www.achievacu.com Open in urlscan Pro
172.66.40.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qr-codes.io/PHX6LY
Effective URL:
https://www.achievacu.com/Promo/CheckingOffer
Submission: On October 23 via manual (October 23rd 2024, 6:58:41 am UTC) from SG — Scanned from SG

Summary HTTP 101 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 26 domains to perform 101 HTTP transactions. The main IP is 172.66.40.139, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.achievacu.com. The Cisco Umbrella rank of the primary domain is 985063.
TLS certificate: Issued by WE1 on August 30th 2024. Valid for: 3 months.

This is the only time www.achievacu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.225.4.77 13.225.4.77	16509 (AMAZON-02) (AMAZON-02)
8	142.251.175.97 142.251.175.97	15169 (GOOGLE) (GOOGLE)
3	157.240.217.15 157.240.217.15	32934 (FACEBOOK) (FACEBOOK)
33	172.66.40.139 172.66.40.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	74.125.130.156 74.125.130.156	15169 (GOOGLE) (GOOGLE)
1	74.125.200.156 74.125.200.156	15169 (GOOGLE) (GOOGLE)
1	172.253.118.106 172.253.118.106	15169 (GOOGLE) (GOOGLE)
3	74.125.24.94 74.125.24.94	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	74.125.200.95 74.125.200.95	15169 (GOOGLE) (GOOGLE)
2	80.208.252.166 80.208.252.166	397964 (HYVE-MANA...) (HYVE-MANAGED-HOSTING)
1	34.29.7.32 34.29.7.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	172.253.118.104 172.253.118.104	15169 (GOOGLE) (GOOGLE)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.68.94 74.125.68.94	15169 (GOOGLE) (GOOGLE)
4	18.217.112.178 18.217.112.178	16509 (AMAZON-02) (AMAZON-02)
1	108.156.133.37 108.156.133.37	16509 (AMAZON-02) (AMAZON-02)
1	13.33.88.19 13.33.88.19	16509 (AMAZON-02) (AMAZON-02)
2	34.209.39.56 34.209.39.56	16509 (AMAZON-02) (AMAZON-02)
6 16	13.112.128.24 13.112.128.24	16509 (AMAZON-02) (AMAZON-02)
1	54.183.204.79 54.183.204.79	16509 (AMAZON-02) (AMAZON-02)
1 1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	108.156.142.128 108.156.142.128	16509 (AMAZON-02) (AMAZON-02)
3 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	74.125.130.154 74.125.130.154	15169 (GOOGLE) (GOOGLE)
1	13.35.210.111 13.35.210.111	16509 (AMAZON-02) (AMAZON-02)
1	142.251.175.100 142.251.175.100	15169 (GOOGLE) (GOOGLE)
1	142.251.175.154 142.251.175.154	15169 (GOOGLE) (GOOGLE)
2	74.125.200.154 74.125.200.154	15169 (GOOGLE) (GOOGLE)
2	157.240.217.35 157.240.217.35	32934 (FACEBOOK) (FACEBOOK)
1	74.125.200.94 74.125.200.94	15169 (GOOGLE) (GOOGLE)
1	130.211.141.45 130.211.141.45	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.157.254.31 108.157.254.31	16509 (AMAZON-02) (AMAZON-02)
1	172.253.118.99 172.253.118.99	15169 (GOOGLE) (GOOGLE)
2	54.211.52.65 54.211.52.65	14618 (AMAZON-AES) (AMAZON-AES)
1	54.219.160.88 54.219.160.88	16509 (AMAZON-02) (AMAZON-02)
101	35

1 13.225.4.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-4-77.sin52.r.cloudfront.net

qr-codes.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.175.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.217.15 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-xsp1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 172.66.40.139 (United States)

ASN13335 (CLOUDFLARENET, US)

www.achievacu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.208.252.166 (United Kingdom)

ASN397964 (HYVE-MANAGED-HOSTING, US)

www.surveycarrot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.29.7.32 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.7.29.34.bc.googleusercontent.com

js.alpixtrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.118.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.217.112.178 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-112-178.us-east-2.compute.amazonaws.com

collector-9636.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collector-34522.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.133.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-133-37.sin2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-19.sin2.r.cloudfront.net

tag.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.209.39.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-39-56.us-west-2.compute.amazonaws.com

app.leadsrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.112.128.24 (Tokyo, Japan) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-128-24.ap-northeast-1.compute.amazonaws.com

cnv.event.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.183.204.79 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-204-79.us-west-1.compute.amazonaws.com

adservices.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.142.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-142-128.sin2.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.130.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.210.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-210-111.sin2.r.cloudfront.net

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.100 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f100.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.217.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-xsp1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.141.45 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 45.141.211.130.bc.googleusercontent.com

alpixtrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.254.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-254-31.sin2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.211.52.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-52-65.compute-1.amazonaws.com

emails.achievacu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.219.160.88 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-160-88.us-west-1.compute.amazonaws.com

adservices.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	achievacu.com www.achievacu.com — Cisco Umbrella Rank: 985063 emails.achievacu.com	1 MB
16	bidr.io 6 redirects cnv.event.prod.bidr.io — Cisco Umbrella Rank: 18207	9 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	477 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192 cm.g.doubleclick.net — Cisco Umbrella Rank: 283 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	6 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 147	1 KB
4	adsrvr.org 4 redirects insight.adsrvr.org — Cisco Umbrella Rank: 945 match.adsrvr.org — Cisco Umbrella Rank: 373	2 KB
4	tvsquared.com collector-9636.us.tvsquared.com collector-34522.us.tvsquared.com	18 KB
3	brandcdn.com tag.brandcdn.com — Cisco Umbrella Rank: 17857 adservices.brandcdn.com — Cisco Umbrella Rank: 12293	3 KB
3	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 13716	1017 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	133 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	leadsrx.com app.leadsrx.com — Cisco Umbrella Rank: 11031	17 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	61 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	248 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113	72 KB
2	alpixtrack.com js.alpixtrack.com — Cisco Umbrella Rank: 39575 alpixtrack.com — Cisco Umbrella Rank: 29680	5 KB
2	surveycarrot.com www.surveycarrot.com — Cisco Umbrella Rank: 161601	1 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2279	706 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 413	2 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	30 KB
1	qr-codes.io qr-codes.io — Cisco Umbrella Rank: 513133	2 KB
0	truoptik.com Failed dmp.truoptik.com Failed
0	mdhv.io Failed jelly-v6.mdhv.io Failed
101	26

	Domain	Requested by
33	www.achievacu.com	qr-codes.io www.achievacu.com code.jquery.com
16	cnv.event.prod.bidr.io	6 redirects www.achievacu.com
8	www.googletagmanager.com	qr-codes.io www.googletagmanager.com www.achievacu.com
4	www.google.com	www.achievacu.com www.gstatic.com
3	collector-34522.us.tvsquared.com	qr-codes.io www.achievacu.com
3	www.google.com.sg	www.achievacu.com
3	td.doubleclick.net	www.googletagmanager.com
3	connect.facebook.net	qr-codes.io www.achievacu.com connect.facebook.net
2	emails.achievacu.com	www.achievacu.com
2	www.facebook.com	www.achievacu.com
2	match.adsrvr.org	2 redirects
2	insight.adsrvr.org	2 redirects
2	adservices.brandcdn.com	tag.brandcdn.com adservices.brandcdn.com
2	app.leadsrx.com	qr-codes.io app.leadsrx.com
2	maxcdn.bootstrapcdn.com	www.achievacu.com maxcdn.bootstrapcdn.com
2	www.surveycarrot.com	www.achievacu.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	alpixtrack.com	www.achievacu.com
1	www.gstatic.com	www.google.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	secure-gl.imrworldwide.com	www.achievacu.com
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	d1eoo1tco6rr5e.cloudfront.net	tag.brandcdn.com
1	tag.brandcdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	collector-9636.us.tvsquared.com	www.achievacu.com
1	fonts.gstatic.com	fonts.googleapis.com
1	js.alpixtrack.com	www.achievacu.com
1	fonts.googleapis.com	www.achievacu.com
1	cdn.jsdelivr.net	www.achievacu.com
1	code.jquery.com	www.achievacu.com
1	qr-codes.io
0	dmp.truoptik.com Failed	www.achievacu.com
0	jelly-v6.mdhv.io Failed	www.achievacu.com
101	37

This site contains links to these domains. Also see Links.

Domain
join.achievacu.com
www.referlive.com
www.youtube.com
www.instagram.com
www.facebook.com
twitter.com
www.linkedin.com
achievalife.com
itunes.apple.com
play.google.com
banking.achievacu.com

Subject Issuer	Validity	Valid
qr-codes.io Amazon RSA 2048 M02	`2023-12-18` - `2025-01-16`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-01` - `2024-10-30`	3 months	crt.sh
achievacu.com WE1	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.com.sg WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
surveycarrot.com Thawte TLS RSA CA G1	`2024-02-04` - `2025-02-10`	a year	crt.sh
alpixtrack.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-15` - `2025-03-17`	a year	crt.sh
bootstrapcdn.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M03	`2024-04-28` - `2025-05-27`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.brandcdn.com Amazon RSA 2048 M02	`2024-07-02` - `2025-07-30`	a year	crt.sh
*.leadsrx.com GeoTrust TLS ECC CA G1	`2024-05-02` - `2025-04-11`	a year	crt.sh
*.event.prod.bidr.io Amazon RSA 2048 M03	`2024-01-18` - `2025-02-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
forms.achievacu.com COMODO RSA Organization Validation Secure Server CA	`2024-07-30` - `2025-07-30`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.achievacu.com/Promo/CheckingOffer
Frame ID: C079CED533D3F0FC2660470CAD3FE930
Requests: 93 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/None?random=1729666713200&cv=11&fst=1729666713200&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fqr-codes.io%2FPHX6LY&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1620319258.1729666713&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: C458D487105F64BB55B45758714BA0CA
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fqr-codes.io
Frame ID: 4A14FDE82C37E62FB6CAF9E2266D65B4
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.achievacu.com
Frame ID: 0709C5147DB01E5AC7C2676FAAF7EE8B
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/35a0bfj/qrymo22/iframe
Frame ID: 5F49A754795F6671E2C617050B04A4F2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-4P9BSHJZQE&gacid=1812984039.1729666715&gtm=45je4ah0h1v875945907z878935305za200zb78935305&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823847&z=430193564
Frame ID: 8615D7DBB8F74EF74D3065E47AE83CAB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/952718764?random=1729666714831&cv=11&fst=1729666714831&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0h2v883174530z878935305za201zb78935305&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer&ref=https%3A%2F%2Fqr-codes.io%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1623186383.1729666715&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: CDBFD15ED40F3B2617A39821FCC51BE7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcgj4YUAAAAAHXx2pOCsryU_C7QrGaeaYdQnALM&co=aHR0cHM6Ly93d3cuYWNoaWV2YWN1LmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=no8ui9nmp04m
Frame ID: AE375817F3ACC2EB11E25F96E379B37C
Requests: 1 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/cv?aid=435208&cv_ck=9238f175-bbad-4bd5-86f6-e5a8aba524b3&m=www.achievacu.com&r=qr-codes.io
Frame ID: 9F8543848B5150234C2B2226F309003B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://qr-codes.io/PHX6LY Page URL
https://www.achievacu.com/Promo/CheckingOffer Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

101
Requests

89 %
HTTPS

0 %
IPv6

26
Domains

37
Subdomains

35
IPs

5
Countries

2223 kB
Transfer

5176 kB
Size

36
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://join.achievacu.com/store/ProductCategory?productCategoryId=AchievaCheckingAccountCategory
Title: Apply now!

Search URL Search Domain Scan URL

URL: https://www.referlive.com/achievacu/?CampaignID=33ddea8a-19ff-4bb4-8262-9b4d065f12bf
Title: $100 Refer-A-Friend

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AchievaCreditUnion

Search URL Search Domain Scan URL

URL: https://www.instagram.com/achievacreditunion

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AchievaCreditUnion

Search URL Search Domain Scan URL

URL: https://twitter.com/achievacu

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/achieva-credit-union

Search URL Search Domain Scan URL

URL: https://achievalife.com/
Title: Achieva Blog

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/achieva-credit-union/id520605410?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.achievacu.achievacu&hl=en

Search URL Search Domain Scan URL

URL: https://banking.achievacu.com/Registration
Title: CONTINUE TO REGISTRATION

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qr-codes.io/PHX6LY Page URL
https://www.achievacu.com/Promo/CheckingOffer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://jelly.mdhv.io/v1/star.gif?pid=SuWMBr5JlAdBuhEuL00D2CZtosXj&src=mh&evt=hi HTTP 307
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=SuWMBr5JlAdBuhEuL00D2CZtosXj&src=mh&tx=5112b73a-4156-4312-a9a4-74cafba885bc

Request Chain 61

https://cnv.event.prod.bidr.io/log/cnv?tag_id=870&buzz_key=dsp&value=&segment_key=dsp-13939&account_id=71&order=[ORDER]&ord=[CACHEBUSTER] HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=870&buzz_key=dsp&value=&segment_key=dsp-13939&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Request Chain 62

https://cnv.event.prod.bidr.io/log/cnv?tag_id=984&buzz_key=dsp&value=&segment_key=dsp-14105&account_id=71&order=[ORDER]&ord=[CACHEBUSTER] HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=984&buzz_key=dsp&value=&segment_key=dsp-14105&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Request Chain 63

https://cnv.event.prod.bidr.io/log/cnv?tag_id=3147&buzz_key=dsp&value=&segment_key=dsp-18371&account_id=71&order=[ORDER]&ord=[CACHEBUSTER] HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=3147&buzz_key=dsp&value=&segment_key=dsp-18371&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Request Chain 64

https://cnv.event.prod.bidr.io/log/cnv?tag_id=4379&buzz_key=dsp&value=&segment_key=dsp-21547&account_id=71&order=[ORDER]&ord=[CACHEBUSTER] HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=4379&buzz_key=dsp&value=&segment_key=dsp-21547&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Request Chain 65

https://cnv.event.prod.bidr.io/log/cnv?tag_id=1920&buzz_key=dsp&value=&segment_key=dsp-16059&account_id=71&order=[ORDER]&ord=[CACHEBUSTER] HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=1920&buzz_key=dsp&value=&segment_key=dsp-16059&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Request Chain 66

https://cnv.event.prod.bidr.io/log/cnv?tag_id=1922&buzz_key=dsp&value=&segment_key=dsp-16070&account_id=71&order=[ORDER]&ord=[CACHEBUSTER] HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=1922&buzz_key=dsp&value=&segment_key=dsp-16070&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Request Chain 71

https://jelly.mdhv.io/v1/star.gif?pid=it831NmSeY1Zhp933ikxK6inTwRx&src=mh&evt=hi HTTP 307
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=it831NmSeY1Zhp933ikxK6inTwRx&src=mh&tx=acb44b89-d972-43fe-8968-618891a16052

Request Chain 74

https://insight.adsrvr.org/tags/35a0bfj/qrymo22/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/35a0bfj/qrymo22/iframe

Request Chain 75

https://insight.adsrvr.org/track/conv/?adv=35a0bfj&ct=0:w2ju8t3&fmt=3 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6b2bb93d-582d-4192-90de-39ce24931a70&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NmIyYmI5M2QtNTgyZC00MTkyLTkwZGUtMzljZTI0OTMxYTcw&gdpr=0&gdpr_consent=&ttd_tdid=6b2bb93d-582d-4192-90de-39ce24931a70 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=6b2bb93d-582d-4192-90de-39ce24931a70&google_gid=CAESEPgJW3cbca47A3k4ki-6Xmo&google_cver=1 HTTP 302
https://dmp.truoptik.com/6d78f32846d8648c/sync.gif?fck=6b2bb93d-582d-4192-90de-39ce24931a70

Request Chain 76

https://insight.adsrvr.org/track/evnt/?adv=35a0bfj&ct=0:qrymo22&fmt=3 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6b2bb93d-582d-4192-90de-39ce24931a70&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NmIyYmI5M2QtNTgyZC00MTkyLTkwZGUtMzljZTI0OTMxYTcw&gdpr=0&gdpr_consent=&ttd_tdid=6b2bb93d-582d-4192-90de-39ce24931a70 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=6b2bb93d-582d-4192-90de-39ce24931a70&google_gid=CAESEPgJW3cbca47A3k4ki-6Xmo&google_cver=1 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=tradedesk&cg=6b2bb93d-582d-4192-90de-39ce24931a70

101 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 PHX6LY Show response
qr-codes.io/ 3 KB
2 KB 605ms
592ms Document
text/html 13.225.4.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qr-codes.io/PHX6LY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.4.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-4-77.sin52.r.cloudfront.net

Software

nginx /

Resource Hash

296bf85b2ce6face9f20d0b9e21d1bed70d95e418e772bc1ad9cd6a25193b519

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, x-csrftoken
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: https://qr-codes.io
cache-control: private, max-age=1
content-encoding: br
content-language: en
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 06:58:32 GMT
permissions-policy: geolocation=*, microphone=(), camera=()
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,Origin,Cookie,Accept-Language,Accept-Encoding
via: 1.1 708b4a14c657950f2e7357eb30093182.cloudfront.net (CloudFront)
x-amz-cf-id: 0m7nRGLkLrUvkyhLYfp-b9Q6r2OmMHc0XC5cPrWoykpQ_WWeGZQPzg==
x-amz-cf-pop: SIN52-C2
x-cache: Miss from cloudfront

GET
H2 200 js
www.googletagmanager.com/gtag/ 244 KB
89 KB 35ms
17ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-None

Requested by

Host: qr-codes.io
URL: https://qr-codes.io/PHX6LY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://qr-codes.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 06:58:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89984
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js
connect.facebook.net/en_US/ 228 KB
58 KB 23ms
6ms Script
application/x-javascript 157.240.217.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: qr-codes.io
URL: https://qr-codes.io/PHX6LY

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-xsp1.fbcdn.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://qr-codes.io/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4425, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: PWeYjCR1uubTYs7Ff79WRcMuXwiyvBRcUjiVSuYPKjU1hcP0/LQKharEGwuDN47g2NJqhnyB5+LVVt8GX9rfcw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59508
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 Primary Request CheckingOffer Show response
www.achievacu.com/Promo/ 62 KB
15 KB 277ms
255ms Document
text/html 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Promo/CheckingOffer

Requested by

Host: qr-codes.io
URL: https://qr-codes.io/PHX6LY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b7bcca201861ded324d169d7b9ffeb830bce5ce603170bf44d67a8aa59166f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qr-codes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8d6fd6dd7d25a8e5-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 06:58:33 GMT
server: cloudflare
strict-transport-security: max-age=300; includeSubDomains
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM www.refiandride.com
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/None/ 5 KB
2 KB 23ms
12ms Script
text/javascript 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/None/?random=1729666713200&cv=11&fst=1729666713200&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fqr-codes.io%2FPHX6LY&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1620319258.1729666713&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-None

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://qr-codes.io/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2286
date: Wed, 23 Oct 2024 06:58:33 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 None
td.doubleclick.net/td/rul/ Frame C458 0
0 28ms
14ms Document
text/html 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/None?random=1729666713200&cv=11&fst=1729666713200&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fqr-codes.io%2FPHX6LY&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1620319258.1729666713&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-None

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr-codes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 06:58:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET error
connect.facebook.net//log/ 0
0

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 4A14 0
0 17ms
4ms Document
text/html 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fqr-codes.io

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-None

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 116802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Oct 2024 22:31:51 GMT
expires: Tue, 21 Oct 2025 22:31:51 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a
www.googletagmanager.com/ 0
270 B 10ms
9ms Image
text/html 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=633366168&rv=4ah0&tag_exp=101533422~101686685~101823848&u=AAAAAAAAAAAAACCA&ut=Ag&h=Ag&gtm=45be4ah0za200&ccid=_AW-None&cid=AW-None&l=L642.S4.Y2.B21.E56.I643.EC6.TC1.HTC0~gtm.init.S0.V0.E37~gtm.js.S0.V0.TS5rep.TI1.TE0~*~gtm.dom.S0.V0.E33~gtm.load.S0.V0.E33~gtm.init_consent.S2.V2.E39~AWCT55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://qr-codes.io/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 23 Oct 2024 06:58:33 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 /
www.google.com/pagead/1p-user-list/None/ 42 B
64 B 42ms
10ms Image
image/gif 172.253.118.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/None/?random=1729666713200&cv=11&fst=1729663200000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fqr-codes.io%2FPHX6LY&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1620319258.1729666713&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfPFHl4xBWXxA178M9WUjopFDSKrKmdA&random=1971338203&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f106.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://qr-codes.io/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 06:58:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/None/ 42 B
455 B 46ms
12ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/None/?random=1729666713200&cv=11&fst=1729663200000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fqr-codes.io%2FPHX6LY&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1620319258.1729666713&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfPFHl4xBWXxA178M9WUjopFDSKrKmdA&random=1971338203&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://qr-codes.io/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 06:58:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 modernizr-2.8.3.js Show response
www.achievacu.com/Scripts/ 52 KB
16 KB 264ms
258ms Script
application/javascript 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Scripts/modernizr-2.8.3.js

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

012305fe18175b95942f96c5a5b89ef07e470b166679c6497712edb2dfb9e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"0fc971524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: application/javascript
last-modified: Mon, 21 Oct 2024 22:06:14 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6df183ba8e5-SIN
accept-ranges: bytes
content-length: 15852
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 24ms
4ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.achievacu.com
Referer: https://www.achievacu.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-155ed"
age: 4320640
x-cache: HIT, HIT
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 111080, 1273670
x-served-by: cache-lga21978-LGA, cache-qpg120085-QPG
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1729666713.475526,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30336
server: nginx

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/@popperjs/core@2.11.8/dist/umd/ 20 KB
7 KB 22ms
3ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.8/dist/umd/popper.min.js

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.achievacu.com
Referer: https://www.achievacu.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k"
age: 3706709
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230047-FRA, cache-qpg120111-QPG
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7110
x-jsd-version: 2.11.8

GET
H2 200 LeavingAchieva.js Show response
www.achievacu.com/Scripts/ 3 KB
2 KB 276ms
270ms Script
application/javascript 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Scripts/LeavingAchieva.js?v=3

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

714a45b7865f01ddd197153bf1cc5b4e529c18e1290ae7e4294a0e43752abf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: "0fc971524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: application/javascript
last-modified: Mon, 21 Oct 2024 22:06:14 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e39880a8e5-SIN
accept-ranges: bytes
content-length: 1428
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 css
www.achievacu.com/Content/ 441 KB
66 KB 237ms
232ms Stylesheet
text/css 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Content/css?v=kIEDyjb6bfBFDjvtD1JXl2qkEtluQ0LNFjRyKcD8XwQ1

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6855667f7a384bdf8b7ded98c23cdb7e84179d9dbaaba28b53b9b919a80b2c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 06:58:33 GMT
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 23 Oct 2024 06:58:33 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: public
x-aspnet-version: 4.0.30319
cf-ray: 8d6fd6df283fa8e5-SIN
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bootstrap Show response
www.achievacu.com/bundles/ 59 KB
22 KB 234ms
229ms Script
text/javascript 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/bundles/bootstrap?v=XLgLmu_3NGrI3pwBjLrpPlwD8wPpuG_IFXpubHdiFVs1

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8addabb1d595d4e8bd323d406da36de858941b9ea6e8009560c42d8d57936a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 06:58:33 GMT
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 06:58:33 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: public
x-aspnet-version: 4.0.30319
cf-ray: 8d6fd6df284da8e5-SIN
content-length: 22731
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 fontawesome.min.css
www.achievacu.com/Content/fontawesome/css/ 165 KB
37 KB 243ms
239ms Stylesheet
text/css 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Content/fontawesome/css/fontawesome.min.css

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edd21f8ac9857604ec4a25f1367ea7994c81610bb0d6da856337746c3ad36b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: text/css
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6df2843a8e5-SIN
accept-ranges: bytes
content-length: 37656
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 brands.min.css
www.achievacu.com/Content/fontawesome/css/ 19 KB
5 KB 278ms
274ms Stylesheet
text/css 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Content/fontawesome/css/brands.min.css

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23eebe55909f5e7b925a2dc5ae71327500d01ae042d9e1d972827b2d5eec7a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: text/css
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6df2844a8e5-SIN
accept-ranges: bytes
content-length: 4862
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 solid.min.css
www.achievacu.com/Content/fontawesome/css/ 531 B
472 B 284ms
280ms Stylesheet
text/css 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Content/fontawesome/css/solid.min.css

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d170a885c9f8f88ca4c1ee6ef7034c580152fa047268f6773424c7f027725f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: text/css
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6df2846a8e5-SIN
accept-ranges: bytes
content-length: 406
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 regular.min.css
www.achievacu.com/Content/fontawesome/css/ 539 B
474 B 710ms
706ms Stylesheet
text/css 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Content/fontawesome/css/regular.min.css

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

289375aa9b157529b2d66c28c26477fc220c9d56175991f32f740ef68c4cdc4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: text/css
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6df2847a8e5-SIN
accept-ranges: bytes
content-length: 408
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 light.min.css
www.achievacu.com/Content/fontawesome/css/ 531 B
469 B 278ms
274ms Stylesheet
text/css 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Content/fontawesome/css/light.min.css

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

772500eb614737ad61769c8ad09d8437d0433c0f46e9e55bcdc46b59d8120374

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: text/css
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6df284aa8e5-SIN
accept-ranges: bytes
content-length: 403
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 21ms
6ms Stylesheet
text/css 74.125.200.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f95.1e100.net

Software

ESF /

Resource Hash

5719eed5f00b60742446107a72a58d4cdb5cfe28323af213cd19050cff9aa57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 06:58:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 23 Oct 2024 06:33:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK image_view.js Show response
www.surveycarrot.com/js/ 520 B
705 B 809ms
245ms Script
application/javascript 80.208.252.166
HYVE-MANAGED-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.surveycarrot.com/js/image_view.js
Requested by: Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 80.208.252.166 , United Kingdom, ASN397964 (HYVE-MANAGED-HOSTING, US),
Reverse DNS
Software: Apache/2.4.61 (Unix) OpenSSL/3.0.13 mod_jk/1.2.46 /
Resource Hash: 93efd56fed68070ec0b2c4264dc90f246a8ef54daf37a2898adcac70d1289bc6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

Content-Encoding: gzip
ETag: "208-61a01db6e6ac0-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 328
Keep-Alive: timeout=5, max=100
Date: Wed, 23 Oct 2024 06:58:34 GMT
Last-Modified: Mon, 03 Jun 2024 20:05:39 GMT
Vary: Accept-Encoding
Server: Apache/2.4.61 (Unix) OpenSSL/3.0.13 mod_jk/1.2.46
Content-Type: application/javascript

GET
H2 200 featureKeys.js Show response
www.achievacu.com/Scripts/ 875 B
531 B 287ms
284ms Script
application/javascript 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Scripts/featureKeys.js

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92629e604fff7d14600ef2eace72eec61e991b1408b3f2727fa75ac5dbdc5040

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: "0fc971524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: application/javascript
last-modified: Mon, 21 Oct 2024 22:06:14 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6df284fa8e5-SIN
accept-ranges: bytes
content-length: 451
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 styles.min.css
www.achievacu.com/Content/ 176 KB
19 KB 284ms
281ms Stylesheet
text/css 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Content/styles.min.css

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cc6bbe8cccc807a22432aaf5dfc1b16a89f5e23d55aca306fa8f91a217a5955

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: text/css
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6df284ba8e5-SIN
accept-ranges: bytes
content-length: 19336
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Promo.min.css
www.achievacu.com/Content/ 225 KB
26 KB 294ms
291ms Stylesheet
text/css 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Content/Promo.min.css

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a067703325d2fcc8b524ea53cf25087e5c1a01babc336ff28590645275a23b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: text/css
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6df284ca8e5-SIN
accept-ranges: bytes
content-length: 26644
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 AchievaLogo.png
www.achievacu.com/Images/ 5 KB
5 KB 278ms
276ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/AchievaLogo.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84d20ca952751fc0a62f5744a7bf4ef25fdc211bbe096217eaf97db2f8c5e92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: "0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6df2853a8e5-SIN
accept-ranges: bytes
content-length: 5514
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Landingpage-header.jpg
www.achievacu.com/Images/Promo/ 279 KB
280 KB 488ms
486ms Image
image/jpeg 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/Promo/Landingpage-header.jpg

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4702525d1cc728c1d4908025c7e1cce6f1522d6e23dd0e68cd802c4b45bea10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:33 GMT
content-type: image/jpeg
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6df2855a8e5-SIN
accept-ranges: bytes
content-length: 286062
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ACU-bplogo-w.png
www.achievacu.com/Images/ 2 KB
2 KB 268ms
267ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/ACU-bplogo-w.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7c45c715304fb26d8b1d7988ac6cc07eff26bf1b51ec4767cf8b9271d08033

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e0eba7a8e5-SIN
accept-ranges: bytes
content-length: 1998
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 CheckingPromo-landingpage-headerbanner-mobile.jpg
www.achievacu.com/Images/Promo/ 130 KB
130 KB 384ms
384ms Image
image/jpeg 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/Promo/CheckingPromo-landingpage-headerbanner-mobile.jpg

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e18c70e07b254fd83b21dd193ed4d7f2329b8831c3e4dbfad5f0a9573e213a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/jpeg
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e29eaca8e5-SIN
accept-ranges: bytes
content-length: 133388
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 openchecking.png
www.achievacu.com/Images/Promo/ 7 KB
7 KB 298ms
292ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/Promo/openchecking.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d4dfd4b9869b9ee04af2c73bc24a8695374cf5b46025606d4ffe473edb4d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e39874a8e5-SIN
accept-ranges: bytes
content-length: 7568
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 directdeposit.png
www.achievacu.com/Images/Promo/ 7 KB
7 KB 702ms
697ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/Promo/directdeposit.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd4a550d7f561e695f232cba024353b8e7039ca80e446a82e1781a0f24507fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e39882a8e5-SIN
accept-ranges: bytes
content-length: 7193
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bonus.png
www.achievacu.com/Images/Promo/ 8 KB
8 KB 290ms
285ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/Promo/bonus.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6712e02e6e4fa62359c0c21ac0ad11a9e2a6a091e2e84d42147a99aaf7640725

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e39885a8e5-SIN
accept-ranges: bytes
content-length: 7942
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Landinpage-cardbanner.jpg
www.achievacu.com/Images/Promo/ 270 KB
271 KB 274ms
269ms Image
image/jpeg 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/Promo/Landinpage-cardbanner.jpg

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e13388a59045a23b3e266b3e953bca97fbdffa6a2d54f4c25bf4224b9c56005

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/jpeg
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e39887a8e5-SIN
accept-ranges: bytes
content-length: 276644
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 call.png
www.achievacu.com/Images/Promo/ 20 KB
20 KB 287ms
282ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/Promo/call.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47a7f2b19f54144329061efc3e56d532a89c2f17642f3d588c18c2d5f815ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e3988aa8e5-SIN
accept-ranges: bytes
content-length: 20216
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 click.png
www.achievacu.com/Images/Promo/ 18 KB
19 KB 744ms
739ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/Promo/click.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b03bd06b87ec693825a0a28d88804f156fd061208ae06525e216b7618a082315

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e3988ca8e5-SIN
accept-ranges: bytes
content-length: 18866
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 find.png
www.achievacu.com/Images/Promo/ 25 KB
25 KB 268ms
264ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/Promo/find.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b786672792a4abaf9e4d37719d33c1a0aca9bfe4a43c812271d4a8308ba877b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e3988da8e5-SIN
accept-ranges: bytes
content-length: 25495
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Footer.min.css
www.achievacu.com/Content/ 5 KB
1 KB 278ms
272ms Stylesheet
text/css 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Content/Footer.min.css

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8c4e710247fb90d64c58e9391b1a176ddb1535fa5cc6dbffeb5f9e3d46489fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: text/css
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e3987aa8e5-SIN
accept-ranges: bytes
content-length: 1109
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 App_Store_Badge.png
www.achievacu.com/Images/MenuRefresh/ 8 KB
8 KB 260ms
256ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/MenuRefresh/App_Store_Badge.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea6eb9bac75b365de366f425d5ad4f308ea1417302461402fde18bac8bacad58

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: HIT
etag: "0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e3a88ea8e5-SIN
accept-ranges: bytes
content-length: 7894
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 google-play-badge.png
www.achievacu.com/Images/MenuRefresh/ 8 KB
8 KB 264ms
260ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/MenuRefresh/google-play-badge.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b410b2179771071be066aecc8e06534b8c0774bb8048de275d0fe415d521483

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: HIT
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e3a891a8e5-SIN
accept-ranges: bytes
content-length: 8217
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ncua-icon.png
www.achievacu.com/Images/loans/ 1 KB
2 KB 293ms
289ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/loans/ncua-icon.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8cd1e033d1de420f926ce73872c8c44b8292a42367f2dc714ae904bb64054f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: REVALIDATED
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e3a893a8e5-SIN
accept-ranges: bytes
content-length: 1483
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 EqualHousing-icon.png
www.achievacu.com/Images/loans/ 897 B
966 B 269ms
266ms Image
image/png 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.achievacu.com/Images/loans/EqualHousing-icon.png

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16d0e1f6aa8fcf76c1eab59f8c32eece0a989bc22065d5df2c8c4edc2fa371fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

cf-cache-status: HIT
etag: "0e29770524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e3a895a8e5-SIN
accept-ranges: bytes
content-length: 897
x-xss-protection: 1; mode=block
server: cloudflare

GET
H/1.1 200
OK alphpixel.js Show response
js.alpixtrack.com/ 5 KB
5 KB 669ms
221ms Script
application/javascript 34.29.7.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.alpixtrack.com/alphpixel.js
Requested by: Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.29.7.32 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.7.29.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: 26b1fa79351edf039f381c8d30f0d0861746042f076c8de57179d822b8d7eacd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

Cache-Control: max-age=86400, public, no-transform
ETag: "66c84211-1331"
Connection: keep-alive
Expires: Thu, 24 Oct 2024 06:58:34 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 4913
Date: Wed, 23 Oct 2024 06:58:34 GMT
Content-Type: application/javascript
Last-Modified: Fri, 23 Aug 2024 08:02:25 GMT
Server: nginx/1.20.0

GET
H2 200 jquery.maskedinput.js Show response
www.achievacu.com/Scripts/ 10 KB
3 KB 290ms
284ms Script
application/javascript 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Scripts/jquery.maskedinput.js

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"0fc971524db1:0"
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: application/javascript
last-modified: Mon, 21 Oct 2024 22:06:14 GMT
vary: Accept-Encoding
x-frame-options: ALLOW-FROM www.refiandride.com
strict-transport-security: max-age=300; includeSubDomains
cache-control: no-cache
cf-ray: 8d6fd6e3987ea8e5-SIN
accept-ranges: bytes
content-length: 2645
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
995 B 26ms
17ms Script
text/javascript 172.253.118.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcgj4YUAAAAAHXx2pOCsryU_C7QrGaeaYdQnALM

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f104.1e100.net

Software

ESF /

Resource Hash

82f4a62b3f5eef41b1aa14e29c9aa5c37dd0c1d73f056998e6bc9ebb7af49f62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 06:58:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 23 Oct 2024 06:58:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 63ms
37ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Content/Promo.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "4fbd15cb6047af93373f4f895639c8bf"
age: 33252
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 06:58:34 GMT
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 09/26/2024 11:00:29
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 1
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 43294f738c1ec95d5e3c2324403760f9
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8d6fd6e3ca906bd5-SIN
access-control-allow-origin: *
cdn-edgestorageid: 1108
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 33ms
4ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.achievacu.com
Referer: https://fonts.googleapis.com/

Response headers

age: 520761
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 06:19:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 06:19:13 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 229ms
214ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.achievacu.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Response headers

cdn-status: 200
cf-cache-status: HIT
etag: "db812d8a70a4e88e888744c1c9a27e89"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: font/woff2
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 09/26/2024 10:54:17
cdn-cache: HIT
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8db3688c7b2087b4f23caa6d84c75d47
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8d6fd6e43ec0ce5a-SIN
accept-ranges: bytes
access-control-allow-origin: *
content-length: 66624
cdn-edgestorageid: 987
server: cloudflare
cdn-requestcountrycode: US

GET
H/1.1 200
OK tv2track.js Show response
collector-9636.us.tvsquared.com/ 20 KB
9 KB 1019ms
252ms Script
application/javascript 18.217.112.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-9636.us.tvsquared.com/tv2track.js
Requested by: Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.112.178 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-112-178.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

X-Robots-Tag: noindex
Cache-Control: max-age=600
Content-Encoding: gzip
ETag: "65d377e7-2133"
Connection: keep-alive
Expires: Wed, 23 Oct 2024 07:08:35 GMT
Accept-Ranges: bytes
Content-Length: 8499
Date: Wed, 23 Oct 2024 06:58:35 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Feb 2024 15:46:47 GMT
Server: nginx

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 228 KB
58 KB 17ms
8ms Script
application/x-javascript 157.240.217.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-xsp1.fbcdn.net

Software

Resource Hash

b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=23, mss=1232, tbw=4458, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: QGdGbUtd6aPy6+8ZQ9l3HvMA9u7D7U0kdgMyfl+avIVpNa8ExP1NfFu9FmzxvPXGhQ4pVV7y6zxLT52OqjhXAw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59508
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
74 KB 27ms
12ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P4FGW7C

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

23483d6e2e52eb63cc31fc97fb9bd6132ffe5e55ed9df034bda1664518037b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 23 Oct 2024 06:58:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 74986
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 343 KB
110 KB 38ms
25ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZG86C2

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ac022dba3bbe2b29b3c004c0fbda618bf5897956323ab0055e4e577ccff86999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 23 Oct 2024 06:58:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 112947
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 fa-brands-400.woff2
www.achievacu.com/Content/fontawesome/webfonts/ 116 KB
116 KB 263ms
260ms Font
application/font-woff2 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Content/fontawesome/webfonts/fa-brands-400.woff2

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Content/fontawesome/css/brands.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90eaa0d242c61e582c7022455227b4bab76691a5ad2fa753624ca6198910b26c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.achievacu.com
Referer: https://www.achievacu.com/Content/fontawesome/css/brands.min.css

Response headers

strict-transport-security: max-age=300; includeSubDomains
cf-cache-status: HIT
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
cf-ray: 8d6fd6e57be7a8e5-SIN
accept-ranges: bytes
content-length: 118872
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: application/font-woff2
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: ALLOW-FROM www.refiandride.com

GET
H3 200 906004136094512 Show response
connect.facebook.net/signals/config/ 82 KB
17 KB 359ms
359ms Script
application/x-javascript 157.240.217.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/906004136094512?v=2.9.173&r=stable&domain=www.achievacu.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-xsp1.fbcdn.net

Software

Resource Hash

e49d6481cd6918cdecb2ebdfbbc1df38eb72a4c24dc19f2f6b56b191faef695f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=73, mss=1232, tbw=68069, tp=66, tpl=0, uplat=354, ullat=1
pragma: public
x-fb-debug: c+QDAZW5SNvHTQr5KBxFvcwFXDIwW91IGdDXJ+W1Nu2ki715v0qOF+32piKEebWgH10ESfw/YL5SsGr9qwkGEg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET

starV6.gif
jelly-v6.mdhv.io/v1/
Redirect Chain

https://jelly.mdhv.io/v1/star.gif?pid=SuWMBr5JlAdBuhEuL00D2CZtosXj&src=mh&evt=hi
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=SuWMBr5JlAdBuhEuL00D2CZtosXj&src=mh&tx=5112b73a-4156-4312-a9a4-74cafba885bc

0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 366 KB
114 KB 32ms
31ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4P9BSHJZQE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZG86C2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

2bc8e5fec91f88f07120aad256013d3e889ddbb73fc1e7f5879c889f32e9cb4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 06:58:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 116398
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 254 KB
90 KB 15ms
15ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-952718764&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZG86C2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

5de1058e5589456f7063c122f5a6bc92788d16fc3f766719bcd6d67a189adbc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 23 Oct 2024 06:58:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92082
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-865343.js Show response
static.hotjar.com/c/ 13 KB
5 KB 579ms
552ms Script
application/javascript 108.156.133.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-865343.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZG86C2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.133.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-133-37.sin2.r.cloudfront.net

Software

Resource Hash

9d68d9838b61ca85c4b2c748b816b3250c8b98628b729e359b1a621f3d875a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/95cf5f100bb4d6f15f81db9eff2fce84
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 116da182b39d985666ed62f3630a9fe4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: Ax7zJLAl9KmCEB2h_ES5vW6562jjeyQxoB-NUBxeRUZ8NLdSOTBqcA==
date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: SIN2-P4

GET
H/1.1 200
OK tv2track.js Show response
collector-34522.us.tvsquared.com/ 20 KB
9 KB 1065ms
263ms Script
application/javascript 18.217.112.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-34522.us.tvsquared.com/tv2track.js
Requested by: Host: qr-codes.io
URL: https://qr-codes.io/PHX6LY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.112.178 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-112-178.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

X-Robots-Tag: noindex
Cache-Control: max-age=600
Content-Encoding: gzip
ETag: "65d377e7-2133"
Connection: keep-alive
Expires: Wed, 23 Oct 2024 07:08:35 GMT
Accept-Ranges: bytes
Content-Length: 8499
Date: Wed, 23 Oct 2024 06:58:35 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Feb 2024 15:46:47 GMT
Server: nginx

GET
H2 200 Achieva_Credit_Union.js Show response
tag.brandcdn.com/autoscript/achievacreditunion_vgtstk1vmxfrvfe9/ 1 KB
1 KB 46ms
11ms Script
application/javascript 13.33.88.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.brandcdn.com/autoscript/achievacreditunion_vgtstk1vmxfrvfe9/Achieva_Credit_Union.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4FGW7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-19.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 900fcc3a575d4f7ce06c6e7097a904ea8c57e52177db0172a4507fea489f2c12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

x-amz-replication-status: COMPLETED
x-amz-version-id: lXFBkNkIdmzo2TUsvhJa_nMZU9.qwRFo
etag: "dee99cace56cca3d4f5fa0d298a01de2"
age: 11832
via: 1.1 9f6f7c775068d68476f4af0ffa848d4a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1092
x-amz-cf-id: wDYdciMzS1DHo2Us7N0fiOkWOw3oSas9syLTbvN3FEsJifAMQBRcuw==
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: application/javascript
last-modified: Mon, 22 Jul 2024 18:21:21 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256

GET
H2 200 visitor.js Show response
app.leadsrx.com/ 16 KB
16 KB 642ms
210ms Script
application/javascript 34.209.39.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadsrx.com/visitor.js
Requested by: Host: qr-codes.io
URL: https://qr-codes.io/PHX6LY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.209.39.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-39-56.us-west-2.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 7e8f70f86d34990e70e0b696310775bc5c4327110a78a08cebf21fc072cab1b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

etag: "671800ce-40d1"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16593
date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Oct 2024 19:45:18 GMT
server: nginx/1.20.1

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://cnv.event.prod.bidr.io/log/cnv?tag_id=870&buzz_key=dsp&value=&segment_key=dsp-13939&account_id=71&order=[ORDER]&ord=[CACHEBUSTER]
https://cnv.event.prod.bidr.io/log/cnv?tag_id=870&buzz_key=dsp&value=&segment_key=dsp-13939&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

43 B
796 B

114ms
73ms

Image
image/gif

13.112.128.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=870&buzz_key=dsp&value=&segment_key=dsp-13939&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

HTTP/1.1

Server

13.112.128.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-112-128-24.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: image/gif
Server: gunicorn

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=870&buzz_key=dsp&value=&segment_key=dsp-13939&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Content-Length: 0
Date: Wed, 23 Oct 2024 06:58:34 GMT
Server: gunicorn
Connection: keep-alive

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://cnv.event.prod.bidr.io/log/cnv?tag_id=984&buzz_key=dsp&value=&segment_key=dsp-14105&account_id=71&order=[ORDER]&ord=[CACHEBUSTER]
https://cnv.event.prod.bidr.io/log/cnv?tag_id=984&buzz_key=dsp&value=&segment_key=dsp-14105&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

43 B
796 B

82ms
72ms

Image
image/gif

13.112.128.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=984&buzz_key=dsp&value=&segment_key=dsp-14105&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

HTTP/1.1

Server

13.112.128.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-112-128-24.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: image/gif
Server: gunicorn

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=984&buzz_key=dsp&value=&segment_key=dsp-14105&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Content-Length: 0
Date: Wed, 23 Oct 2024 06:58:34 GMT
Server: gunicorn
Connection: keep-alive

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://cnv.event.prod.bidr.io/log/cnv?tag_id=3147&buzz_key=dsp&value=&segment_key=dsp-18371&account_id=71&order=[ORDER]&ord=[CACHEBUSTER]
https://cnv.event.prod.bidr.io/log/cnv?tag_id=3147&buzz_key=dsp&value=&segment_key=dsp-18371&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

43 B
796 B

106ms
70ms

Image
image/gif

13.112.128.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=3147&buzz_key=dsp&value=&segment_key=dsp-18371&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

HTTP/1.1

Server

13.112.128.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-112-128-24.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: image/gif
Server: gunicorn

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=3147&buzz_key=dsp&value=&segment_key=dsp-18371&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Content-Length: 0
Date: Wed, 23 Oct 2024 06:58:34 GMT
Server: gunicorn
Connection: keep-alive

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://cnv.event.prod.bidr.io/log/cnv?tag_id=4379&buzz_key=dsp&value=&segment_key=dsp-21547&account_id=71&order=[ORDER]&ord=[CACHEBUSTER]
https://cnv.event.prod.bidr.io/log/cnv?tag_id=4379&buzz_key=dsp&value=&segment_key=dsp-21547&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

43 B
796 B

109ms
71ms

Image
image/gif

13.112.128.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=4379&buzz_key=dsp&value=&segment_key=dsp-21547&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

HTTP/1.1

Server

13.112.128.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-112-128-24.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: image/gif
Server: gunicorn

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=4379&buzz_key=dsp&value=&segment_key=dsp-21547&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Content-Length: 0
Date: Wed, 23 Oct 2024 06:58:34 GMT
Server: gunicorn
Connection: keep-alive

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://cnv.event.prod.bidr.io/log/cnv?tag_id=1920&buzz_key=dsp&value=&segment_key=dsp-16059&account_id=71&order=[ORDER]&ord=[CACHEBUSTER]
https://cnv.event.prod.bidr.io/log/cnv?tag_id=1920&buzz_key=dsp&value=&segment_key=dsp-16059&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

43 B
796 B

96ms
72ms

Image
image/gif

13.112.128.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=1920&buzz_key=dsp&value=&segment_key=dsp-16059&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

HTTP/1.1

Server

13.112.128.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-112-128-24.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: image/gif
Server: gunicorn

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=1920&buzz_key=dsp&value=&segment_key=dsp-16059&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Content-Length: 0
Date: Wed, 23 Oct 2024 06:58:34 GMT
Server: gunicorn
Connection: keep-alive

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://cnv.event.prod.bidr.io/log/cnv?tag_id=1922&buzz_key=dsp&value=&segment_key=dsp-16070&account_id=71&order=[ORDER]&ord=[CACHEBUSTER]
https://cnv.event.prod.bidr.io/log/cnv?tag_id=1922&buzz_key=dsp&value=&segment_key=dsp-16070&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

43 B
560 B

81ms
73ms

Image
image/gif

13.112.128.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=1922&buzz_key=dsp&value=&segment_key=dsp-16070&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

HTTP/1.1

Server

13.112.128.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-112-128-24.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: image/gif
Server: gunicorn

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=1922&buzz_key=dsp&value=&segment_key=dsp-16070&account_id=71&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Content-Length: 0
Date: Wed, 23 Oct 2024 06:58:35 GMT
Server: gunicorn
Connection: keep-alive

GET
H/1.1 200
OK cnv
cnv.event.prod.bidr.io/log/ 43 B
560 B 105ms
71ms Image
image/gif 13.112.128.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=1921&buzz_key=dsp&value=&segment_key=dsp-16061&account_id=71&order=[ORDER]&ord=[CACHEBUSTER]

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.112.128.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-112-128-24.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: image/gif
Server: gunicorn

GET
H/1.1 200
OK cnv
cnv.event.prod.bidr.io/log/ 43 B
560 B 70ms
70ms Image
image/gif 13.112.128.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=2405&buzz_key=dsp&value=&segment_key=dsp-16772&account_id=71&order=[ORDER]&ord=[CACHEBUSTER]

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.112.128.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-112-128-24.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: image/gif
Server: gunicorn

GET
H/1.1 200
OK cnv
cnv.event.prod.bidr.io/log/ 43 B
560 B 90ms
75ms Image
image/gif 13.112.128.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=1923&buzz_key=dsp&value=&segment_key=dsp-16069&account_id=71&order=[ORDER]&ord=[CACHEBUSTER]

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.112.128.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-112-128-24.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: image/gif
Server: gunicorn

GET
H/1.1 200
OK cnv
cnv.event.prod.bidr.io/log/ 43 B
560 B 72ms
72ms Image
image/gif 13.112.128.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=1924&buzz_key=dsp&value=&segment_key=dsp-16071&account_id=71&order=[ORDER]&ord=[CACHEBUSTER]

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.112.128.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-112-128-24.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: image/gif
Server: gunicorn

GET

starV6.gif
jelly-v6.mdhv.io/v1/
Redirect Chain

https://jelly.mdhv.io/v1/star.gif?pid=it831NmSeY1Zhp933ikxK6inTwRx&src=mh&evt=hi
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=it831NmSeY1Zhp933ikxK6inTwRx&src=mh&tx=acb44b89-d972-43fe-8968-618891a16052

0
0

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 0709 0
0 12ms
7ms Document
text/html 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.achievacu.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZG86C2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 06:58:34 GMT
expires: Thu, 23 Oct 2025 06:58:34 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cv_pixel.js Show response
adservices.brandcdn.com/pixel/ 2 KB
1 KB 563ms
183ms Script
text/javascript 54.183.204.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/achievacreditunion_vgtstk1vmxfrvfe9/Achieva_Credit_Union.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.204.79 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-183-204-79.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

content-encoding: gzip
etag: "613-5f9d69bae4944-gzip"
accept-ranges: bytes
content-length: 745
date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: text/javascript
last-modified: Fri, 21 Apr 2023 11:03:33 GMT
server: Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/35a0bfj/qrymo22/ Frame 5F49
Redirect Chain

https://insight.adsrvr.org/tags/35a0bfj/qrymo22/iframe
https://d1eoo1tco6rr5e.cloudfront.net/35a0bfj/qrymo22/iframe

0
0

23ms
7ms

Document
text/html

108.156.142.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/35a0bfj/qrymo22/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/achievacreditunion_vgtstk1vmxfrvfe9/Achieva_Credit_Union.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.142.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-142-128.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.achievacu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 11831
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 137
Content-Type: text/html
Date: Wed, 23 Oct 2024 06:58:34 GMT
ETag: "3dafe5564c630a63cbb061ad1fa4850f"
Last-Modified: Mon, 22 Jul 2024 18:21:06 GMT
Server: AmazonS3
Via: 1.1 894f321aaec7e16111835f5b53fa21a4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: iwltzMxKsSJeX27M3ZqfoC39YeLZagh3ZaHyV-0Bn2d7EDciC20_3g==
X-Amz-Cf-Pop: SIN2-P4
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Wed, 23 Oct 2024 06:58:34 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/35a0bfj/qrymo22/iframe

GET

sync.gif
dmp.truoptik.com/6d78f32846d8648c/
Redirect Chain

https://insight.adsrvr.org/track/conv/?adv=35a0bfj&ct=0:w2ju8t3&fmt=3
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6b2bb93d-582d-4192-90de-39ce24931a70&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NmIyYmI5M2QtNTgyZC00MTkyLTkwZGUtMzljZTI0OTMxYTcw&gdpr=0&gdpr_consent=&ttd_tdid=6b2bb93d-582d-4192-90de-39ce2...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=6b2bb93d-582d-4192-90de-39ce24931a70&google_gid=CAESEPgJW3cbca47A3k4ki-6Xmo&google_cver=1
https://dmp.truoptik.com/6d78f32846d8648c/sync.gif?fck=6b2bb93d-582d-4192-90de-39ce24931a70

0
0

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://insight.adsrvr.org/track/evnt/?adv=35a0bfj&ct=0:qrymo22&fmt=3
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6b2bb93d-582d-4192-90de-39ce24931a70&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NmIyYmI5M2QtNTgyZC00MTkyLTkwZGUtMzljZTI0OTMxYTcw&gdpr=0&gdpr_consent=&ttd_tdid=6b2bb93d-582d-4192-90de-39ce2...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=6b2bb93d-582d-4192-90de-39ce24931a70&google_gid=CAESEPgJW3cbca47A3k4ki-6Xmo&google_cver=1
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=tradedesk&cg=6b2bb93d-582d-4192-90de-39ce24931a70

44 B
706 B

31ms
7ms

Image
image/gif

13.35.210.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ci=tradedesk&cg=6b2bb93d-582d-4192-90de-39ce24931a70
Requested by: Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer
Protocol: H2
Server: 13.35.210.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-210-111.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

access-control-allow-methods: POST, OPTIONS
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
x-amz-cf-id: GDMIdCfBGhYqgVdUHXQUdrKn3hwnOJIU2jCBgKonraapQN4ITqlohA==
date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: image/gif
cache-control: no-cache
pragma: no-cache
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy: cross-origin
via: 1.1 648bf8e8366397a98c91333f56939e5c.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 44
x-amz-cf-pop: SIN2-P7
server: nginx

Redirect headers

location: https://secure-gl.imrworldwide.com/cgi-bin/m?ci=tradedesk&cg=6b2bb93d-582d-4192-90de-39ce24931a70
content-length: 225
date: Wed, 23 Oct 2024 06:58:35 GMT
server: Kestrel

POST
H2 204 collect
analytics.google.com/g/ 0
0 21ms
5ms Fetch
text/plain 142.251.175.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-4P9BSHJZQE&gtm=45je4ah0h1v875945907z878935305za200zb78935305&_p=1729666714450&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101823847&cid=1812984039.1729666715&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1729666714&sct=1&seg=0&dl=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer&dr=https%3A%2F%2Fqr-codes.io%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1603
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4P9BSHJZQE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.100 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f100.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.achievacu.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 06:58:34 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 19ms
5ms Ping
text/plain 142.251.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4P9BSHJZQE&cid=1812984039.1729666715&gtm=45je4ah0h1v875945907z878935305za200zb78935305&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685~101823847
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4P9BSHJZQE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.achievacu.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 8615 0
0 20ms
14ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-4P9BSHJZQE&gacid=1812984039.1729666715&gtm=45je4ah0h1v875945907z878935305za200zb78935305&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823847&z=430193564

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4P9BSHJZQE&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.achievacu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 06:58:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 19ms
8ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4P9BSHJZQE&cid=1812984039.1729666715&gtm=45je4ah0h1v875945907z878935305za200zb78935305&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685~101823847&tag_exp=101686685~101823847&z=1001839354

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 06:58:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/952718764/ 5 KB
2 KB 26ms
16ms Script
text/javascript 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952718764/?random=1729666714831&cv=11&fst=1729666714831&bg=ffffff&guid=ON&async=1&gtm=45be4al0h2v883174530z878935305za201zb78935305&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer&ref=https%3A%2F%2Fqr-codes.io%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1623186383.1729666715&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-952718764&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

cafe /

Resource Hash

14235c081af42ef2d9ff49635cbc8aefa648acc6379d32940e9cad2eef415861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2347
date: Wed, 23 Oct 2024 06:58:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 952718764
td.doubleclick.net/td/rul/ Frame CDBF 0
0 18ms
17ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/952718764?random=1729666714831&cv=11&fst=1729666714831&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0h2v883174530z878935305za201zb78935305&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer&ref=https%3A%2F%2Fqr-codes.io%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1623186383.1729666715&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-952718764&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.achievacu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 06:58:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 22ms
5ms Image
text/plain 157.240.217.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=906004136094512&ev=PageView&dl=https%3A%2F%2Fwww.achievacu.com&rl=https%3A%2F%2Fqr-codes.io&if=false&ts=1729666714934&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4124&fbp=fb.1.1729666714930.449381844495350534&cs_est=true&pm=1&hrl=e92a35&ler=other&cdl=API_unavailable&it=1729666714516&coo=false&cs_cc=1&cas=8387055718022634%2C7295361227253344%2C6238535376184842%2C4057462860968943%2C4312299868800157&rqm=GET

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-xsp1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1380, tbw=2958, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 233ms
217ms Image
image/png 157.240.217.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=906004136094512&ev=PageView&dl=https%3A%2F%2Fwww.achievacu.com&rl=https%3A%2F%2Fqr-codes.io&if=false&ts=1729666714934&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4124&fbp=fb.1.1729666714930.449381844495350534&cs_est=true&pm=1&hrl=e92a35&ler=other&cdl=API_unavailable&it=1729666714516&coo=false&cs_cc=1&cas=8387055718022634%2C7295361227253344%2C6238535376184842%2C4057462860968943%2C4312299868800157&rqm=FGET

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-xsp1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428861974929297694"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: j+fhFpdWnn2iO1TYPp9mi5FerwXOWylzvkdClAZq41XFgtOLDwO0qXs9WD1Ki1iNj6arJLutjKvG046SsPyg+A==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428861974929297694", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1380, tbw=3275, tp=-1, tpl=-1, uplat=212, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H/1.1 200
OK index2.jspx
www.surveycarrot.com/ 0
324 B 256ms
255ms Image
text/html 80.208.252.166
HYVE-MANAGED-HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.surveycarrot.com/index2.jspx?/PI7AAC2L58/images&quotes=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer
Requested by: Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 80.208.252.166 , United Kingdom, ASN397964 (HYVE-MANAGED-HOSTING, US),
Reverse DNS
Software: Apache/2.4.61 (Unix) OpenSSL/3.0.13 mod_jk/1.2.46 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Date: Wed, 23 Oct 2024 06:58:35 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Server: Apache/2.4.61 (Unix) OpenSSL/3.0.13 mod_jk/1.2.46

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 544 KB
216 KB 14ms
5ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcgj4YUAAAAAHXx2pOCsryU_C7QrGaeaYdQnALM

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.achievacu.com
Referer: https://www.achievacu.com/

Response headers

content-encoding: gzip
age: 522052
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:57:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 05:57:43 GMT
last-modified: Mon, 14 Oct 2024 18:32:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220736
x-xss-protection: 0
server: sffe

GET
H2 200 _ApptView Show response
www.achievacu.com/Appointments/ 261 B
293 B 241ms
241ms XHR
text/html 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/Appointments/_ApptView?date=10%2F23%2F2024%2012%3A00%3A00%20AM&branchName=%20--%20

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.7.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c041cd394fa0690aaf39956672f03fc2e8f92aefc7a9ba82c5fe01b99e332e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.achievacu.com/Promo/CheckingOffer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: text/html, */*; q=0.01

Response headers

strict-transport-security: max-age=300; includeSubDomains
cache-control: private
x-aspnet-version: 4.0.30319
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8d6fd6e8b998a8e5-SIN
x-ua-compatible: IE=Edge
date: Wed, 23 Oct 2024 06:58:35 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
server: cloudflare
x-frame-options: ALLOW-FROM www.refiandride.com

GET
H/1.1 200
OK ord=1729666715081
alpixtrack.com/ad/ 35 B
271 B 668ms
221ms Image
image/gif 130.211.141.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alpixtrack.com/ad/ord=1729666715081?prd=web&defer=&cust=1960654-539-WTSP&event_type=visit&version=0.1.2&utm_source=unk&utm_mdm=unk&url=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer&title=&sess_status=st&sess=1729667331827&ref=https%3A%2F%2Fqr-codes.io%2F
Requested by: Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.141.45 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.141.211.130.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: 3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

ETag: "560c609e-23"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 35
Date: Wed, 23 Oct 2024 06:58:35 GMT
Content-Type: image/gif
Vary: Origin
Server: nginx/1.20.0

GET
H2 200 modules.02161fb4f8ebb73fb3f8.js Show response
script.hotjar.com/ 225 KB
56 KB 23ms
5ms Script
application/javascript 108.157.254.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-865343.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.254.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-254-31.sin2.r.cloudfront.net

Software

Resource Hash

3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "dec0c1b6789c165b6cb6404022b9d8ab"
age: 773548
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: -aAM5HL2YuGaW1b2Uv6E7FtBP3Y-kZdDmTr9UdSfLwF3Ud78I7-O2Q==
date: Mon, 14 Oct 2024 08:06:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 08:05:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 9683b5745ef5870755379e861e3a7520.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56680
x-amz-cf-pop: SIN2-P3

GET
H3 200 /
www.google.com/pagead/1p-user-list/952718764/ 42 B
64 B 12ms
11ms Image
image/gif 172.253.118.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/952718764/?random=1729666714831&cv=11&fst=1729663200000&bg=ffffff&guid=ON&async=1&gtm=45be4al0h2v883174530z878935305za201zb78935305&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer&ref=https%3A%2F%2Fqr-codes.io%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1623186383.1729666715&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf9gB_cMn8lsTpU9V9eiwx8rOyeRdT97vKNedmdv4qhD1yRhLH&random=2338380821&rmt_tld=0&ipr=y

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 06:58:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/952718764/ 42 B
154 B 16ms
13ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/952718764/?random=1729666714831&cv=11&fst=1729663200000&bg=ffffff&guid=ON&async=1&gtm=45be4al0h2v883174530z878935305za201zb78935305&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer&ref=https%3A%2F%2Fqr-codes.io%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1623186383.1729666715&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf9gB_cMn8lsTpU9V9eiwx8rOyeRdT97vKNedmdv4qhD1yRhLH&random=2338380821&rmt_tld=1&ipr=y

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 06:58:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame AE37 0
0 26ms
23ms Document
text/html 172.253.118.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcgj4YUAAAAAHXx2pOCsryU_C7QrGaeaYdQnALM&co=aHR0cHM6Ly93d3cuYWNoaWV2YWN1LmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=no8ui9nmp04m

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f99.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zFY6T8ui4QQHIFrcMAZTPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.achievacu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zFY6T8ui4QQHIFrcMAZTPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 06:58:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 visitor.php Show response
app.leadsrx.com/ 94 B
527 B 286ms
285ms XHR
text/html 34.209.39.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.leadsrx.com/visitor.php?acctTag=tdidjy77010&tz=-480&ref=https%3A%2F%2Fqr-codes.io%2F&u=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer&t=&lc=null&anon=0&vin=null

Requested by

Host: app.leadsrx.com
URL: https://app.leadsrx.com/visitor.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.209.39.56 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-39-56.us-west-2.compute.amazonaws.com

Software

nginx/1.20.1 / PHP/5.6.40

Resource Hash

b3c6d1d84f1e890e5c67e5400714dee0093e35a9192e84a0402e17d41a49f20c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://www.achievacu.com/

Response headers

access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.achievacu.com
date: Wed, 23 Oct 2024 06:58:35 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/5.6.40
server: nginx/1.20.1
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK tv2track.php
collector-34522.us.tvsquared.com/ 42 B
276 B 450ms
263ms Image
image/gif 18.217.112.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-34522.us.tvsquared.com/tv2track.php?action_name=&idsite=TV-6354457272-1&rec=1&r=493121&h=14&m=58&s=35&url=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer&urlref=https%3A%2F%2Fqr-codes.io%2F&_id=c1b20c7ffdf987a9&_idts=1729666715&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=258
Requested by: Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.112.178 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-112-178.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

Request-Id: a9fb2f91-6c0a-4f97-a938-abc0f9577dbf
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Date: Wed, 23 Oct 2024 06:58:35 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK tv2track.php
collector-34522.us.tvsquared.com/ 42 B
276 B 713ms
262ms Image
image/gif 18.217.112.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-34522.us.tvsquared.com/tv2track.php?action_name=&idsite=TV-6354457272-1&rec=1&r=245442&h=14&m=58&s=35&url=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer&urlref=https%3A%2F%2Fqr-codes.io%2F&_id=c1b20c7ffdf987a9&_idts=1729666715&_idvc=0&_idn=0&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=258
Requested by: Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.112.178 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-112-178.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

Request-Id: 9007167d-72e3-4ca7-acd4-0d26ad9b5a8a
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Date: Wed, 23 Oct 2024 06:58:36 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK frs-next.js Show response
emails.achievacu.com/js/ 4 KB
5 KB 745ms
240ms Script
application/javascript 54.211.52.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://emails.achievacu.com/js/frs-next.js

Requested by

Host: www.achievacu.com
URL: https://www.achievacu.com/Promo/CheckingOffer

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.211.52.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-211-52-65.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d423469939357099f36c34eee57442fa57084d71e5cda7f58c6b3ca5e3361948

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'unsafe-inline' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline'; img-src ; style-src 'unsafe-inline'; font-src *; frame-src 'self' https://www.google.com/recaptcha/; form-action 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'none'; script-src 'unsafe-inline' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline'; img-src *; style-src * 'unsafe-inline'; font-src *; frame-src 'self' https://www.google.com/recaptcha/; form-action 'self'
ETag: "c260f9cf1de4da1:0"
Connection: keep-alive
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 4465
Date: Wed, 23 Oct 2024 06:58:36 GMT
Content-Type: application/javascript
Last-Modified: Thu, 01 Aug 2024 14:19:25 GMT
Server: nginx

GET
H2 200 cv
adservices.brandcdn.com/pixel/ Frame 9F85 0
0 547ms
184ms Document
text/html 54.219.160.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv?aid=435208&cv_ck=9238f175-bbad-4bd5-86f6-e5a8aba524b3&m=www.achievacu.com&r=qr-codes.io
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.160.88 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-219-160-88.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.achievacu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1137
content-location: cv.html
content-type: text/html
date: Wed, 23 Oct 2024 06:58:36 GMT
etag: "1002-5f9d69bae4944;5f9d69bae4944
last-modified: Fri, 21 Apr 2023 11:03:33 GMT
server: Apache/2.4.52 (Ubuntu)
tcn: choice
vary: negotiate,Accept-Encoding

GET
H2 200 favicon.ico
www.achievacu.com/images/ 1 KB
903 B 255ms
254ms Other
image/x-icon 172.66.40.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.achievacu.com/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d3a435832ac4a96f959e147f225c152b95d10df5ea508e426b7cfbb46d6663

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM www.refiandride.com
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/Promo/CheckingOffer

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-encoding: br
cf-cache-status: HIT
etag: W/"0e29770524db1:0"
x-content-type-options: nosniff
cf-ray: 8d6fd6f5083aa8e5-SIN
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block
date: Wed, 23 Oct 2024 06:58:37 GMT
content-type: image/x-icon
last-modified: Mon, 21 Oct 2024 22:06:12 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: ALLOW-FROM www.refiandride.com

GET
H/1.1 200
OK web-next.gif
emails.achievacu.com/ 49 B
1007 B 277ms
277ms Image
images/gif 54.211.52.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emails.achievacu.com/web-next.gif?&v=js2.1&cid=98105&cke=&u=https%3A%2F%2Fwww.achievacu.com%2FPromo%2FCheckingOffer&t=&l=en-SG&je=&re=1600x1200&cd=24&pd=24&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&ref=https%3A%2F%2Fqr-codes.io%2F&h=E&tz=UTC%2B0800&jsv=1.3&ss=d30dbf07-2fed-4279-9b4f-c03f2787c29c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.211.52.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-211-52-65.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8c8cb3e3e555ee218e51b16a7c33fa44957f35ec1909701633756306a3fa4fc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'unsafe-inline' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline'; img-src ; style-src 'unsafe-inline'; font-src *; frame-src 'self' https://www.google.com/recaptcha/; form-action 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.achievacu.com/

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'none'; script-src 'unsafe-inline' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline'; img-src *; style-src * 'unsafe-inline'; font-src *; frame-src 'self' https://www.google.com/recaptcha/; form-action 'self'
Cache-Control: private
Connection: keep-alive
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 49
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Date: Wed, 23 Oct 2024 06:58:37 GMT
Content-Type: images/gif
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: https://connect.facebook.net//log/error?p=pixel&v=2.9.173&e=Error%3A%20You%20are%20sending%20a%20non-standard%20event%20%27BeaconstacQRScan%27.%20The%20preferred%20way%20to%20send%20these%20events%20is%20using%20trackCustom.%20See%20%27https%3A%2F%2Fdevelopers.facebook.com%2Fdocs%2Fads-for-websites%2Fpixel-events%2F%23events%27%20for%20more%20information.&s=Error%3A%20You%20are%20sending%20a%20non-standard%20event%20%27BeaconstacQRScan%27.%20The%20preferred%20way%20to%20send%20these%20events%20is%20using%20trackCustom.%20See%20%27https%3A%2F%2Fdevelopers.facebook.com%2Fdocs%2Fads-for-websites%2Fpixel-events%2F%23events%27%20for%20more%20information.%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A134%3A5094)%0A%20%20%20%20at%20Object.r%20%5Bas%20validateEventAndLog%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A30%3A2158)%0A%20%20%20%20at%20Function.ra%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A309%3A8571)%0A%20%20%20%20at%20Function.Z%20%5Bas%20callMethod%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A309%3A2651)%0A%20%20%20%20at%20Aa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A309%3A11867)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A309%3A11903%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A98%3A447%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A240%3A1773)%0A%20%20%20%20at%20each%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A240%3A3319)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A98%3A410)&ue=1&rs=stable&rqm=FGET

Domain: jelly-v6.mdhv.io
URL: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=SuWMBr5JlAdBuhEuL00D2CZtosXj&src=mh&tx=5112b73a-4156-4312-a9a4-74cafba885bc

Domain: jelly-v6.mdhv.io
URL: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=it831NmSeY1Zhp933ikxK6inTwRx&src=mh&tx=acb44b89-d972-43fe-8968-618891a16052

Domain: dmp.truoptik.com
URL: https://dmp.truoptik.com/6d78f32846d8648c/sync.gif?fck=6b2bb93d-582d-4192-90de-39ce24931a70

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 04:46:58	Name: _GRECAPTCHA Value: 09AGteOyo1eYtQVD0TN7TTYw4Qg-6PL7jAgbPF0iyJ36Qn_zFxfiBm1GY8AyWnChUKi0kZT4Dwu_04Gw1aWGnDmUY
qr-codes.io/	1970-01-21 09:13:22	Name: visitor-id Value: 1729666712PIuE5S
qr-codes.io/	1970-01-21 00:27:50	Name: mappable_id Value: 1729666712PIuE5S_1729666712
qr-codes.io/	1970-01-21 00:27:47	Name: access_token Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtYXBwYWJsZUlEIjoiMTcyOTY2NjcxMlBJdUU1U18xNzI5NjY2NzEyIiwidGltZXN0YW1wIjoxNzI5NjY2NzEyODkxLCJpYXQiOjE3Mjk2NjY2ODIsImV4cCI6MTcyOTY2NzAxMn0.DLTVT5XDhLywaAr7EkQxtuUWHzlzl6HAsk2G8KXZ-xU
.qr-codes.io/	1970-01-21 02:37:22	Name: _gcl_au Value: 1.1.1620319258.1729666713
www.achievacu.com/	1969-12-31 23:59:59	Name: achievaweb Value: ffffffffc3a0e07845525d5f4f58455e445a4a423660
.achievacu.com/	1970-01-21 02:37:22	Name: _gcl_au Value: 1.1.1623186383.1729666715
.adsrvr.org/	1970-01-21 09:13:22	Name: TDID Value: 6b2bb93d-582d-4192-90de-39ce24931a70
.achievacu.com/	1970-01-21 10:03:46	Name: _ga_4P9BSHJZQE Value: GS1.1.1729666714.1.0.1729666714.60.0.0
.achievacu.com/	1970-01-21 10:03:46	Name: _ga Value: GA1.1.1812984039.1729666715
.doubleclick.net/	1970-01-21 10:03:46	Name: IDE Value: AHWqTUn60rgnxrb1MVbnLB1xCUBgUa7SP4zbkC-R_8s5eMk_JPA-ejSen0ptXaYY
.achievacu.com/	1970-01-21 02:37:22	Name: _fbp Value: fb.1.1729666714930.449381844495350534
.bidr.io/	1970-01-21 09:56:20	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-21 09:56:20	Name: bito Value: AAMZy07OMT0AADNC-Kj3rA
.rubiconproject.com/	1970-01-21 09:13:22	Name: audit_p Value: 1\|9hp2fq1FnUVOLtFuKSyDV84i9M7RD6WRChnrmvTakuzFB4DxNNXMYjwC+2Pc4jQaboKP3PFO7scwHTRO1/p4iHX0qfg68IpFQAPcN3ARK84g/c0LOmNgCoMhgs4cGSO51A+Nc+RhRV5CD/o/T8vcFDD3u85/lcl9s7sF0pl54AzREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.rubiconproject.com/	1970-01-21 09:13:22	Name: khaos Value: M2LIWIZW-17-A5CH
.rubiconproject.com/	1970-01-21 09:13:22	Name: khaos_p Value: M2LIWIZW-17-A5CH
.rubiconproject.com/	1970-01-21 09:13:22	Name: audit Value: 1\|9hp2fq1FnUVOLtFuKSyDV84i9M7RD6WRChnrmvTakuzFB4DxNNXMYjwC+2Pc4jQaboKP3PFO7scwHTRO1/p4iHX0qfg68IpFQAPcN3ARK84g/c0LOmNgCoMhgs4cGSO51A+Nc+RhRV5CD/o/T8vcFDD3u85/lcl9s7sF0pl54AzREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.imrworldwide.com/	1970-01-21 09:49:22	Name: IMRID Value: 38edac30-910c-11ef-a18a-a96b18b14d33
.demdex.net/	1970-01-21 04:46:58	Name: demdex Value: 43204478602878812890304488492319374099
.achievacu.com/	1970-01-21 09:13:22	Name: _hjSessionUser_865343 Value: eyJpZCI6ImEyOGNiYzQ5LTcxNjAtNWZjNi05ODQxLWM4NzEyMDYwZGQxNyIsImNyZWF0ZWQiOjE3Mjk2NjY3MTUzNzksImV4aXN0aW5nIjpmYWxzZX0=
.achievacu.com/	1970-01-21 00:27:48	Name: _hjSession_865343 Value: eyJpZCI6Ijk0YjM0NTk0LTc2OWMtNDUzYS05ZDdiLTNiNzhiNzZjYzQ3OSIsImMiOjE3Mjk2NjY3MTUzODAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
www.achievacu.com/	1970-01-21 10:03:46	Name: _tq_id.TV-6354457272-1.a01b Value: c1b20c7ffdf987a9.1729666715.0.1729666715..
.dpm.demdex.net/	1970-01-21 04:46:58	Name: dpm Value: 43204478602878812890304488492319374099
.adsrvr.org/	1970-01-21 09:13:22	Name: TDCPM Value: CAESEgoDYWFtEgsIpOOV8oqcrj0QBRIWCgdydWJpY29uEgsIqL7c1cTOuT0QBRIVCgZnb29nbGUSCwjOmcnWxM65PRAFEhYKB2xod2JrNTkSCwiU1L3WxM65PRAFEhYKB3VlZDNrdnISCwiawMnWxM65PRAFEhUKBmNhc2FsZRILCMr959nEzrk9EAUYBSAEKAEyCwjmk9-C2865PRAFOAFCBCICCAFaBzM1YTBiZmpgAXIGY2FzYWxl
.casalemedia.com/	1970-01-21 09:13:22	Name: CMID Value: Zxiem4sFVjoAAERfAE6l9QAA
.casalemedia.com/	1970-01-21 02:37:22	Name: CMPS Value: 4978
.casalemedia.com/	1970-01-21 02:37:22	Name: CMPRO Value: 4978
.leadsrx.com/	1970-01-21 09:13:22	Name: _lab Value: 3377701502726714
.leadsrx.com/	1970-01-21 09:13:22	Name: _lab_lastTouch Value: other
.achievacu.com/	1970-01-21 09:13:22	Name: _lab Value: 3377701502726714
www.achievacu.com/	1970-01-21 09:13:22	Name: brandcdn_uid Value: 9238f175-bbad-4bd5-86f6-e5a8aba524b3
adservices.brandcdn.com/	1970-01-21 09:13:22	Name: brandcdn_uid Value: 9238f175-bbad-4bd5-86f6-e5a8aba524b3
adservices.brandcdn.com/	1970-01-21 00:37:51	Name: AWSALBCORS Value: 5AdZc2FxDXt/voI0M6IHFPltM8+X6DcvMx68PFy8wzkd0skbkeHOfnd8sii97s4YSKaQTO3hlSYLYWJL7JPqEefasnXqpos2Sq+Z5yHT9vwJ4h4ZMJVwqrT9t7Lo
emails.achievacu.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: mf5bjrlvmyn5xnka3bcvannt
.achievacu.com/	1970-01-21 10:03:46	Name: bid Value: 8973fc7a-312e-46b1-b771-81333ecfa558

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=SuWMBr5JlAdBuhEuL00D2CZtosXj&src=mh&tx=5112b73a-4156-4312-a9a4-74cafba885bc Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=it831NmSeY1Zhp933ikxK6inTwRx&src=mh&tx=acb44b89-d972-43fe-8968-618891a16052 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservices.brandcdn.com
alpixtrack.com
analytics.google.com
app.leadsrx.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cnv.event.prod.bidr.io
code.jquery.com
collector-34522.us.tvsquared.com
collector-9636.us.tvsquared.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
dmp.truoptik.com
emails.achievacu.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
jelly-v6.mdhv.io
js.alpixtrack.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
pixel.rubiconproject.com
qr-codes.io
script.hotjar.com
secure-gl.imrworldwide.com
static.hotjar.com
stats.g.doubleclick.net
tag.brandcdn.com
td.doubleclick.net
www.achievacu.com
www.facebook.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.gstatic.com
www.surveycarrot.com
connect.facebook.net
dmp.truoptik.com
jelly-v6.mdhv.io
104.18.11.207
108.156.133.37
108.156.142.128
108.157.254.31
13.112.128.24
13.225.4.77
13.33.88.19
13.35.210.111
130.211.141.45
142.251.175.100
142.251.175.154
142.251.175.97
15.197.193.217
151.101.65.229
151.101.66.137
157.240.217.15
157.240.217.35
172.253.118.104
172.253.118.106
172.253.118.99
172.66.40.139
18.217.112.178
34.209.39.56
34.29.7.32
35.71.131.137
54.183.204.79
54.211.52.65
54.219.160.88
69.173.158.64
74.125.130.154
74.125.130.156
74.125.200.154
74.125.200.156
74.125.200.94
74.125.200.95
74.125.24.94
74.125.68.94
80.208.252.166
00d3a435832ac4a96f959e147f225c152b95d10df5ea508e426b7cfbb46d6663
012305fe18175b95942f96c5a5b89ef07e470b166679c6497712edb2dfb9e59a
0e13388a59045a23b3e266b3e953bca97fbdffa6a2d54f4c25bf4224b9c56005
14235c081af42ef2d9ff49635cbc8aefa648acc6379d32940e9cad2eef415861
16d0e1f6aa8fcf76c1eab59f8c32eece0a989bc22065d5df2c8c4edc2fa371fd
23483d6e2e52eb63cc31fc97fb9bd6132ffe5e55ed9df034bda1664518037b8c
23eebe55909f5e7b925a2dc5ae71327500d01ae042d9e1d972827b2d5eec7a88
26b1fa79351edf039f381c8d30f0d0861746042f076c8de57179d822b8d7eacd
289375aa9b157529b2d66c28c26477fc220c9d56175991f32f740ef68c4cdc4f
296bf85b2ce6face9f20d0b9e21d1bed70d95e418e772bc1ad9cd6a25193b519
2b410b2179771071be066aecc8e06534b8c0774bb8048de275d0fe415d521483
2bc8e5fec91f88f07120aad256013d3e889ddbb73fc1e7f5879c889f32e9cb4f
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337
3cc6bbe8cccc807a22432aaf5dfc1b16a89f5e23d55aca306fa8f91a217a5955
43b7bcca201861ded324d169d7b9ffeb830bce5ce603170bf44d67a8aa59166f
4702525d1cc728c1d4908025c7e1cce6f1522d6e23dd0e68cd802c4b45bea10c
5719eed5f00b60742446107a72a58d4cdb5cfe28323af213cd19050cff9aa57f
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
5de1058e5589456f7063c122f5a6bc92788d16fc3f766719bcd6d67a189adbc0
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6712e02e6e4fa62359c0c21ac0ad11a9e2a6a091e2e84d42147a99aaf7640725
6855667f7a384bdf8b7ded98c23cdb7e84179d9dbaaba28b53b9b919a80b2c41
6b786672792a4abaf9e4d37719d33c1a0aca9bfe4a43c812271d4a8308ba877b
714a45b7865f01ddd197153bf1cc5b4e529c18e1290ae7e4294a0e43752abf88
772500eb614737ad61769c8ad09d8437d0433c0f46e9e55bcdc46b59d8120374
7e8f70f86d34990e70e0b696310775bc5c4327110a78a08cebf21fc072cab1b2
82f4a62b3f5eef41b1aa14e29c9aa5c37dd0c1d73f056998e6bc9ebb7af49f62
84d20ca952751fc0a62f5744a7bf4ef25fdc211bbe096217eaf97db2f8c5e92b
8addabb1d595d4e8bd323d406da36de858941b9ea6e8009560c42d8d57936a5b
8c8cb3e3e555ee218e51b16a7c33fa44957f35ec1909701633756306a3fa4fc6
900fcc3a575d4f7ce06c6e7097a904ea8c57e52177db0172a4507fea489f2c12
90eaa0d242c61e582c7022455227b4bab76691a5ad2fa753624ca6198910b26c
92629e604fff7d14600ef2eace72eec61e991b1408b3f2727fa75ac5dbdc5040
93efd56fed68070ec0b2c4264dc90f246a8ef54daf37a2898adcac70d1289bc6
9a067703325d2fcc8b524ea53cf25087e5c1a01babc336ff28590645275a23b5
9d68d9838b61ca85c4b2c748b816b3250c8b98628b729e359b1a621f3d875a45
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac022dba3bbe2b29b3c004c0fbda618bf5897956323ab0055e4e577ccff86999
b03bd06b87ec693825a0a28d88804f156fd061208ae06525e216b7618a082315
b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef
b3c6d1d84f1e890e5c67e5400714dee0093e35a9192e84a0402e17d41a49f20c
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603
c041cd394fa0690aaf39956672f03fc2e8f92aefc7a9ba82c5fe01b99e332e83
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
c3d4dfd4b9869b9ee04af2c73bc24a8695374cf5b46025606d4ffe473edb4d16
c47a7f2b19f54144329061efc3e56d532a89c2f17642f3d588c18c2d5f815ac4
c8c4e710247fb90d64c58e9391b1a176ddb1535fa5cc6dbffeb5f9e3d46489fc
c8cd1e033d1de420f926ce73872c8c44b8292a42367f2dc714ae904bb64054f4
cd4a550d7f561e695f232cba024353b8e7039ca80e446a82e1781a0f24507fc1
d170a885c9f8f88ca4c1ee6ef7034c580152fa047268f6773424c7f027725f45
d423469939357099f36c34eee57442fa57084d71e5cda7f58c6b3ca5e3361948
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e18c70e07b254fd83b21dd193ed4d7f2329b8831c3e4dbfad5f0a9573e213a73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49d6481cd6918cdecb2ebdfbbc1df38eb72a4c24dc19f2f6b56b191faef695f
ea6eb9bac75b365de366f425d5ad4f308ea1417302461402fde18bac8bacad58
edd21f8ac9857604ec4a25f1367ea7994c81610bb0d6da856337746c3ad36b73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff7c45c715304fb26d8b1d7988ac6cc07eff26bf1b51ec4767cf8b9271d08033
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.achievacu.com Open in urlscan Pro 172.66.40.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

89 %HTTPS

0 %IPv6

26 Domains

37 Subdomains

35 IPs

5 Countries

2223 kBTransfer

5176 kBSize

36 Cookies

11 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.achievacu.com Open in urlscan Pro
172.66.40.139 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

89 %
HTTPS

0 %
IPv6

26
Domains

37
Subdomains

35
IPs

5
Countries

2223 kB
Transfer

5176 kB
Size

36
Cookies

101 HTTP transactions
0 data transactions