth.freshbooks.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1542

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 161ms
76ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3907864-11&cid=1804164304.1692639186&jid=1376823405&_u=aEBAAEAAQAAAACAEK~&z=1280446181

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 76ms
75ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3907864-11&cid=1804164304.1692639186&jid=1376823405&_u=aEBAAEAAQAAAACAEK~&z=1280446181

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B Show response
secure.freshbooks.com/fp/ Frame 6ABA 292 KB
53 KB 23ms
22ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/check.js;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&jb=353b2e2662736f753555696e6667777324687b6f3f5769666c6d777127323239322e6a736277354360726f6d6d246a7360354368706d6565273230393934

Requested by

Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/fp/tags.js?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&page_id=identity_registration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

735af56427178134304dcf2a39a7ecdbe6c4a38bab9ab366e1ccdfb081647157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 17:33:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 44ce8125a6cff177
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
secure.freshbooks.com/fp/ Frame 6ABA 81 B
475 B 38ms
12ms Image
image/png 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.freshbooks.com/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 17:33:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
secure.freshbooks.com/fp/ Frame 6ABA 81 B
475 B 39ms
13ms Image
image/png 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.freshbooks.com/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 17:33:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LVMTGDY4G2&gtm=45je38g0&_p=1534430721&cid=1804164304.1692639186&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&dl=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&sid=1692639185&sct=1&seg=0&dr=https%3A%2F%2Fmy.freshbooks.com%2F&dt=FreshBooks&en=scroll&ep.responsive_style=3%3A%20Above%201100px&ep.cc_timestamp=2023-08-21T19%3A33%3A05.265%2B02%3A00&ep.user_hour_of_day=2023082119&ep.day_of_week=Monday&ep.login_status=No&ep.user_time_zone=GMT%20%2B0200&epn.percent_scrolled=90&_et=101
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LVMTGDY4G2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.freshbooks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
36ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1534430721&t=timing&_s=2&dl=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&dr=https%3A%2F%2Fmy.freshbooks.com%2F&dp=%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&ul=en-us&de=UTF-8&dt=FreshBooks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2538&pdt=5&dns=0&rrt=290&srt=163&tcp=0&dit=1585&clt=1586&_gst=1650&_gbt=1975&_u=aEDAAEABQAAAACAEK~&jid=&gjid=&cid=1804164304.1692639186&tid=UA-3907864-11&_gid=807315700.1692639186&gtm=45He38g0n81TSPQG43&cd23=nfb&cd52=23616588-bf2d-4b9a-9802-654136026835&cd57=(none)&cd58=(none)&cd59=(none)&cd60=(none)&cd61=(none)&cd62=(none)&cd63=(none)&cd64=(none)&cd65=(none)&cd66=(none)&cd67=(none)&cd68=(none)&cd69=(none)&cd71=(none)&cd72=(none)&cd73=(none)&cd74=(none)&cd75=(none)&cd76=(none)&cd77=(none)&cd78=(none)&cd79=(none)&cd81=(none)&z=837200056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 23:30:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64985
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK HP Show response
secure.freshbooks.com/fp/ Frame 11BC 19 KB
6 KB 17ms
14ms Document
text/html 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/HP?session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&org_id=32rts1pk&nonce=44ce8125a6cff177&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/fp/check.js;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&jb=353b2e2662736f753555696e6667777324687b6f3f5769666c6d777127323239322e6a736277354360726f6d6d246a7360354368706d6565273230393934

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

3288fa79d993ceb088a6011012352551f8118c5ed8d6be2ea66add943b40e921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth.freshbooks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 5796
Content-Type: text/html;charset=UTF-8
Date: Mon, 21 Aug 2023 17:33:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
secure.freshbooks.com/fp/ Frame 6ABA 81 B
535 B 40ms
12ms XHR
image/png 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 32rts1pk/44ce8125a6cff177ab918ee4-ca53-446f-a3e1-9f5c7ec8b841
Referer: https://auth.freshbooks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 17:33:06 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 21 Aug 2023 17:33:06 GMT
Server: Apache
Etag: d323666313274a72820882c4335ec283
Content-Type: image/png
Access-Control-Allow-Origin: https://auth.freshbooks.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 19 Aug 2028 17:33:06 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame 6ABA
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&k=2

0
387 B

13ms
12ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 17:33:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 21 Aug 2023 17:33:06 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 0

GET
H/1.1 200
OK ls_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B Show response
secure.freshbooks.com/fp/ Frame 0A48 90 KB
14 KB 16ms
15ms Document
text/html 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/ls_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

0d017b7536649d38429fbaf4b3963ed0733958a85aaa57371ae7b9ff88332c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth.freshbooks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 21 Aug 2023 17:33:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
secure.freshbooks.com/fp/ Frame 6ABA 0
387 B 13ms
12ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&jb=33342e6c7b613d30396733363a38356463643d343a3236316d31313532393b3b3a3b3065313531

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 17:33:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B Show response
h.online-metrix.net/fp/ Frame 370F 103 KB
15 KB 28ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

44244633a256e57b1b71a04347e8fb97474544d4ed912a1af43b1467f2d8816f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth.freshbooks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 21 Aug 2023 17:33:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B Show response
secure.freshbooks.com/fp/ Frame 42D2 90 KB
14 KB 15ms
15ms Document
text/html 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/top_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

949996095f0922c7daa24a6b5e9b4235f952d1bd7e0b8ffcd0e64f49222989a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth.freshbooks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 21 Aug 2023 17:33:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
secure.freshbooks.com/fp/ Frame 6ABA 0
218 B 15ms
14ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&ja=313b3d372e26633d3e32267a3f3e3026643f3936323078393a32302463663f3934383078313038302e73787935327830246c70723f33243134303024393030322e31343832243132303224313e30302c393030302e393630322e393232302c382432266f763d63303a3a616263666b373f6464666c6439656330343133363f30346239693f63266f6c3d362e716b643d32362e6c603d68747c7273253149253244273a466375746026647267716860676d63732e636d65253a4673657a746963672d324663777c682732466d662732446b6e766d657a6174696d66732d32467361656e5f7778253344616469676e74576166253146353139673a3234373139616d3162373a353932323d306330336a37616238306a3638603763646e303b623236363c386e3130633f60366466393663313a3b636025323e7a67676b7174706976616f6e5f7671706d2533447b6b676e5d7d7026726e3533247068353f3a66303a61633e606b6662653339336a3733383f636530663b626460306c34246868353a3363356430376b606c3461313a31333c6336336c3266383b6c623030336e32246a73673555696c666f757b273a3031302462736a3d43687a6d6d65273a303133342e6a716f75355f6b6e666d77712e687b62753d416072676d6526666a633d362e6e646f3f30266c6d74783532267678643f4d777a6f7065273a464a65726c616c266d637c68723f3638303164316b3a6065613232673e616b353630323032696431353d363031646c34353a3a39343364366d6963323666633b3c636e626437303b313b313936692464723f60747472712d334325324e2d30466f7b2e647a677b68626f6d637326636f6d2d3046267235706c7765616e5d666c697b6a253747666364716d21706c776f69665f776966666f7771576d65666b695f726c61716d70253747666364716d21706c776f69665f61646760655f636b726f60637c253745666964716523726c776f6b665f71756b6b6b7c696d652d374566636473652372647565696e577b6a6f616977637e672d3545666364736d21706c7d65696e5d7a65616e7264617b65722d3d4766636e73672972647567696c577664635f7064637965702d354564636473672170647d65696c5d64677e6364767225374d66696c736529726c7565616e5f71746f5f7469657f6d70253747666364716d21706c776f69665f6a617e632535476e616c71672e676e5f63357f6762656e57676a45442532303326302d3230284772656e4544253232475b253030322638273232416870676f61756d29556d624f4c253238454c534e2d323047512d3232312e382d30302a4d7067664544253230475b253a30474c5b4e2532324d53253032392e322532384b6a726d6f6977652b5f65624b6b7c576d624b697c273230556d62474e4346474e455f61667174636c63676c5d697272617b7b253b422532384758545d6a6c656c66576d6b6e6d69702733402732324d5a5c5f636f6e6772576275666e67725f6a696c665d64646f6374253b4a2732324758565764646f61745d6a6c6d6e64253b402532324d58545d647a61655f646d787668273142273a324d58545f7160616c65725f7c677874777a655f6e6d6c253142253a384758565d746770767d72655f61676d787265737b6b6f6e5d6a707461273b422732304d50565f766778767d706d5f636f6f78726d737369676c5f72657c632531402d323245585c5776657a7675706d5d6e696c74677a5f696e69736776726f7261632531402d323245585c577152454025314a273a304f4551576564656d6566765f696c6c65785d77616e7625334a2d30304d47535d6e60675f72656c6c657a5f6d69786f6170273b422530324745515f737c696c646370645d6c677a6976617661766d7325334a2732304d4d535f76677074777265576e6e6f637625314a273a304f455157746d7874757a675f666e6761745d6e616e6761722d3b402530324f475b5d7c657874777a655768616c6e5d666c6d69742531402d32324f455b5776657a7675706d5d60616c665d6e6c6761745f646b6e65637a253340273a304d4553577e67727667785d69707a61795f6d6a6a6d6374253b402532325f4542454e57636d6c6f7a576075646465705764646f6174273b422d3230574d40474c5d6b6f6d72706d73716564577c67787677726757637b746325314a253a3057454a454c5f61676d7070677b7367645f7c6d7a747770655d6d766b253342273a305f454247445d636f6f78726571716d645d7465707c7772675d65766b332d3342253038574d42474c57616f6d727a657371676c5f7665787c7d70655d7133766b273b422532325f454a474c5f6b6d6d70706d7373676657746778747d7a675f7131746157717a676225314a253a3057454a454c5f666d6275655d7a656c64657a6d705f6b6c666d2d314a253230554d424f4c5f646d7274685d7c657876777a652733422d3a32574740474e57667a61775f607d666e6572732d314225303857454045445f6e6f736d57616f6c76657a7c273b422532325f454a474c5f65776c746b5764726375393624676c57603f33646435666e643c373430666c633c3037653e306265326d373466303d35363631383c6634303739247f6564763d496c7c6564253230416c632e247f676c703f416e76656c2d3a3249706b73273a324770656e4544253a30456e6f6b6e65246b63643f33&jb=31373c2664713d4d6778696c6e69253244372630273230205f6b6e666d77712d30384e5425303831382e30253b402532325f696e34362d33402532387034342b2732324972786c6557676a4b617425324e3733372c3b36253032204b4a544d442d30432730306e61696d253230456d63636f29253a32436870676d6527304e3133362e3826373836372e3b3e273a305361646972612532463d31372e313e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 17:33:06 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
32rts1pkzgwhnsbuqkzfcfg4rjzmzonvjkofgf6244ce8125a6cff177am1.e.aa.online-metrix.net/fp/ Frame 6ABA 81 B
438 B 65ms
12ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://32rts1pkzgwhnsbuqkzfcfg4rjzmzonvjkofgf6244ce8125a6cff177am1.e.aa.online-metrix.net/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 17:33:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js Show response
secure.freshbooks.com/fp/ Frame 11BC 208 KB
29 KB 23ms
22ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/check.js?&pageid=99998&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&org_id=32rts1pk&nonce=44ce8125a6cff177

Requested by

Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/fp/HP?session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&org_id=32rts1pk&nonce=44ce8125a6cff177&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

33891ed7fbd4203094882712ee8a22e11b129cdf7669c6c5f0dcffc58684f34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.freshbooks.com/fp/HP?session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&org_id=32rts1pk&nonce=44ce8125a6cff177&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 17:33:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 44ce8125a6cff177
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=96
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
secure.freshbooks.com/fp/ Frame 6ABA 0
387 B 13ms
12ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&jac=1&je=32313c262e6a666e3531266a64603d393b3439373366626e313533356733343f6069373534606a33316263343a613826686e746e3f3232343a353a3b2e60617671743f2d354a2532326e6d766d6c25323a2733413326303027304b253032737c697675712732302d31492532326160617a67696e6f273232273f442663776c683f63613f6a3b653467363a39616b616336643a613f6331393a3b3336313c366237613b313539366a3c66386666343a3e3238333866673c66383366636c3a34353b2e6578313f6e31676535316b6366353731363f353e3564323631333e3735323c673932646e63623a3339336361

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 17:33:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
secure.freshbooks.com/fp/ Frame 0A48 0
387 B 13ms
12ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&jf=33342e6c7b623d663f376438353f61623b646b34643366313f67373b64663a3d616a6566353238

Requested by

Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/fp/ls_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.freshbooks.com/fp/ls_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 17:33:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 149ms
144ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=z10&UserId=c06d5192-8a1f-494f-92ff-cd30fadee4e6&SessionId=4676e12f-45e9-463b-96f6-2cafb97625cb&PageId=500dc1e0-9149-4aef-947c-a87692904e0e&Seq=1&PageStart=1692639186066&PrevBundleTime=0&LastActivity=950
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: bf702c63bf8cd67e93d12c197a8ef275a673f964d0a7bf4f739750a633946573

Request headers

Referer: https://auth.freshbooks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://auth.freshbooks.com
date: Mon, 21 Aug 2023 17:33:07 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H/1.1 204
204 clear1.png;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B
secure.freshbooks.com/fp/ Frame 6ABA 0
400 B 17ms
16ms Image
image/png 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.freshbooks.com/fp/clear1.png;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&jf=34333e267b69645f7a6c643d766c725f5861637078527671455341706f684546247b69645f6669746d3d3136313036333b393837247161645d7479786d3f7767603a676b667b6126736b6c5f6365793d3b32353931383133323438373061383e3c3a63673164323a32393036303a3a61303634386b673364323b30313235383336323038383635363634316d3a696539353a6a65696635326d666139633e6238633639353466613c3c6639343331366d603f3466646738663b6335666d373031636d6664673431653b37353e3d6737673a37336a37316665663238663834656131603062343c336335343a363733646d3a366167373331393469303165603b306b3564383b3526736b6c5f736b653533323435383a3031323266676d606a3236363b69373c6235656c663065376c663133376c33373334383f60303a6137366b346d3831616638663e6537333e3b3066643c626434336e636630323a383533346762633c306e3536323b30373131663630366137636d653863303e32313436696c3b30376639336b3031386637663b64693965353e6430303431656566247b6964723d38

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 17:33:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=424C28225C0C02BB881AD9B4FA27A9EA
h.online-metrix.net/fp/ Frame 370F 0
400 B 17ms
17ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=424C28225C0C02BB881AD9B4FA27A9EA?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&jf=343330267b69645f7a6c643d766c725f5b4862306b43685b7d63345671784f49247b69645f6669746d3d3136313036333b393837247161645d7479786d3f7767603a676b667b6126736b6c5f6365793d3b32353931383133323438373061383e3c3a63673164323a32393036303a3a61303634386b673364323b30313235383336323038383633663730663e33383535383039393166303038333032613f386361323c663339643b396661676065346a303e633932353a626a66323730643933356c616230373b37673265303f60333261633030303a353465356b663c3235326c3b3665613d3532643b30636662643e396136603765646b6738396638326d386c353134303026736b6c5f736b653533323436383a3031323264343d613f633162323a356d3866386c6666396730396230336d353b61356d696034373364363f313f3433303069353f3965343d643063346a386460676a393230323a3932303b3b63643a603d666630616c356a3632313d613564373f363734333b333363393f306132636639633b3430336630323d666e3137343f3731643a316231606430267169667a3533

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9EE94714E852D46C9AD5CB13B7F1EE3B?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 17:33:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ARF;CIS3SID=6C9A816E2C902C2EA9DA77DA334C34B4 Show response
secure.freshbooks.com/fp/ Frame 11BC 35 B
557 B 20ms
19ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/ARF;CIS3SID=6C9A816E2C902C2EA9DA77DA334C34B4?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&pageid=99998&sera_parametere=UkReUggACgACBFFeX1QEVlIFUFFaBlZWBwMFB1RQUlEFAAZdDwlTA1AOU0AVQgpeWkQWEUsUAXFEASFDUXUSBQReEABUVF9QD0IQQ1V1EgB2BEZSfBQABQlZEBIVFARzEQMhQA91FFEICwIFUFdRUVIMUwNeAQBRWQcHAlBXVAEFUFBUXQYFAVVUUlBRVQ8GV1VFC1dfUVBcAlcFAwkGBQFVVQZeVwMCVhAJFVsBTw8BVVdVAVUBAVJSVVZXUFYHVVVVVQAABg1QUFAEAwRSBw0EUFAIUFATAF9eV1QADgMSXQpYFQAURQgLWl9fCA8RXF9eQ1oMcV0TWQ4DQFNBCgUFVUNaXkEINl8NAglGRBFXVl4RXEttVgBaDwQHUlwRUUBeVAsE&count=0&max=0

Requested by

Host: secure.freshbooks.com
URL: https://secure.freshbooks.com/fp/check.js?&pageid=99998&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&org_id=32rts1pk&nonce=44ce8125a6cff177

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

86d27245fc398afe40030d4900343dcdfe9f99eb9906ca7a8a4731586d39b69d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.freshbooks.com/fp/HP?session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&org_id=32rts1pk&nonce=44ce8125a6cff177&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 17:33:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
secure.freshbooks.com/fp/ Frame 6ABA 0
387 B 37ms
36ms Script
text/javascript 91.235.134.25
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.freshbooks.com/fp/clear.png?org_id=32rts1pk&session_id=ab918ee4-ca53-446f-a3e1-9f5c7ec8b841&nonce=44ce8125a6cff177&jac=1&je=32342e267f65693d393a352e3039332e33373d2e3334342e786f3d6c6d

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.25 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 17:33:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=91
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HZDP94KDJX&gtm=45je38g0&_p=1534430721&cid=1804164304.1692639186&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1692639185&sct=1&seg=0&dl=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&dr=https%3A%2F%2Fmy.freshbooks.com%2F&dt=FreshBooks&en=scroll&epn.percent_scrolled=90&_et=139
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HZDP94KDJX&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.freshbooks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 196ms
195ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=z10&UserId=c06d5192-8a1f-494f-92ff-cd30fadee4e6&SessionId=4676e12f-45e9-463b-96f6-2cafb97625cb&PageId=500dc1e0-9149-4aef-947c-a87692904e0e&Seq=2&PageStart=1692639186066&PrevBundleTime=1692639187268&LastActivity=4829
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4cf770322614fb03d33c0e26a287d4a5e27bf3b182fcdcc6e6a706c3644edf66

Request headers

Referer: https://auth.freshbooks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://auth.freshbooks.com
date: Mon, 21 Aug 2023 17:33:11 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LVMTGDY4G2&gtm=45je38g0&_p=1534430721&cid=1804164304.1692639186&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&dl=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&sid=1692639185&sct=1&seg=0&dr=https%3A%2F%2Fmy.freshbooks.com%2F&dt=FreshBooks&en=scroll_custom&ep.responsive_style=3%3A%20Above%201100px&ep.cc_timestamp=2023-08-21T19%3A33%3A06.228%2B02%3A00&ep.user_hour_of_day=2023082119&ep.day_of_week=Monday&ep.login_status=No&ep.user_time_zone=GMT%20%2B0200&epn.scroll_depth_threshold=90&_et=403&up.ga4_client_id=1804164304.1692639186
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LVMTGDY4G2&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.freshbooks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LNDHWTHSMK&gtm=45je38g0&_p=1534430721&cid=1804164304.1692639186&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dl=https%3A%2F%2Fauth.freshbooks.com%2Fservice%2Fauth%2Fen%2Fintegrations%2Fsign_up%3Fclient_id%3D531e224731ae1b72792050c21b7cb88b48b5cff23b26448f10c7b6dd16c383cb%26registration_type%3Dsign_up&sid=1692639185&sct=1&seg=0&dr=https%3A%2F%2Fmy.freshbooks.com%2F&dt=FreshBooks&en=scroll_custom&ep.responsive_style=3%3A%20Above%201100px&ep.cc_timestamp=2023-08-21T19%3A33%3A06.227%2B02%3A00&ep.user_hour_of_day=2023082119&ep.day_of_week=Monday&ep.login_status=No&ep.user_time_zone=GMT%20%2B0200&epn.scroll_depth_threshold=90&_et=459&up.ga4_client_id=1804164304.1692639186
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LNDHWTHSMK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.freshbooks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 17:33:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.freshbooks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-TZ5N8N9&l=gtmDl

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion/962469797/?random=1692639184109&cv=11&fst=1692639184109&bg=ffffff&guid=ON&async=1&gtm=45He38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.freshbooks.com%2F&label=xK_0CNit6dwBEKW_-MoD&hn=www.googleadservices.com&frm=0&tiba=FreshBooks&value=0&bttype=purchase&auid=1562402423.1692639184&uamb=0&uaw=0&rfmt=3&fmt=4

Domain: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Domain: bat.bing.com
URL: https://bat.bing.com/bat.js

Domain: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Domain: t.sf14g.com
URL: https://t.sf14g.com/sf14g.js

Domain: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HZDP94KDJX&l=gtmDl&cx=c

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LNDHWTHSMK&l=gtmDl&cx=c

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LVMTGDY4G2&l=gtmDl&cx=c

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.freshbooks.com/	1970-01-20 22:56:15	Name: fb_visitor_id Value: 23616588-bf2d-4b9a-9802-654136026835
.fbot.me/	1970-01-20 23:46:39	Name: globalId Value: 43daa988-46d1-47b3-bcde-8ad7ef0f9337
my.freshbooks.com/	1969-12-31 23:59:59	Name: session Value: %7B%22authenticated%22%3A%7B%7D%2C%22oauth2-auth-code%22%3A%7B%22state%22%3A%22c1b1d3cc7fd933565a5b4c0545d4c86ff7fb06233c31af24f2e99d03%22%2C%22codeVerifier%22%3A%229533f24235245e325d979538de176f103f686f43bb69f117614fe7e9%22%7D%7D
my.freshbooks.com/	1970-01-20 14:10:40	Name: _dd_s Value: rum=0&expire=1692640083602
.freshbooks.com/	1970-01-20 16:20:15	Name: ps_mode Value: trackingV1
.freshbooks.com/	1969-12-31 23:59:59	Name: _auth_session Value: SnFVOWlHL05jRjhyd29aZGpqT3ZObFZCanQ3U0s4UHd2dFNWUFRRSVluL3BlVHZQVGF3WXA5dlZqOWtld1Nwd3BDdWRVQjZ4NzYxZkk5SHNYbEI0TjZCVGZaREFtV3hBdHhxWTFXYlpYdlZCbG95bnAvRlZMUEl4OGhSQnNNSi80U2wxLzAxcWpZU0MzZ0tlaHYwT2NCWU1nYlFYOCtxaUl1T1Rxa1oxeWI0VnZqM1gvbkNBdFZYYzEwbVM3SnVVM1Y0emJNOXhlWThwcElUMGdrWXY4NmNQaWVjRml1N2pMS294NlJZd045OUdsVmxxcXozdXZzcFFOQVZqM1p6NjV2VStFNGtZcXJiMjdEU0N2TlhkVkM3bDl1MWh3N3hIbG12T0VpWDREUzY4d0ZiMitnWStOYWJ2TXpxNzZXaUlVcWQvWVhoMVl5UkZ6MVRKaEs5bVlRPT0tLTlOMVM3UXhuRnlYMXo4U0R5dlZYMWc9PQ%3D%3D--7963ddecc61d6e276dc7daf5cce38adc69963a2b
.freshbooks.com/	1970-01-20 16:20:15	Name: _gcl_au Value: 1.1.1562402423.1692639184
secure.freshbooks.com/	1970-01-20 23:46:39	Name: thx_guid Value: 7c2c021db18f0d88617dc09ba9859204
.freshbooks.com/	1970-01-20 14:12:05	Name: _uetsid Value: c963f430404811ee834fa1fa88324bbc
.freshbooks.com/	1970-01-20 23:32:15	Name: _uetvid Value: c9642c30404811eebc82bb5a408dd4cc
.bing.com/	1970-01-20 23:32:15	Name: MUID Value: 2BF4FD854E85655C3805EEF14F5764C8
.freshbooks.com/	1970-01-20 14:12:05	Name: _gid Value: GA1.2.807315700.1692639186
.freshbooks.com/	1970-01-20 14:10:39	Name: _gat_UA-3907864-11 Value: 1
.freshbooks.com/	1970-01-20 23:46:39	Name: _ga_HZDP94KDJX Value: GS1.1.1692639185.1.0.1692639185.0.0.0
.freshbooks.com/	1970-01-20 23:46:39	Name: _ga Value: GA1.2.1804164304.1692639186
.freshbooks.com/	1970-01-20 22:56:15	Name: ga4_cid Value: 1804164304.1692639186
.freshbooks.com/	1970-01-20 14:10:40	Name: fs_lua Value: 1.1692639186064
.freshbooks.com/	1970-01-20 22:56:15	Name: fs_uid Value: #z10#c06d5192-8a1f-494f-92ff-cd30fadee4e6:4676e12f-45e9-463b-96f6-2cafb97625cb:1692639184201::2#/1724175182
.freshbooks.com/	1970-01-20 23:46:39	Name: _ga_LVMTGDY4G2 Value: GS1.1.1692639185.1.0.1692639186.0.0.0
.freshbooks.com/	1970-01-20 23:46:39	Name: _ga_LNDHWTHSMK Value: GS1.1.1692639185.1.0.1692639186.59.0.0
h.online-metrix.net/	1970-01-20 23:46:39	Name: thx_global_guid Value: 7e15bf73d6414cf7b93e083e39d823bc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fmy.freshbooks.com Message: Failed to load resource: the server responded with a status of 402 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32rts1pkzgwhnsbuqkzfcfg4rjzmzonvjkofgf6244ce8125a6cff177am1.e.aa.online-metrix.net
auth.freshbooks.com
bat.bing.com
campaign.fbot.me
cdn.pendo.io
cdn.plaid.com
connect.facebook.net
edge.fullstory.com
fonts.gstatic.com
freshbooksbot.maple.ada.support
geoip-js.com
grsm.io
h.online-metrix.net
js.maxmind.com
my.freshbooks.com
partnerlinks.io
public.fbot.me
region1.analytics.google.com
region1.google-analytics.com
rollout.maple.ada.support
rs.fullstory.com
secure.freshbooks.com
snippet.growsumo.com
static.ada.support
static.fbot.me
stats.g.doubleclick.net
t.sf14g.com
tags.srv.stackadapt.com
u2405942.ct.sendgrid.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
bat.bing.com
connect.facebook.net
t.sf14g.com
tags.srv.stackadapt.com
www.google-analytics.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
108.156.60.4
13.225.78.32
142.250.186.98
143.204.215.128
151.101.66.133
167.89.118.35
18.66.147.95
2001:4860:4802:34::36
2600:9000:2204:ee00:1f:aa31:7740:93a1
2606:4700:4400::ac40:9a92
2606:4700::6810:262f
2606:4700::6812:1f85
2606:4700::6812:346
2606:4700::6812:bd4
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c03::9c
35.186.194.58
35.201.112.186
35.244.157.255
52.222.149.104
52.222.236.68
54.165.55.94
91.235.132.130
91.235.134.131
91.235.134.25
014cc014e36da0fb8537855973715246ee444bf369e59b369589478325ad627a
016129790e7a7815a78ba4a4c40f0fc8b5dba5f323dec19e1b95a7204d80cc40
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
0d017b7536649d38429fbaf4b3963ed0733958a85aaa57371ae7b9ff88332c88
11a4a11886ec076693c55c12e1e4aed41fb968de1d59927a595b0ae55285f196
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
2703a1afe3773c851d6996f0e1818c2c2c18c2b2e5ac240aae457f31ceee88e3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
30273216be326e4262d4b789b0aedcc94582ca59e9e6ac26c4000bd3b629f10b
314c69f414daba194b23455baffcb6fb128e48d41923df589e4a0510b6dabe6e
3288fa79d993ceb088a6011012352551f8118c5ed8d6be2ea66add943b40e921
33891ed7fbd4203094882712ee8a22e11b129cdf7669c6c5f0dcffc58684f34f
3be5f4628f982858b6c58e29906e509d76131893a05ba426a661c25791d124bd
3e0b7c02a50ed36c3dcac5b12b7faef74741bfc5ccbe1f1d5cac305f10db79b6
3e75f8788b92568866a832aa88b521c1bbe63fc522896cdbbd946cfcb50cf95c
3f75d78f041783ca9a332f609a6a0623acd2d708f2c8f08be2ffe5e3f66dfc41
406d0cae7dbc494470355ad3eadd2e72e068891897d26df9e1ad039303535f97
44244633a256e57b1b71a04347e8fb97474544d4ed912a1af43b1467f2d8816f
480b49fa9e8c14a10479dd63c7672ecf36b489659e458fad02f3f25035113523
4cf770322614fb03d33c0e26a287d4a5e27bf3b182fcdcc6e6a706c3644edf66
5657f5166120f5e646a6bf67a77a8d1a7defefe756a0bda4eb91b607c0864f59
5997d14729e9f31ac6094aa9f54a1e9a938a33cd53b7d42185cd0b62125703e7
5bb249b79c0e3b578f6be52a06d8a07772edf1e3801cb345187b4b66f3f097e8
5c02ff7c4a1a8a01ceeedbfce6fac51ba2c3bd0680abe69d444c8fd2c482f9b5
60fd2cbf2d9895cc44d8c6ae2e9966547f9d7cf00cf537e2012ac44d9d847054
63c6fcb4e0dd6d63b97574ba2717220a0ceb9fe55b7d34e7ed6133eaa82d5886
6a185ca3a3d85b9ad485f2bcc1895d913c8a6977e3a93e7af018f76dbb8a3859
6a6ba9b31a0e2832b5a472b74ca0ff724de769d2fce0444705134cb0512dec0f
6a75031f422c3541904230d98ecc24f0efe6b22df5f00632bc3d066153254dc5
735af56427178134304dcf2a39a7ecdbe6c4a38bab9ab366e1ccdfb081647157
73c61c9c2bb19d907b848133fcb689aac4a5ab9ceb1c77dae1253a85bb08adb8
78faa277a20ccd46facab7b2ed62bb83a8bd0267e7fac271f985c7f8dc36dcbb
796c90dc338e79b440537d1fdad6c671cfe413f7538047ce5804350cc3ebb13b
7eca92411d70f2c3660528e17bcb88ee51615e5103bd5b0c892cf3a4884545ee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86d27245fc398afe40030d4900343dcdfe9f99eb9906ca7a8a4731586d39b69d
949996095f0922c7daa24a6b5e9b4235f952d1bd7e0b8ffcd0e64f49222989a6
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
975dad0b23b374d86f8f577f96f270f47271a15867894fb7849f21352d128b76
9777515a68097fd6f3f39afe4653ec46395edb389b4e0c1ff6e86c69f3ebf624
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1c4056d73689ffc0da2199e4655df7939cdf048ed893943f4d84f5b1aef1587
bdf7e05f94f097739c98cd47aab973192291af18e2045f53d59750fc6ea0d4eb
bf335a68f0be85a338baeeefb488bbce98e2a159a9c66f51311707e8aeadc6e1
bf702c63bf8cd67e93d12c197a8ef275a673f964d0a7bf4f739750a633946573
c8a9c808195e4d74ed6caa81981652a9f0e97180a7b5cebe730552aa08140381
ca5cf24d018715b533be05c6d924dd73e59e5e1ae048cb08071505cc2d9e7dd2
cdf5903ee5e7fbb810aab6a31a6f7efa30cdc33f7db7d8d3bcf9f44b2e522b84
d54e51da00b374d4689055f504fde0b6744b5744fd01a6d29f0793536fde1ed0
d7bbcde1da9666ff54873a8771bf051b8a252c9e4e32e65c35f23839cbe0897a
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
db4cbef6225a6267c30856d949a3926121891430cda8bd0ed61dac4207d9a7f3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9197295f5f9c1fe17cd6b03d510bf9b45e35db44f7e99b8714f53488364bafa
fd14747ef9cec67821019ba8c2b1438b6c97c0917b27b5c3f7edb52e664eb274
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

auth.freshbooks.com Open in urlscan Pro 35.244.157.255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

89 %HTTPS

50 %IPv6

25 Domains

36 Subdomains

31 IPs

3 Countries

3420 kBTransfer

13324 kBSize

21 Cookies

3 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

auth.freshbooks.com Open in urlscan Pro
35.244.157.255 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

89 %
HTTPS

50 %
IPv6

25
Domains

36
Subdomains

31
IPs

3
Countries

3420 kB
Transfer

13324 kB
Size

21
Cookies

118 HTTP transactions
0 data transactions