urlscan.io logo urlscan.io
SecurityTrails logo

www.totalfreedomsupport.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.totalfreedomsupport.com/
Effective URL: https://www.totalfreedomsupport.com/login
Submission: On August 11 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.totalfreedomsupport.com.
TLS certificate: Issued by WE1 on August 6th 2024. Valid for: 3 months.
This is the only time www.totalfreedomsupport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.33.187.32 16509 (AMAZON-02)
2 151.101.65.21 54113 (FASTLY)
4 172.67.205.15 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 13.33.187.58 16509 (AMAZON-02)
1 151.101.131.1 54113 (FASTLY)
18 9
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.totalfreedomsupport.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6812:1a8e (United States)

ASN13335 (CLOUDFLARENET, US)
assets.heightsplatform.com
1    13.33.187.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-32.fra60.r.cloudfront.net
js.stripe.com
2    151.101.65.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
4    172.67.205.15 (United States)

ASN13335 (CLOUDFLARENET, US)
myagencycoach.agency
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    13.33.187.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-58.fra60.r.cloudfront.net
js.stripe.com
1    151.101.131.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
4 myagencycoach.agency
myagencycoach.agency
246 KB
3 gstatic.com
fonts.gstatic.com
44 KB
3 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3677
t.paypal.com — Cisco Umbrella Rank: 4582
90 KB
3 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
156 KB
3 heightsplatform.com
assets.heightsplatform.com
399 KB
2 totalfreedomsupport.com
www.totalfreedomsupport.com
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
18 7
Domain Requested by
4 myagencycoach.agency www.totalfreedomsupport.com
myagencycoach.agency
3 fonts.gstatic.com fonts.googleapis.com
3 js.stripe.com www.totalfreedomsupport.com
js.stripe.com
3 assets.heightsplatform.com www.totalfreedomsupport.com
2 www.paypal.com www.totalfreedomsupport.com
www.paypal.com
2 www.totalfreedomsupport.com 1 redirects
1 t.paypal.com www.totalfreedomsupport.com
1 fonts.googleapis.com www.totalfreedomsupport.com
18 8

This site contains no links.

Subject Issuer Validity Valid
totalfreedomsupport.com
WE1		 2024-08-06 -
2024-11-04		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
heightsplatform.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-07-23 -
2024-10-24		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
myagencycoach.agency
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.totalfreedomsupport.com/login
Frame ID: AFB084B9668E9315F0DE9D93ABA81406
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-6b89a38d4a34ff9a097b22ae6e040170.html
Frame ID: 669F8EE61ABA9C7D1B6BB588759BA899
Requests: 1 HTTP requests in this frame

Frame: https://myagencycoach.agency/fe/EwkbKrjZ?domain-url=www.totalfreedomsupport.com&fpath=https://www.totalfreedomsupport.com/login
Frame ID: 27B91B49CE202C3E24B8C7CE214EEE87
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 1AA275947B979B5034A1AB14054BCB35
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Total Freedom | Login

Page URL History Show full URLs

  1. https://www.totalfreedomsupport.com/ HTTP 302
    https://www.totalfreedomsupport.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

939 kB
Transfer

2834 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.totalfreedomsupport.com/ HTTP 302
    https://www.totalfreedomsupport.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
www.totalfreedomsupport.com/
Redirect Chain
  • https://www.totalfreedomsupport.com/
  • https://www.totalfreedomsupport.com/login
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.totalfreedomsupport.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bc6a4b5da65872bc8a5d06df4a59dce8fd44083cef290f1fb70f1df0062a925
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b181ef0d8d1382e-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 11 Aug 2024 12:10:09 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723378209&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=MNoHgREoPu225jLD1cxZ6bGCzfbJDcDDJ04SMggC%2B9s%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723378209&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=MNoHgREoPu225jLD1cxZ6bGCzfbJDcDDJ04SMggC%2B9s%3D
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
c615902a-9bdc-4d92-92e1-f6836fe143d0
x-runtime
0.028210
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8b181ee92bcb382e-FRA
content-type
text/html; charset=utf-8
date
Sun, 11 Aug 2024 12:10:08 GMT
location
https://www.totalfreedomsupport.com/login
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723378208&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Rk5VPXyQJkhiyG5%2Fwt%2BiVnOeaExaBA%2B%2FzbJ24kZtwLA%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723378208&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Rk5VPXyQJkhiyG5%2Fwt%2BiVnOeaExaBA%2B%2FzbJ24kZtwLA%3D
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
79111c96-734d-46e3-afaf-2fdd91b358fe
x-runtime
0.021582
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Requested by
Host: www.totalfreedomsupport.com
URL: https://www.totalfreedomsupport.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a53224625e94e636ad6e0c7316d83ae4c2a0c9b4627906f20567ed74b02dc953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.totalfreedomsupport.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Aug 2024 12:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Aug 2024 12:10:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Aug 2024 12:10:09 GMT
application-a3ac18c3e71ee13d81b128990b5fb630cf0eb8f020dea20d812674ba88837ae9.css
assets.heightsplatform.com/assets/ 		242 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.heightsplatform.com/assets/application-a3ac18c3e71ee13d81b128990b5fb630cf0eb8f020dea20d812674ba88837ae9.css
Requested by
Host: www.totalfreedomsupport.com
URL: https://www.totalfreedomsupport.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3ac18c3e71ee13d81b128990b5fb630cf0eb8f020dea20d812674ba88837ae9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.totalfreedomsupport.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 12:10:09 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status
HIT
x-amz-cf-pop
VIE50-P1
age
5695721
x-cache
Miss from cloudfront
content-length
42334
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1717682288&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=I%2FKN05Jw9FvG2T4IE1%2FQSu6Py3tOo8jMiUMTtRi%2ByRw%3D
last-modified
Thu, 06 Jun 2024 13:49:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717682288&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=I%2FKN05Jw9FvG2T4IE1%2FQSu6Py3tOo8jMiUMTtRi%2ByRw%3D"}]}
content-type
text/css
access-control-allow-origin
https://uploads.heightsplatform.com
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
8b181ef3ba943a54-FRA
x-amz-cf-id
CrXyBgLLPuIjH5JWuLdXD8N6rWYejohnd4K7OqcfS3g-EPownZ-1sw==
expires
Fri, 07 Feb 2025 12:10:09 GMT
core-d5085c7bbbd28fcb4270928c13db1327ed015a193aa1866de61c1d5281df473b.css
assets.heightsplatform.com/assets/ 		240 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.heightsplatform.com/assets/core-d5085c7bbbd28fcb4270928c13db1327ed015a193aa1866de61c1d5281df473b.css
Requested by
Host: www.totalfreedomsupport.com
URL: https://www.totalfreedomsupport.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5085c7bbbd28fcb4270928c13db1327ed015a193aa1866de61c1d5281df473b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.totalfreedomsupport.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 12:10:09 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P4
age
2724106
x-cache
Hit from cloudfront
content-length
46141
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720650463&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=J8D1lBgYtwflWQi321fBQsFiBcpPmA5BoZcybwpYkNQ%3D
last-modified
Wed, 10 Jul 2024 21:50:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720650463&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=J8D1lBgYtwflWQi321fBQsFiBcpPmA5BoZcybwpYkNQ%3D"}]}
content-type
text/css
access-control-allow-origin
https://uploads.heightsplatform.com
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
8b181ef3ba983a54-FRA
x-amz-cf-id
XBt_OYtNcxG9hYOrwJjKuVUe6cmvE62rknwaDki7AfzGDiKGR5xdUg==
expires
Fri, 07 Feb 2025 12:10:09 GMT
/
js.stripe.com/v3/ 		637 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.totalfreedomsupport.com
URL: https://www.totalfreedomsupport.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-32.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7cd344c87b1ee30e4365d72d7c1cfd364771d612c14d2741840292cfc126ac88
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.totalfreedomsupport.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 12:09:41 GMT
content-encoding
br
via
1.1 e1af02661708034e962bd39b357a50aa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
29
x-amz-cf-pop
FRA60-P9
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 10 Aug 2024 19:43:51 GMT
server
Cloudfront
etag
W/"ac763ef25f397140f139e3eb6124100c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
fBnerGPzD-xWBVSf7lVLVfWe99nsWF5jSmbq4qNLhPL8Huo29hN5lQ==
js
www.paypal.com/sdk/ 		304 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AdUZm6mA2lFH0Zeca_2JqIUk0qyAuaFr-D1n8OjN8dD9aXsEaGAF7Sw8rF--Td32LdoLXEsdvnIFbBfz&disable-funding=card
Requested by
Host: www.totalfreedomsupport.com
URL: https://www.totalfreedomsupport.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2192a0630ccfeff28c2c34915086e4adfd5d2f571ffadadbf65529df30e1eb93
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-77BCmeg3tDZLULcmDi3/MN0MbcGoYmSIcCdL41RAvSXIn97T' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-77BCmeg3tDZLULcmDi3/MN0MbcGoYmSIcCdL41RAvSXIn97T' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.totalfreedomsupport.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-77BCmeg3tDZLULcmDi3/MN0MbcGoYmSIcCdL41RAvSXIn97T' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-77BCmeg3tDZLULcmDi3/MN0MbcGoYmSIcCdL41RAvSXIn97T' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Sun, 11 Aug 2024 12:10:10 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
p3p
true
paypal-debug-id
f542693c8365a
server-timing
"traceparent;desc="00-0000000000000000000f542693c8365a-c32f3dbdec431f4d-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
84098
x-xss-protection
1; mode=block
x-served-by
cache-lhr-egll1980044-LHR, cache-mad22054-MAD, cache-mad22054-MAD
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f542693c8365a-104f63e76067a7a0-01
x-timer
S1723378210.922978,VS0,VE599
etag
W/"14882-m+EaobPwNJrCF6/8TPV/1Dewv3k"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
application-d2462048f2535224a0b1b472b3629ebf9cd83b16330844c5e46125c3604a7e05.js
assets.heightsplatform.com/assets/ 		1 MB
311 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.heightsplatform.com/assets/application-d2462048f2535224a0b1b472b3629ebf9cd83b16330844c5e46125c3604a7e05.js
Requested by
Host: www.totalfreedomsupport.com
URL: https://www.totalfreedomsupport.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2462048f2535224a0b1b472b3629ebf9cd83b16330844c5e46125c3604a7e05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.totalfreedomsupport.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 12:10:09 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P4
age
2375035
x-cache
Hit from cloudfront
content-length
317247
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720998090&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uKCic4bm2u%2BxDG9uUmbs%2F9J6YFD6u2Dwl2Ar6FhLVf0%3D
last-modified
Sun, 14 Jul 2024 22:02:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720998090&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uKCic4bm2u%2BxDG9uUmbs%2F9J6YFD6u2Dwl2Ar6FhLVf0%3D"}]}
content-type
application/javascript
access-control-allow-origin
https://uploads.heightsplatform.com
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
8b181ef3ba9a3a54-FRA
x-amz-cf-id
aJh3Jl8BdCPJQ5G0ZjqkGoiQbBzTr_27zeKPYMoqMOYWakPNl2f_1A==
expires
Fri, 07 Feb 2025 12:10:09 GMT
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.totalfreedomsupport.com&t=xo&v=5.0.455&source=payments_sdk&client_id=AdUZm6mA2lFH0Zeca_2JqIUk0qyAuaFr-D1n8OjN8dD9aXsEaGAF7Sw8rF--Td32LdoLXEsdvnIFbBfz&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdUZm6mA2lFH0Zeca_2JqIUk0qyAuaFr-D1n8OjN8dD9aXsEaGAF7Sw8rF--Td32LdoLXEsdvnIFbBfz&disable-funding=card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a997e04353e88f40e41584ecfea025d074f355f534874f9dbe04a3bb5a5ca4d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3I2yB7rjV4/tSKRDd8IBal9j/wVyGMa8rlZ3Qn3JX6R1ulJM' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.totalfreedomsupport.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3I2yB7rjV4/tSKRDd8IBal9j/wVyGMa8rlZ3Qn3JX6R1ulJM' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Aug 2024 12:10:10 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
MISS, MISS, MISS
paypal-debug-id
f77905521af53
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4336
x-xss-protection
1; mode=block
x-served-by
cache-lhr-egll1980033-LHR, cache-mad22054-MAD, cache-mad22054-MAD
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f77905521af53-3cd5053f04093ea6-01
x-timer
S1723378211.671293,VS0,VE265
etag
W/"2fa1-jxsR74+mGy9/tfIPXuzhzw2WmKM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
embed.js
myagencycoach.agency/assets/chat/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myagencycoach.agency/assets/chat/embed.js
Requested by
Host: www.totalfreedomsupport.com
URL: https://www.totalfreedomsupport.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.205.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc71d30038f7d987a26d50bed2de2b95d7845a5d52f32d1cd9031b907a2645b8

Request headers

Referer
https://www.totalfreedomsupport.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 12:10:11 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 02 May 2024 05:51:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZhPEvXyRABP895Lne4rPXc5k3wloM0YsdW%2FMsirkNTIoFCbnxsI0QJhTLOMzxLOvsQIaRJzIumgcyLtByGETkSIN64uV6VewZr4IeYVMHYX9gtdSHMkm1gtuZtCdwrGWzQTntW7FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b181ef9bdf29754-FRA
alt-svc
h3=":443"; ma=86400
content-length
2856
expires
Sun, 11 Aug 2024 12:10:12 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.totalfreedomsupport.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:43:04 GMT
x-content-type-options
nosniff
age
422826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Aug 2025 14:43:04 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.totalfreedomsupport.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 22:32:53 GMT
x-content-type-options
nosniff
age
394637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Aug 2025 22:32:53 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.totalfreedomsupport.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:10:53 GMT
x-content-type-options
nosniff
age
370757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 05:10:53 GMT
controller-with-preconnect-6b89a38d4a34ff9a097b22ae6e040170.html
js.stripe.com/v3/ Frame 669F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-6b89a38d4a34ff9a097b22ae6e040170.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-58.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.totalfreedomsupport.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
29
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 11 Aug 2024 12:09:42 GMT
etag
"6b89a38d4a34ff9a097b22ae6e040170"
last-modified
Sat, 10 Aug 2024 19:01:33 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d6dae4153314f4d7a17919a7dd5a237c.cloudfront.net (CloudFront)
x-amz-cf-id
j9NltN09w6pGGHrz_UsIVRmvmpnoo3GjNmVhW-hrANgwB8x86myuuQ==
x-amz-cf-pop
FRA60-P9
x-cache
Hit from cloudfront
x-content-type-options
nosniff
ts
t.paypal.com/ 		42 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Total%20Freedom%20%7C%20Login&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1723378210989&g=-120&completeurl=https%3A%2F%2Fwww.totalfreedomsupport.com%2Flogin&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: www.totalfreedomsupport.com
URL: https://www.totalfreedomsupport.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.totalfreedomsupport.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sun, 11 Aug 2024 12:10:11 GMT
date
Sun, 11 Aug 2024 12:10:11 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
5b652bc4635f1
server-timing
"traceparent;desc="00-00000000000000000005b652bc4635f1-9d6f5feda68481e1-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-lhr-egll1980043-LHR, cache-mad2200106-MAD
pragma
no-cache
correlation-id
5b652bc4635f1
traceparent
00-00000000000000000005b652bc4635f1-499905256b924ab7-01
x-timer
S1723378211.195503,VS0,VE160
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
EwkbKrjZ
myagencycoach.agency/fe/ Frame 27B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://myagencycoach.agency/fe/EwkbKrjZ?domain-url=www.totalfreedomsupport.com&fpath=https://www.totalfreedomsupport.com/login
Requested by
Host: myagencycoach.agency
URL: https://myagencycoach.agency/assets/chat/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.205.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.totalfreedomsupport.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private max-age=600
cf-cache-status
DYNAMIC
cf-ray
8b181efc79ec9a23-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 11 Aug 2024 12:10:11 GMT
expires
Sun, 11 Aug 2024 12:20:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVDIvVLxR4AUtqzqaEiJdIPzJ6XVWTq17BtKsMA3M7DvXfDKiZJRZwrKtpgiaUNgyxAi8CWl%2BDbsUApMV%2F%2F5HLhvDQ9Lr9HfRna3J60wwFNGe6ZKVAxu%2BYHLG2ASuWR2rEPXQMoM1w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
img_1713242016_rw3.png
myagencycoach.agency/storage/uploads/3221/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myagencycoach.agency/storage/uploads/3221/img_1713242016_rw3.png
Requested by
Host: www.totalfreedomsupport.com
URL: https://www.totalfreedomsupport.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.205.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a13ff2c5bdfeccad01de8b0b845b0f4ac6fc0bd6b9de7d813a615fe8530d875c

Request headers

Referer
https://www.totalfreedomsupport.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 12:10:11 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2024 04:33:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
190958
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2B9w8IMNF%2Fr9y0ij9m2LIshE5O1A6Zs6kjnsqqjjnLpV342UuOpDRacMSNpZp5C9z5vqKx7bS2GjJouxM3RgMKNS8DloCloe4d2mAH3wkyaxFPVvBM9Jk4wZ2SjRzSxnrwhRRQCYrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8b181efc79c49754-FRA
alt-svc
h3=":443"; ma=86400
content-length
55397
expires
Sat, 09 Aug 2025 07:07:33 GMT
img_1713240650_yRQ.png
myagencycoach.agency/storage/uploads/3221/ 		188 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myagencycoach.agency/storage/uploads/3221/img_1713240650_yRQ.png
Requested by
Host: www.totalfreedomsupport.com
URL: https://www.totalfreedomsupport.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.205.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb307380b8de8579972ff028a9dfe31e7275283269757fb9240e64f09b5c0ed4

Request headers

Referer
https://www.totalfreedomsupport.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 12:10:11 GMT
cf-cache-status
MISS
last-modified
Tue, 16 Apr 2024 04:10:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOGLrAfPQLPJPP6ux7NxExDEjqKwwHHXKDdELoP2Hqh6%2FTbM2M%2FKr8HqZkZ7l4hqcBkdlFQGqkMz0fOZ91E36nhLT5OQU4yPtTnusriRCeWS6fLuTIwgmdA7mmInU1S%2B8KzDcr1m%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8b181efc79c79754-FRA
alt-svc
h3=":443"; ma=86400
content-length
192372
expires
Mon, 11 Aug 2025 12:10:11 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 1AA2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-58.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.totalfreedomsupport.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2371
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 11 Aug 2024 11:30:45 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Sat, 10 Aug 2024 19:01:47 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront)
x-amz-cf-id
B-K8Us49ZYAStWdzEIOuM6R0xnpXMSMsraRfdrY8WIkrvkiKNt2oqQ==
x-amz-cf-pop
FRA60-P9
x-cache
Hit from cloudfront
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkStripeJSouter function| noop function| Stripe object| __post_robot_11_0_0___uid_hjamqwvtjrjjmcmiskzzxldxgkdxxr object| paypal object| __zoid_10_3_3___uid_hjamqwvtjrjjmcmiskzzxldxgkdxxr function| _instanceof function| _typeof function| _classCallCheck function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| setScrollableSectionsHeight function| toggleFadeOut function| handlePageLoad function| validateForm function| validateField function| validateOptionalIntegerField function| displayErrors function| submitProductCreateForm function| checkPGEnrollPlan function| checkPGPaymentOption function| submitFormCourseResult function| switchLessonType function| switchProductType function| validateQuiz function| storeSidebarState function| applyStoredSidebarState function| aiProductNav function| resetFlags function| checkAndRenderMetadata function| continueScroll function| renderMetadata function| appendButtonToMetadata function| renderMetadataExpand function| addChatEventListeners function| checkEnrollPlan function| checkPaymentOption function| checkUpsellOption function| checkOrderBumpOption function| checkAuthorOption function| addVideoEmbed function| makeModule function| makeChallengeModule function| composeMessage function| togglePopoutAIChat function| updateAndHighlightChatInput object| queries object| Abraham object| wysihtml5 function| Base object| wysihtml5ParserRulesDefaults object| wysihtml5ParserRules object| wysihtml5PasteRules function| sortable function| __slice function| __indexOf object| elementsWithPersistentScrolls object| persistentScrollsPositions function| change function| ready object| ThreddedMentionAutocompletion function| readyUp boolean| eventsAttached function| quizReady boolean| formCloseWarning function| $ function| jQuery object| jQuery112404470599776255928 object| Turbolinks object| NProgress function| init function| listenForChange function| addQuery function| removeQuery function| triggerCallbacks function| addEvent function| getPreviousContext function| getContext function| _inArray function| _indexOf object| MQ object| callbacks string| context string| new_context function| Cookies object| Shepherd object| rangy object| wysihtml5ParserPasteRulesets function| moment function| tinysort function| jPlayerPlaylist function| List function| ListFuzzySearch function| Color function| Chart object| ifvisible function| timeago function| autosize function| Textcomplete object| Thredded function| ThreddedPreviewArea function| Slideout object| LocalTime object| iro function| SimpleBar function| ClipboardJS function| VanillaCalendar function| loadAcDiv function| initialize object| paypalDDL function| loadHTML function| getPath function| getFPath function| removeIframe function| replaceHtmlDynamicProps function| replaceAll function| setInitPopupStatus function| closePopup function| openPopup function| alterPopupStatus function| hasClass function| addClass function| removeClass number| width string| hostName string| injectDiv string| htmlDiv1 string| conversationDiv object| injectDivElement string| abId string| buttonImg string| buttonBg string| avtrImg string| bubbleAni string| widPosi string| htmlText string| d_buttonImg string| d_buttonBg string| d_bubbleAni string| d_widPosi string| abUrl

2 Cookies

Domain/Path Name / Value
.www.totalfreedomsupport.com/ Name: _Heights_session
Value: Nm5FdHZ0Q2JTeWlKWC9ITU5PdldsMUlxVDNHRUZJQWRIeVVQaXRpMG5wR0ZNNEpZb2pyVVFBWEsrWm5zN1FVWEpXbm8xM0VkSmxObllrWEJkdklXN1RBYWpLRm9adUU0RmM1UVJtN0MrOTl6cnFUVWFsa1RydXFSWHFxYXQ4T3NRUksydnRqN1VzczB6YTQ2bFAySENRPT0tLXR6S1ZIMHpVUzMrbzRrOG9qQjNWRlE9PQ%3D%3D--44a3458304b7c81467314d318686b59d8536a043
.heightsplatform.com/ Name: __cf_bm
Value: zsC1Fg1Nt1oTrv0wa5KZYKXYns0piGkxaqrqw9a5TZ8-1723378209-1.0.1.1-GyFewaO_8lApxSBXnh1i3MuhtIxmBHc1skIUj1IWwFMvixnu5NMXRsGl0AwUogoxFRiJWLqQCuRzWb3mXeoG3Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block