urlscan.io logo urlscan.io
SecurityTrails logo

achieve.freedomdebtrelief.com Open in urlscan Pro
2606:4700:4400::ac40:9402  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.intro.freedomdebtrelief.com/ls/click?upn=FSfL7NTdCaZ2awBonPObnOvDH5k4K927LuuG4rc-2FD8QshVLzjZP4sygFMCUrcaU6l6No-2BskGJ0XwgXU...
Effective URL: https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ...
Submission: On December 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 38 HTTP transactions. The main IP is 2606:4700:4400::ac40:9402, located in United States and belongs to CLOUDFLARENET, US. The main domain is achieve.freedomdebtrelief.com.
TLS certificate: Issued by E1 on December 16th 2022. Valid for: 3 months.
This is the only time achieve.freedomdebtrelief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.124 11377 (SENDGRID)
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
16 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.15.25 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 99.86.240.71 16509 (AMAZON-02)
1 2a00:1450:402... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.25.9 16509 (AMAZON-02)
1 13.32.110.73 16509 (AMAZON-02)
1 18.66.15.37 16509 (AMAZON-02)
2 54.77.123.157 16509 (AMAZON-02)
1 52.84.106.37 16509 (AMAZON-02)
1 54.229.132.216 16509 (AMAZON-02)
3 2600:9000:230... 16509 (AMAZON-02)
38 17
1    167.89.123.124 (Chicago, United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x124.outbound-mail.sendgrid.net
click.intro.freedomdebtrelief.com
1    2606:4700:4400::ac40:92c2 (United States)

ASN13335 (CLOUDFLARENET, US)
ffn.care
16    2606:4700:4400::ac40:9402 (United States)

ASN13335 (CLOUDFLARENET, US)
achieve.freedomdebtrelief.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.15.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-25.vie50.r.cloudfront.net
code.upscope.io
4    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    99.86.240.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-71.vie50.r.cloudfront.net
static.hotjar.com
1    2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    65.9.25.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-25-9.zag50.r.cloudfront.net
js.upscope.io
1    13.32.110.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-73.vie50.r.cloudfront.net
script.hotjar.com
1    18.66.15.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-37.vie50.r.cloudfront.net
vars.hotjar.com
2    54.77.123.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-123-157.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    52.84.106.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-106-37.bud50.r.cloudfront.net
vc.hotjar.io
1    54.229.132.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-132-216.eu-west-1.compute.amazonaws.com
ws6.hotjar.com
3    2600:9000:2304:b200:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
Apex Domain
Subdomains		 Transfer
17 freedomdebtrelief.com
click.intro.freedomdebtrelief.com
achieve.freedomdebtrelief.com
534 KB
6 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 643
script.hotjar.com — Cisco Umbrella Rank: 811
vars.hotjar.com — Cisco Umbrella Rank: 936
in.hotjar.com — Cisco Umbrella Rank: 1734
ws6.hotjar.com — Cisco Umbrella Rank: 67000
74 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
21 KB
3 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3680
77 KB
2 upscope.io
code.upscope.io — Cisco Umbrella Rank: 30395
js.upscope.io — Cisco Umbrella Rank: 43885
40 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2243
257 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6041
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
451 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
68 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 999
6 KB
1 ffn.care
ffn.care
513 B
38 12
Domain Requested by
16 achieve.freedomdebtrelief.com achieve.freedomdebtrelief.com
static.cloudflareinsights.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 images.ctfassets.net
2 in.hotjar.com script.hotjar.com
1 ws6.hotjar.com script.hotjar.com
1 vc.hotjar.io script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 js.upscope.io code.upscope.io
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.hotjar.com www.googletagmanager.com
1 code.upscope.io achieve.freedomdebtrelief.com
1 www.googletagmanager.com achieve.freedomdebtrelief.com
1 static.cloudflareinsights.com achieve.freedomdebtrelief.com
1 ffn.care 1 redirects
1 click.intro.freedomdebtrelief.com 1 redirects
38 18

This site contains no links.

Subject Issuer Validity Valid
*.freedomdebtrelief.com
E1		 2022-12-16 -
2023-03-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
upscope.io
Amazon		 2022-01-10 -
2023-02-07		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.hotjar.io
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
images.ctfassets.net
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh

This page contains 2 frames:

Primary Page: https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
Frame ID: B3E3E099D2BBC8CC2656A0AE5FCB2CE7
Requests: 38 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 97B3E1E54E6A59FBF169CE464E8BEFEF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Client Consultation

Page URL History Show full URLs

  1. http://click.intro.freedomdebtrelief.com/ls/click?upn=FSfL7NTdCaZ2awBonPObnOvDH5k4K927LuuG4rc-2FD8QshVLzjZP4sygFMCUrc... HTTP 302
    https://ffn.care/ABO8roRke?utm_campaign=f3d18e20dac4f67609fb9a33a704f172fb235bde&utm_source=s... HTTP 302
    https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d64... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

38
Requests

97 %
HTTPS

50 %
IPv6

12
Domains

18
Subdomains

17
IPs

4
Countries

822 kB
Transfer

2462 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.intro.freedomdebtrelief.com/ls/click?upn=FSfL7NTdCaZ2awBonPObnOvDH5k4K927LuuG4rc-2FD8QshVLzjZP4sygFMCUrcaU6l6No-2BskGJ0XwgXUu8kCcYeiE0o99fkK1JGyBzOmWOT14Jk6mP-2FZg3jggYhzx55hbzsBSCCK-2B9zrdZVnJKlQM2F0w1YPwCbeilmcRF8fdXOU-3Dm5Ui_0aX3M-2BQzmvuRXOonHhjGNSgleXYdGI30tJlA2pLM7TRjG5AhCSvGWdeLDnYojnJrBrwi9NtygMYSRcF0-2BZRWwE5b-2B9uld6KJ2A6woOdVq-2Fq52-2Fy-2F9ke9X9NsQA0LUeGkw-2BocTGpwc-2Fv6-2BEHChwyHSmll4QQT4ens3WCUtcp6d5pemmORkL72b1MoP8P9vdp7LsOQFgBzEcd8zZu6vT4CmDeADev4Wb2NyGbUa6uK1bc-3D HTTP 302
    https://ffn.care/ABO8roRke?utm_campaign=f3d18e20dac4f67609fb9a33a704f172fb235bde&utm_source=sg&utm_medium=email HTTP 302
    https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request discovery
achieve.freedomdebtrelief.com/
Redirect Chain
  • http://click.intro.freedomdebtrelief.com/ls/click?upn=FSfL7NTdCaZ2awBonPObnOvDH5k4K927LuuG4rc-2FD8QshVLzjZP4sygFMCUrcaU6l6No-2BskGJ0XwgXUu8kCcYeiE0o99fkK1JGyBzOmWOT14Jk6mP-2FZg3jggYhzx55hbzsBSCCK-2...
  • https://ffn.care/ABO8roRke?utm_campaign=f3d18e20dac4f67609fb9a33a704f172fb235bde&utm_source=sg&utm_medium=email
  • https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2F...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e094a49fd9b49b3d435c7408ee323af3eea65d695d2cd80fe295c37252199ced
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
77c2d5f3fc499a06-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 19 Dec 2022 20:19:54 GMT
expect-ct
max-age=0
last-modified
Thu, 20 Oct 2022 01:51:29 GMT
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
77c2d5f0bc7b9b4c-FRA
content-type
text/html; charset=utf-8
date
Mon, 19 Dec 2022 20:19:53 GMT
location
https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
2.a0325180.chunk.css
achieve.freedomdebtrelief.com/static/css/ 		7 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/static/css/2.a0325180.chunk.css
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b5d0a085872365a7dce7c12da22ddae185401c1d0b61cf27e0104e0b5418225
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 20 Oct 2022 01:51:29 GMT
server
cloudflare
etag
W/"1a8f-183f3169ce8"
x-download-options
noopen
expect-ct
max-age=0
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
77c2d5f6aa5d9a06-FRA
expires
Tue, 19 Dec 2023 20:19:54 GMT
main.0e20b7a2.chunk.css
achieve.freedomdebtrelief.com/static/css/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/static/css/main.0e20b7a2.chunk.css
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61519efe9c60d22948b7ae4db952aad15fe29cc782fd20e2f244eaf15722e08c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 20 Oct 2022 01:51:29 GMT
server
cloudflare
etag
W/"9f31-183f3169ce8"
x-download-options
noopen
expect-ct
max-age=0
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
77c2d5f6ba629a06-FRA
expires
Tue, 19 Dec 2023 20:19:54 GMT
2.8c0df93b.chunk.js
achieve.freedomdebtrelief.com/static/js/ 		1 MB
402 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/static/js/2.8c0df93b.chunk.js
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b3fcbc5abf205eea0cfa65c801a2a364790257e802e61f8eb6319d0cc2804d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 20 Oct 2022 01:51:29 GMT
server
cloudflare
etag
W/"14b519-183f3169ce8"
x-download-options
noopen
expect-ct
max-age=0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
77c2d5f6ba659a06-FRA
expires
Tue, 19 Dec 2023 20:19:54 GMT
main.1942f7a1.chunk.js
achieve.freedomdebtrelief.com/static/js/ 		175 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/static/js/main.1942f7a1.chunk.js
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35657961f9c8147c8053205c32ace32ff6a70655c6f5515ea5b7993a04533943
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 20 Oct 2022 01:51:29 GMT
server
cloudflare
etag
W/"2bd21-183f3169ce8"
x-download-options
noopen
expect-ct
max-age=0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
77c2d5f6ba679a06-FRA
expires
Tue, 19 Dec 2023 20:19:54 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
Origin
https://achieve.freedomdebtrelief.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:54 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
77c2d5f6ead59293-FRA
de832608-c1b1-4142-b49a-409b59460860
https://achieve.freedomdebtrelief.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://achieve.freedomdebtrelief.com/de832608-c1b1-4142-b49a-409b59460860
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55c288e4d391342277a2dbdbe8d7907628091a428a48951dc5e52022cdf7e88d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
7679
clientEnv
achieve.freedomdebtrelief.com/api/ 		139 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/api/clientEnv
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/static/js/2.8c0df93b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3411de2fac5b25935309cd77e98f7b5659cb40599f946fe0bd776a38e1bb2101
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
server
cloudflare
content-encoding
gzip
etag
W/"8b-1WzLpPNQbYOd1voN8Xs5iUYYw0c"
x-download-options
noopen
expect-ct
max-age=0
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
cf-ray
77c2d602fc639a06-FRA
x-xss-protection
0
rum
achieve.freedomdebtrelief.com/cdn-cgi/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://achieve.freedomdebtrelief.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
77c2d602fc749a06-FRA
lead
achieve.freedomdebtrelief.com/api/ 		2 KB
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/api/lead?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/static/js/2.8c0df93b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f22f23ed8c0ad00a39d567acb99fd71abddf5de1d4933fffab626a05d7ea03
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:57 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
server
cloudflare
content-encoding
gzip
etag
W/"949-x9Jo8m5jMYNWG4QqpyM4A2FWgpQ"
x-download-options
noopen
expect-ct
max-age=0
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
cf-ray
77c2d603fe999a06-FRA
x-xss-protection
0
content
achieve.freedomdebtrelief.com/api/ 		79 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/api/content?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D&domain=achieve.freedomdebtrelief.com&language=en-US&path=%2Fdiscovery
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/static/js/2.8c0df93b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab6281fddada900f5df2e977a2cab8de1c6e4c3485389f30e3df67287945592e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
server
cloudflare
content-encoding
gzip
etag
W/"13cfe-fv8Z2EpPNVSwz5X64sBXmXNJPHw"
x-download-options
noopen
expect-ct
max-age=0
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
cf-ray
77c2d603fe9c9a06-FRA
x-xss-protection
0
open-sans-latin-700-normal.92425c62.woff2
achieve.freedomdebtrelief.com/static/media/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/static/media/open-sans-latin-700-normal.92425c62.woff2
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/static/css/2.a0325180.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://achieve.freedomdebtrelief.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
15056
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 20 Oct 2022 01:51:29 GMT
server
cloudflare
etag
W/"3ad0-183f3169ce8"
expect-ct
max-age=0
x-download-options
noopen
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77c2d603fea19a06-FRA
expires
Tue, 19 Dec 2023 20:19:56 GMT
open-sans-latin-400-normal.f57a62e9.woff2
achieve.freedomdebtrelief.com/static/media/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/static/media/open-sans-latin-400-normal.f57a62e9.woff2
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/static/css/2.a0325180.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://achieve.freedomdebtrelief.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
14380
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 20 Oct 2022 01:51:29 GMT
server
cloudflare
etag
W/"382c-183f3169ce8"
expect-ct
max-age=0
x-download-options
noopen
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77c2d603fea99a06-FRA
expires
Tue, 19 Dec 2023 20:19:56 GMT
gtm.js
www.googletagmanager.com/ 		195 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K94RSCD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/discovery?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2f6502a2f118510f35c008a14dd981657fdc6d683f4c0514dcd04aa489cca9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68707
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Dec 2022 20:19:56 GMT
WhMqt6nFqZ.js
code.upscope.io/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://code.upscope.io/WhMqt6nFqZ.js
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/static/js/main.1942f7a1.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-25.vie50.r.cloudfront.net
Software
/
Resource Hash
96eecaecefacd488b88f3b5dbf7d5051551bc90fec87d1352d78f89f87be7ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
content-encoding
gzip
via
1.1 6c38ff4c7648bbb26bea641498fdefb0.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60,public
x-amz-cf-id
JtdCB7hdXQ_j3v7HUSMarvI_2GDhOdPX8uFYvVRQeOXIKmDBQDSVLA==
featureFlags
achieve.freedomdebtrelief.com/api/ 		491 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/api/featureFlags?token=34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%2FI4iiNUDXzzL%2FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%2FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%3D
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/static/js/2.8c0df93b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186853bf0021da9957c1bbf6325a310e073defafd8fcc39981e01654dbded3c3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
server
cloudflare
content-encoding
gzip
etag
W/"1eb-xEquNdVU3PNR6g7IOgtxcDCs2nQ"
x-download-options
noopen
expect-ct
max-age=0
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
cf-ray
77c2d6040ebf9a06-FRA
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94RSCD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Dec 2022 18:27:24 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6752
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 19 Dec 2022 20:27:24 GMT
hotjar-577772.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-577772.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94RSCD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-71.vie50.r.cloudfront.net
Software
/
Resource Hash
18890b8d85184bd4c792cacb7915ed23b25afe157199f405225f11941a5cfeea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 6efe5b6e0a48bab07dc8cc99f7fb58fe.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
etag
W/a967e4c77680b0cd25d2b88e23f5b059
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
W_KhSqSKh3BkocTjdxoeIbY8Dbm4fc9O1s--Ib8ZorWsf7ww-3qKbA==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:14:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Dec 2022 21:14:13 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131129682-3&cid=1750153890.1671481196&jid=855021819&gjid=1684519404&_gid=1642598846.1671481196&_u=aGBAiUAjBAAAAEAFK~&z=188587963
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 19 Dec 2022 20:19:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://achieve.freedomdebtrelief.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=537590099&t=pageview&_s=1&dl=https%3A%2F%2Fachieve.freedomdebtrelief.com%2Fdiscovery%3Ftoken%3D34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%252FI4iiNUDXzzL%252FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%252FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%253D&dr=&dp=%2Fdiscovery%3Ftoken%3D34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%252FI4iiNUDXzzL%252FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%252FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%253D&ul=en-us&de=UTF-8&dt=Client%20Consultation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiUAjBAAAAAAFK~&jid=855021819&gjid=1684519404&cid=1750153890.1671481196&tid=UA-131129682-3&_gid=1642598846.1671481196&gtm=2wgbu0K94RSCD&cd1=GTM-K94RSCD&cd2=75&cd3=&cd4=1671481196244.vevc3028&cd5=GA%20Page%20View%20-%20Core%20Page%20View&cd40=https%3A%2F%2Fachieve.freedomdebtrelief.com%2Fdiscovery%3Ftoken%3D34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%252FI4iiNUDXzzL%252FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%252FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%253D&cd6=1750153890.1671481196&z=1455520454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63445
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-131129682-3&cid=1750153890.1671481196&jid=855021819&_u=aGBAiUAjBAAAAEAFK~&z=948738223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Dec 2022 20:19:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-131129682-3&cid=1750153890.1671481196&jid=855021819&_u=aGBAiUAjBAAAAEAFK~&z=948738223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Dec 2022 20:19:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
upscope-2.1.17.es6.js
js.upscope.io/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.upscope.io/upscope-2.1.17.es6.js
Requested by
Host: code.upscope.io
URL: https://code.upscope.io/WhMqt6nFqZ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.25.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-25-9.zag50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3156770fe6202b5801f01cb44a7b6e982d0278ca522de4ffc76039837abed789

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
content-encoding
gzip
via
1.1 e9ebe38de33a70557cf9d9c1d7e5d11e.cloudfront.net (CloudFront)
last-modified
Sat, 10 Dec 2022 15:00:15 GMT
server
AmazonS3
x-amz-cf-pop
ZAG50-C1
age
7
etag
W/"182adff1f11cd098276547e6043730b9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000,public
x-amz-cf-id
UUkA6JKfOKVqnaUSHB4E0l2QDrizgcFLP40Y6W99np-2BJN-kx8__w==
modules.bc1117deb4413903e9ac.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-577772.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-73.vie50.r.cloudfront.net
Software
/
Resource Hash
53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 08:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
302990
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68859
last-modified
Fri, 16 Dec 2022 08:09:37 GMT
etag
"f13ff1e59c6576e6eab8ec5da41ce435"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
eFaCYhF7UCa6i1cGZCxxb7-9-9eJ3jeLXhb2oaNdrB6bDQN6J_TQ1A==
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame 97B3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-577772.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-37.vie50.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2272190
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 13:10:06 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-amz-cf-id
wwmx4gy42rDq3E9W1RbBcobRy2-lZWf0twh--r3ZqWt8rCqLbDH8Kw==
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
x-robots-tag
none
visit-data
in.hotjar.com/api/v2/client/sites/577772/ 		148 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/577772/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.123.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-123-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
577772
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/577772?s=0.25&r=0.1312719890205971
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-37.bud50.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:56 GMT
via
1.1 9d638ed0e686bb5bd14bf9c73c1b0134.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
BUD50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
BJuctmRtuOo1Au69ZWevA2s87vGqgh_VIGkajSr0QgBVlmpKfKzX9A==
content
ws6.hotjar.com/api/v2/sites/577772/recordings/ 		66 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws6.hotjar.com/api/v2/sites/577772/recordings/content
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.132.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-132-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
863867517c3262bdb23993e6048a71bcc3aa35695b0f4d954b151455f3ab928b

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 19 Dec 2022 20:19:57 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
open-sans-latin-600-normal.95264708.woff2
achieve.freedomdebtrelief.com/static/media/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/static/media/open-sans-latin-600-normal.95264708.woff2
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/static/css/2.a0325180.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://achieve.freedomdebtrelief.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:58 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
14880
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 20 Oct 2022 01:51:29 GMT
server
cloudflare
etag
W/"3a20-183f3169ce8"
expect-ct
max-age=0
x-download-options
noopen
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77c2d60f3ffe9a06-FRA
expires
Tue, 19 Dec 2023 20:19:58 GMT
freedomNetLogo.svg
images.ctfassets.net/b32zuu6bt176/2NPI7B9FLgFOzZymwweN43/395a29c2c937fd2c8ea2cb3404e02e28/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/b32zuu6bt176/2NPI7B9FLgFOzZymwweN43/395a29c2c937fd2c8ea2cb3404e02e28/freedomNetLogo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:b200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
3326c545962466a3fb88f385a11aeab929d0285d8af2977212b1fb05ba22a827

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 08:50:37 GMT
content-encoding
gzip
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
last-modified
Wed, 10 Mar 2021 16:37:23 GMT
server
Contentful Images API
x-amz-cf-pop
VIE50-P1
age
41362
etag
W/"2836945a60f880116f667b166b572957"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
0-XcHtEZGzx_qqULuiH5d7lDlLwk2QYnyOhRQwGSir6Gt8UK-xCIMg==
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d7151a4addccbab95cbf49b0605e59c7e77b6621995118d4aa7f8d2cd33c571

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=537590099&t=pageview&_s=1&dl=https%3A%2F%2Fachieve.freedomdebtrelief.com%2Fdiscovery%2Fstart%3Ftoken%3D34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%252FI4iiNUDXzzL%252FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%252FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%253D&dr=&dp=%2Fdiscovery%2Fstart%3Ftoken%3D34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%252FI4iiNUDXzzL%252FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%252FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%253D&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiUAjBAAAAEAHK~&jid=&gjid=&cid=1750153890.1671481196&tid=UA-131129682-3&_gid=1642598846.1671481196&gtm=2wgbu0K94RSCD&cd1=GTM-K94RSCD&cd2=75&cd3=&cd4=1671481197952.88ujwss&cd5=GA%20Page%20View%20-%20Virtual%20Page%20View&cd40=https%3A%2F%2Fachieve.freedomdebtrelief.com%2Fdiscovery%2Fstart%3Ftoken%3D34cfff1b4f37532d823573e3eca2068f34fd4a32d99ccdf950e89d965d6458aa980cUtwVV21qWjFZ%252FI4iiNUDXzzL%252FEPAfFZwTzhYxgp0YP509DKu0chmnt5aHqEntxd2lWWI%252FHt2AehudebNoXY6FG1DfcOwarvJrkuRn6BiOqw%253D&cd6=1750153890.1671481196&z=611939894
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Dec 2022 17:42:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9432
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fdr.svg
images.ctfassets.net/b32zuu6bt176/3u0L8kZvwyz30Wbz7Wgdrw/9c5187f8b945c76b9d214f94765d8775/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/b32zuu6bt176/3u0L8kZvwyz30Wbz7Wgdrw/9c5187f8b945c76b9d214f94765d8775/fdr.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:b200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
03547ce9baac1b6b8ef711d50584fdbb096395f4af35a836617e29cb83f1542c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:59 GMT
content-encoding
gzip
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
last-modified
Wed, 15 Sep 2021 19:22:19 GMT
server
Contentful Images API
x-amz-cf-pop
VIE50-P1
etag
W/"f2f57043e58dc0c58e91a48b255a620f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
4xJP4bFLWie1iZ0XY1IiDmXesPMpY3ZeRLkO2GbYM1Dvy5YLSYTIIw==
track
achieve.freedomdebtrelief.com/api/event/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/api/event/track
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/static/js/2.8c0df93b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Dec 2022 20:19:58 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
server
cloudflare
x-download-options
noopen
x-dns-prefetch-control
off
expect-ct
max-age=0
cf-ray
77c2d60f98c99a06-FRA
content-length
0
x-xss-protection
0
track
achieve.freedomdebtrelief.com/api/event/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://achieve.freedomdebtrelief.com/api/event/track
Requested by
Host: achieve.freedomdebtrelief.com
URL: https://achieve.freedomdebtrelief.com/static/js/2.8c0df93b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Dec 2022 20:19:58 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
server
cloudflare
x-download-options
noopen
x-dns-prefetch-control
off
expect-ct
max-age=0
cf-ray
77c2d60f98cc9a06-FRA
content-length
0
x-xss-protection
0
bg.jpg
images.ctfassets.net/b32zuu6bt176/3cp0y6fiLWKqJwSM2o1Rkz/1dc3565662e393c5a3906703d5f060bc/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/b32zuu6bt176/3cp0y6fiLWKqJwSM2o1Rkz/1dc3565662e393c5a3906703d5f060bc/bg.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:b200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
9281ccaaecdf4051ae3846349b2b1dd4530bae4067cff1b600c54c3eb5efdf37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://achieve.freedomdebtrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:10:40 GMT
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
last-modified
Mon, 13 Sep 2021 18:02:15 GMT
server
Contentful Images API
x-amz-cf-pop
VIE50-P1
age
559
etag
"a843b95a427b2478382fef216af2335c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
71533
x-amz-cf-id
I2wa4mgOMwZc67EH6U7t3EchVWtX8UgEwEtKlfyih0U2FCtotTBSzw==
ArrowLeft.42ff1634.svg
achieve.freedomdebtrelief.com/static/media/ 		222 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://achieve.freedomdebtrelief.com/static/media/ArrowLeft.42ff1634.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5417570e8de193ed66fd2d931a0a141845791e76c689f0fb5073f7b6110f271
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:19:58 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 20 Oct 2022 01:51:29 GMT
server
cloudflare
etag
W/"de-183f3169ce8"
x-download-options
noopen
expect-ct
max-age=0
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
77c2d60fa8e99a06-FRA
expires
Tue, 19 Dec 2023 20:19:58 GMT
visit-data
in.hotjar.com/api/v2/client/sites/577772/ 		148 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/577772/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.123.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-123-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 19 Dec 2022 20:19:58 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| webpackJsonpclient object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ function| setImmediate function| clearImmediate object| __cfBeacon object| dataLayer function| Upscope object| google_tag_manager boolean| include object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData string| scriptUrl object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules boolean| __upscopeIdleManagerActive

13 Cookies

Domain/Path Name / Value
.ffn.care/ Name: INGRESSCOOKIE
Value: 8e840d5621bdb50339b2e7378447eb49e6e4e376
.freedomdebtrelief.com/ Name: _ga
Value: GA1.2.1750153890.1671481196
.freedomdebtrelief.com/ Name: _gid
Value: GA1.2.1642598846.1671481196
.freedomdebtrelief.com/ Name: _dc_gtm_UA-131129682-3
Value: 1
.freedomdebtrelief.com/ Name: _upscope__region
Value: ImV1LWNlbnRyYWwi
.freedomdebtrelief.com/ Name: _hjSessionUser_577772
Value: eyJpZCI6IjFjZDYwOWFhLWM2NjMtNTg1MS1hNmNhLTcxNjRjNjI1NTY1NSIsImNyZWF0ZWQiOjE2NzE0ODExOTY4MjEsImV4aXN0aW5nIjpmYWxzZX0=
.freedomdebtrelief.com/ Name: _hjFirstSeen
Value: 1
achieve.freedomdebtrelief.com/ Name: _hjIncludedInSessionSample
Value: 1
.freedomdebtrelief.com/ Name: _hjSession_577772
Value: eyJpZCI6IjVmY2UxYzZlLTFkNzktNGRhOS1iYzBjLTU5ODU5Y2I0N2Q3YiIsImNyZWF0ZWQiOjE2NzE0ODExOTY4NTAsImluU2FtcGxlIjp0cnVlfQ==
achieve.freedomdebtrelief.com/ Name: _hjIncludedInPageviewSample
Value: 1
.freedomdebtrelief.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.freedomdebtrelief.com/ Name: _upscope__shortId
Value: IkJBSkJRU1RLRFI2MVFMQU5RIg==
achieve.freedomdebtrelief.com/ Name: ADRUM_BT
Value: R:0|g:44b92252-1965-420e-bd57-b0f39ad38677375531

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

achieve.freedomdebtrelief.com
click.intro.freedomdebtrelief.com
code.upscope.io
ffn.care
images.ctfassets.net
in.hotjar.com
js.upscope.io
script.hotjar.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
ws6.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.32.110.73
167.89.123.124
18.66.15.25
18.66.15.37
2600:9000:2304:b200:12:94b3:c380:93a1
2606:4700:4400::ac40:92c2
2606:4700:4400::ac40:9402
2606:4700::6810:3865
2a00:1450:4001:806::2004
2a00:1450:4001:827::2008
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2003
2a00:1450:4025:401::9a
52.84.106.37
54.229.132.216
54.77.123.157
65.9.25.9
99.86.240.71
03547ce9baac1b6b8ef711d50584fdbb096395f4af35a836617e29cb83f1542c
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
186853bf0021da9957c1bbf6325a310e073defafd8fcc39981e01654dbded3c3
18890b8d85184bd4c792cacb7915ed23b25afe157199f405225f11941a5cfeea
3156770fe6202b5801f01cb44a7b6e982d0278ca522de4ffc76039837abed789
3326c545962466a3fb88f385a11aeab929d0285d8af2977212b1fb05ba22a827
3411de2fac5b25935309cd77e98f7b5659cb40599f946fe0bd776a38e1bb2101
35657961f9c8147c8053205c32ace32ff6a70655c6f5515ea5b7993a04533943
53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe
55c288e4d391342277a2dbdbe8d7907628091a428a48951dc5e52022cdf7e88d
5b5d0a085872365a7dce7c12da22ddae185401c1d0b61cf27e0104e0b5418225
61519efe9c60d22948b7ae4db952aad15fe29cc782fd20e2f244eaf15722e08c
69b3fcbc5abf205eea0cfa65c801a2a364790257e802e61f8eb6319d0cc2804d
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863867517c3262bdb23993e6048a71bcc3aa35695b0f4d954b151455f3ab928b
8d7151a4addccbab95cbf49b0605e59c7e77b6621995118d4aa7f8d2cd33c571
9281ccaaecdf4051ae3846349b2b1dd4530bae4067cff1b600c54c3eb5efdf37
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96eecaecefacd488b88f3b5dbf7d5051551bc90fec87d1352d78f89f87be7ab4
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a5417570e8de193ed66fd2d931a0a141845791e76c689f0fb5073f7b6110f271
ab6281fddada900f5df2e977a2cab8de1c6e4c3485389f30e3df67287945592e
b2f22f23ed8c0ad00a39d567acb99fd71abddf5de1d4933fffab626a05d7ea03
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
e094a49fd9b49b3d435c7408ee323af3eea65d695d2cd80fe295c37252199ced
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f6502a2f118510f35c008a14dd981657fdc6d683f4c0514dcd04aa489cca9c