www.federaldebtrelief.nationaldisabilitybenefits.org Open in urlscan Pro
72.52.161.55 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.federaldebtrelief.nationaldisabilitybenefits.org/
Submission: On April 09 via automatic, source certstream-suspicious (April 9th 2023, 6:32:57 am UTC) — Scanned from DE

Summary HTTP 27 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 27 HTTP transactions. The main IP is 72.52.161.55, located in Palm City, United States and belongs to LIQUIDWEB, US. The main domain is www.federaldebtrelief.nationaldisabilitybenefits.org.
TLS certificate: Issued by R3 on April 9th 2023. Valid for: 3 months.

This is the only time www.federaldebtrelief.nationaldisabilitybenefits.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	72.52.161.55 72.52.161.55	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	104.237.62.211 104.237.62.211	18450 (WEBNX) (WEBNX)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	54.209.198.209 54.209.198.209	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:9200:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
5	34.192.171.130 34.192.171.130	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.118.20 13.32.118.20	16509 (AMAZON-02) (AMAZON-02)
1	35.169.79.47 35.169.79.47	14618 (AMAZON-AES) (AMAZON-AES)
27	14

5 72.52.161.55 (Palm City, United States)

ASN32244 (LIQUIDWEB, US)

www.federaldebtrelief.nationaldisabilitybenefits.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.62.211 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: hosted-by.racknerd.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.209.198.209 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-198-209.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:9200:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.192.171.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-171-130.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.118.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-20.fra60.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.79.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-79-47.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 18817 cdn.trustedform.com — Cisco Umbrella Rank: 21368	42 KB
5	leadid.com create.leadid.com — Cisco Umbrella Rank: 16012	3 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 maps.googleapis.com — Cisco Umbrella Rank: 409	173 KB
5	nationaldisabilitybenefits.org www.federaldebtrelief.nationaldisabilitybenefits.org	109 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 17164	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 26189	39 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2603	124 B
1	gstatic.com fonts.gstatic.com	44 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	3 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2561	24 KB
27	11

	Domain	Requested by
5	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
5	www.federaldebtrelief.nationaldisabilitybenefits.org	www.federaldebtrelief.nationaldisabilitybenefits.org cdn.trustedform.com
4	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
4	maps.googleapis.com	www.federaldebtrelief.nationaldisabilitybenefits.org maps.googleapis.com
2	cdn.trustedform.com	www.federaldebtrelief.nationaldisabilitybenefits.org api.trustedform.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	www.federaldebtrelief.nationaldisabilitybenefits.org
1	api.ipify.org	www.federaldebtrelief.nationaldisabilitybenefits.org
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	www.federaldebtrelief.nationaldisabilitybenefits.org
1	fonts.googleapis.com	www.federaldebtrelief.nationaldisabilitybenefits.org
1	stackpath.bootstrapcdn.com	www.federaldebtrelief.nationaldisabilitybenefits.org
27	13

This site contains links to these domains. Also see Links.

Domain
federaldebtrelief.org

Subject Issuer	Validity	Valid
federaldebtrelief.nationaldisabilitybenefits.org R3	`2023-04-09` - `2023-07-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-09`	8 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
Frame ID: 00C87C268A3CB1BC7C9D33B237FB838E
Requests: 25 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=AE77B7A8-1DD5-F836-43F3-4CABB2C1671D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=308D0F57-FCDA-E9A8-FA55-A3E7A68F92FD&lac=3A240EA7-37FA-5727-8E31-E37FFE60E05B
Frame ID: 05508BE226E19429A93485352AAB5F8D
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=AE77B7A8-1DD5-F836-43F3-4CABB2C1671D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=308D0F57-FCDA-E9A8-FA55-A3E7A68F92FD&lac=3A240EA7-37FA-5727-8E31-E37FFE60E05B
Frame ID: 1641613A5DB63C877852820ABEA1FE32
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Federal Debt Relief

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

27
Requests

96 %
HTTPS

54 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

453 kB
Transfer

1306 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://federaldebtrelief.org/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://federaldebtrelief.org/terms-and-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://federaldebtrelief.org/manage.html
Title: Information Preferences

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16810219716190.461537042772556&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16810219716190.461537042772556&invert_field_sensitivity=false

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.federaldebtrelief.nationaldisabilitybenefits.org/ 20 KB
5 KB 400ms
116ms Document
text/html 72.52.161.55
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.161.55 Palm City, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: a7784a4ae0da7165c53c6858f007266d9fc881c2f55c4bd978a4163c80433d4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5081
Content-Type: text/html
Date: Sun, 09 Apr 2023 06:32:51 GMT
Keep-Alive: timeout=2, max=150
Last-Modified: Sat, 24 Oct 2020 18:12:43 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 46ms
21ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: www.federaldebtrelief.nationaldisabilitybenefits.org
URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
Origin: https://www.federaldebtrelief.nationaldisabilitybenefits.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 06:32:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 1078
cdn-cachedat: 01/04/2023 11:35:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0d8e88be7c831874e03e917c6d3cab0f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7b50b7179a5690ec-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: www.federaldebtrelief.nationaldisabilitybenefits.org
URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

273a6195b2780c1e45e18de13f69107d59ea3bea80a359d645557098944af060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Apr 2023 06:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 06:12:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Apr 2023 06:32:51 GMT

GET
H2 200 pretty-checkbox.min.css
cdn.jsdelivr.net/npm/pretty-checkbox@3.0/dist/ 19 KB
3 KB 32ms
15ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/pretty-checkbox@3.0/dist/pretty-checkbox.min.css

Requested by

Host: www.federaldebtrelief.nationaldisabilitybenefits.org
URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08d7830746349ff8a17d3234078ea1e46c33f0b1d29752484151d9c60a0d625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 06:32:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33895
x-jsd-version: 3.0.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230059-FRA, cache-yyz4578-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"4b56-fF0noLObvYApNnMFBFgmODIkGTo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BT5oIuf4NhPyRbFc9dxx6IXIo%2BEqpVUcwR1cDyg2YJ9lUYQp4gWN%2B2QDNRW23q69k0EFPpoAiKXJ8H5EcWORyyVCUEOqsgl64KxvMFae4owOndfnVL3hDTmk7V97QQI2rwNwwhuRgqb6fHC6tY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b50b71789429a09-FRA

GET
H/1.1 200
OK style.css
www.federaldebtrelief.nationaldisabilitybenefits.org/css/ 7 KB
2 KB 116ms
116ms Stylesheet
text/css 72.52.161.55
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/css/style.css
Requested by: Host: www.federaldebtrelief.nationaldisabilitybenefits.org
URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.161.55 Palm City, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: d1081c103c2fc4081962a82547c978c76c2ac5fc12dc1bf90936e4bd2186f4ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 09 Apr 2023 06:32:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Oct 2020 18:10:06 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=149
Content-Length: 2052

GET
H/1.1 200
OK logo.png
www.federaldebtrelief.nationaldisabilitybenefits.org/img/ 28 KB
28 KB 346ms
116ms Image
image/png 72.52.161.55
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/img/logo.png
Requested by: Host: www.federaldebtrelief.nationaldisabilitybenefits.org
URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.161.55 Palm City, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: e4f784d8e836fe14a3ab48bf6d3b828bcd523764d6fc1daaa233ebe05b64a1f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 09 Apr 2023 06:32:51 GMT
Last-Modified: Sat, 24 Oct 2020 18:10:15 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=150
Content-Length: 28200

GET
H/1.1 200
OK v2.js Show response
www.federaldebtrelief.nationaldisabilitybenefits.org/js/ 132 KB
46 KB 220ms
122ms Script
application/javascript 72.52.161.55
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/js/v2.js
Requested by: Host: www.federaldebtrelief.nationaldisabilitybenefits.org
URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.161.55 Palm City, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 00770b6d53234f84a87d4ef8e3b295969dc7ec3b178431f1c356f28399ef1abd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 09 Apr 2023 06:32:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Oct 2020 21:22:39 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=148
Content-Length: 46729

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 183 KB
61 KB 56ms
34ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDFfKByBiKTvUW_DNAlpU-a79r6Le-IBFs&libraries=places

Requested by

Host: www.federaldebtrelief.nationaldisabilitybenefits.org
URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

ef5e187878f2cef79c906b5603d527a2cd520a162ae7219941621f4695196b53

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 06:32:51 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=28
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61727
x-xss-protection: 0
expires: Sun, 09 Apr 2023 07:02:51 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.federaldebtrelief.nationaldisabilitybenefits.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:18 GMT
x-content-type-options: nosniff
age: 417693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:18 GMT

GET
H2 200 / Show response
api.ipify.org/ 13 B
124 B 928ms
159ms XHR
text/plain 104.237.62.211
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: www.federaldebtrelief.nationaldisabilitybenefits.org
URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/js/v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.211 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: hosted-by.racknerd.com
Software: /
Resource Hash: 39795c9b9ba65539e5ce37a4d31cc12be73070471d460d1d54b9ea35d4dd4f33

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://www.federaldebtrelief.nationaldisabilitybenefits.org
date: Sun, 09 Apr 2023 06:32:52 GMT
content-length: 13
vary: Origin
content-type: text/plain

GET
H2 200 308d0f57-fcda-e9a8-fa55-a3e7a68f92fd.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 641ms
612ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/308d0f57-fcda-e9a8-fa55-a3e7a68f92fd.js?snippet_version=2
Requested by: Host: www.federaldebtrelief.nationaldisabilitybenefits.org
URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 895cba6b91bbea0ad561fdc02c66ecd47387a7c25b0b6f1de67de41992d644db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 06:32:52 GMT
x-amz-version-id: 2PKWJr4.87OB7pEsMLk4k13WVPfejC7Y
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 12 Nov 2021 00:42:36 GMT
server: cloudflare
x-amz-request-id: 549S1E8Q767MYPWB
etag: W/"c2b386bd63f795ce93a1c811ece8642a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 7b50b71ac874994a-FRA
x-amz-id-2: NOWDq9kBd57dU8rJw1YhPPHr7vkOOUCcWhysmHfta4pMeABsmH6Achab1m+WJUcWh52ZCEjwURM=

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16810219716190.461537042772556&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16810219716190.461537042772556&invert_field_sensitivity=false

7 KB
3 KB

251ms
215ms

Script
application/javascript

2600:9000:223d:9200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16810219716190.461537042772556&invert_field_sensitivity=false
Requested by: Host: www.federaldebtrelief.nationaldisabilitybenefits.org
URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
Protocol: H2
Server: 2600:9000:223d:9200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 06:32:53 GMT
x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"1b4d8abad5e0668a237e388577c6a93c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: fuqVvQpJkirXQWKg4sgJUuJVXuas9hYDAyxuCc7NweixSDsMoFKQzg==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16810219716190.461537042772556&invert_field_sensitivity=false
date: Sun, 09 Apr 2023 06:32:51 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 54ms
40ms XHR
application/json 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDFfKByBiKTvUW_DNAlpU-a79r6Le-IBFs&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 06:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.federaldebtrelief.nationaldisabilitybenefits.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
661 B 364ms
155ms XHR
text/plain 34.192.171.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=de5049f1-7407-4b3e-95ff-a645fc6bd685&_=460315863

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/308d0f57-fcda-e9a8-fa55-a3e7a68f92fd.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.171.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-171-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

23a49de97c3ce98dce34ef7f8892fbfbc843ee6b01be874c3c5ae6255254b092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 09 Apr 2023 06:32:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 295ms
99ms XHR
application/json 54.209.198.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16810219716190.461537042772556&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.198.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-198-209.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 66cf800f6fce8ed8ad5291069aacd345086523526d087636d3c234460470e11a

Request headers

Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 09 Apr 2023 06:32:52 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.8.38.js Show response
cdn.trustedform.com/ 102 KB
37 KB 10ms
10ms Script
application/javascript 2600:9000:223d:9200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16810219716190.461537042772556&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:9200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
content-encoding: gzip
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
date: Sun, 09 Apr 2023 06:32:33 GMT
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 20
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ZMEuln2nnfQsl8_J69ZKTxG4iV6YXYkYV5o7RMWVVozWCmHUYSO0MA==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/1a2511454ee9d232d51a2304569e006f4ad3e004/ 0
159 B 99ms
99ms XHR
text/plain 54.209.198.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/1a2511454ee9d232d51a2304569e006f4ad3e004/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.198.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-198-209.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 09 Apr 2023 06:32:52 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H/1.1 200
OK logo.png
www.federaldebtrelief.nationaldisabilitybenefits.org/img/ 28 KB
28 KB 116ms
116ms Image
image/png 72.52.161.55
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.federaldebtrelief.nationaldisabilitybenefits.org/img/logo.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.161.55 Palm City, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: e4f784d8e836fe14a3ab48bf6d3b828bcd523764d6fc1daaa233ebe05b64a1f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 09 Apr 2023 06:32:52 GMT
Last-Modified: Sat, 24 Oct 2020 18:10:15 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=149
Content-Length: 28200

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 0550 3 KB
2 KB 43ms
7ms Document
text/html 13.32.118.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=AE77B7A8-1DD5-F836-43F3-4CABB2C1671D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=308D0F57-FCDA-E9A8-FA55-A3E7A68F92FD&lac=3A240EA7-37FA-5727-8E31-E37FFE60E05B

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/308d0f57-fcda-e9a8-fa55-a3e7a68f92fd.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-20.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 5633
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 09 Apr 2023 04:59:02 GMT
ETag: W/"641b3057-dbb"
Last-Modified: Wed, 22 Mar 2023 16:44:07 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
X-Amz-Cf-Id: O6tmotUC-L_IBdqyPKdjtMbi_efCTnPY6EX_E9a22GUciXPw1aRy8Q==
X-Amz-Cf-Pop: FRA60-P1
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
624 B 101ms
100ms XHR
text/plain 34.192.171.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=de5049f1-7407-4b3e-95ff-a645fc6bd685&token=AE77B7A8-1DD5-F836-43F3-4CABB2C1671D&_=460315864

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/308d0f57-fcda-e9a8-fa55-a3e7a68f92fd.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.171.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-171-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 09 Apr 2023 06:32:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 100ms
100ms XHR
text/plain 34.192.171.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=de5049f1-7407-4b3e-95ff-a645fc6bd685&token=AE77B7A8-1DD5-F836-43F3-4CABB2C1671D&_=460315865

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/308d0f57-fcda-e9a8-fa55-a3e7a68f92fd.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.171.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-171-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 09 Apr 2023 06:32:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 1641 4 KB
2 KB 332ms
101ms Document
text/html 35.169.79.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=AE77B7A8-1DD5-F836-43F3-4CABB2C1671D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=308D0F57-FCDA-E9A8-FA55-A3E7A68F92FD&lac=3A240EA7-37FA-5727-8E31-E37FFE60E05B
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=AE77B7A8-1DD5-F836-43F3-4CABB2C1671D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=308D0F57-FCDA-E9A8-FA55-A3E7A68F92FD&lac=3A240EA7-37FA-5727-8E31-E37FFE60E05B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.79.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-79-47.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Sun, 09 Apr 2023 06:32:52 GMT
etag: W/"6425e809-1049"
expires: Mon, 10 Apr 2023 06:32:52 GMT
last-modified: Thu, 30 Mar 2023 19:50:33 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 1641 0
628 B 306ms
104ms Script
text/javascript 34.192.171.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=3A240EA7-37FA-5727-8E31-E37FFE60E05B&lck=308D0F57-FCDA-E9A8-FA55-A3E7A68F92FD&methods=48&token=AE77B7A8-1DD5-F836-43F3-4CABB2C1671D&uuid=51754e79dc53454a86ccb55b13c04143

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=AE77B7A8-1DD5-F836-43F3-4CABB2C1671D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=308D0F57-FCDA-E9A8-FA55-A3E7A68F92FD&lac=3A240EA7-37FA-5727-8E31-E37FFE60E05B

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.171.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-171-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 06:32:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 294ms
198ms XHR
text/plain 34.192.171.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=de5049f1-7407-4b3e-95ff-a645fc6bd685&token=AE77B7A8-1DD5-F836-43F3-4CABB2C1671D&_=460315866

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/308d0f57-fcda-e9a8-fa55-a3e7a68f92fd.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.171.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-171-130.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 09 Apr 2023 06:32:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/1a2511454ee9d232d51a2304569e006f4ad3e004/ 0
159 B 99ms
99ms XHR
text/plain 54.209.198.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/1a2511454ee9d232d51a2304569e006f4ad3e004/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.198.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-198-209.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 09 Apr 2023 06:32:53 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/8/intl/de_ALL/ 271 KB
60 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/8/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDFfKByBiKTvUW_DNAlpU-a79r6Le-IBFs&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28d6fa1eb873234be850841338e2bc6545f0d62be2c89a3cf071b87e43da61b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 17:32:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61526
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 18:29:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 17:32:12 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/8/intl/de_ALL/ 162 KB
51 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/8/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDFfKByBiKTvUW_DNAlpU-a79r6Le-IBFs&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97b97ff9b4ed914f303858840aa7b2e2531f040bda8360c22d8d8dbe32481744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.federaldebtrelief.nationaldisabilitybenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 17:32:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52114
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 18:29:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 17:32:12 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.federaldebtrelief.nationaldisabilitybenefits.org/	1970-01-20 10:57:02	Name: leadid_token-3A240EA7-37FA-5727-8E31-E37FFE60E05B-308D0F57-FCDA-E9A8-FA55-A3E7A68F92FD Value: AE77B7A8-1DD5-F836-43F3-4CABB2C1671D
			.deviceid.trueleadid.com/	1970-01-20 20:33:01	Name: uuid Value: 51754e79dc53454a86ccb55b13c04143

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
api.trustedform.com
cdn.jsdelivr.net
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
stackpath.bootstrapcdn.com
www.federaldebtrelief.nationaldisabilitybenefits.org
104.237.62.211
13.32.118.20
2600:9000:223d:9200:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2606:4700::6810:5714
2606:4700::6812:bcf
2a00:1450:4001:803::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::200a
34.192.171.130
35.169.79.47
54.209.198.209
72.52.161.55
001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c
00770b6d53234f84a87d4ef8e3b295969dc7ec3b178431f1c356f28399ef1abd
23a49de97c3ce98dce34ef7f8892fbfbc843ee6b01be874c3c5ae6255254b092
273a6195b2780c1e45e18de13f69107d59ea3bea80a359d645557098944af060
28d6fa1eb873234be850841338e2bc6545f0d62be2c89a3cf071b87e43da61b4
39795c9b9ba65539e5ce37a4d31cc12be73070471d460d1d54b9ea35d4dd4f33
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66cf800f6fce8ed8ad5291069aacd345086523526d087636d3c234460470e11a
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
895cba6b91bbea0ad561fdc02c66ecd47387a7c25b0b6f1de67de41992d644db
97b97ff9b4ed914f303858840aa7b2e2531f040bda8360c22d8d8dbe32481744
a7784a4ae0da7165c53c6858f007266d9fc881c2f55c4bd978a4163c80433d4c
b08d7830746349ff8a17d3234078ea1e46c33f0b1d29752484151d9c60a0d625
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d1081c103c2fc4081962a82547c978c76c2ac5fc12dc1bf90936e4bd2186f4ee
d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f784d8e836fe14a3ab48bf6d3b828bcd523764d6fc1daaa233ebe05b64a1f4
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef5e187878f2cef79c906b5603d527a2cd520a162ae7219941621f4695196b53

www.federaldebtrelief.nationaldisabilitybenefits.org Open in urlscan Pro 72.52.161.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

96 %HTTPS

54 %IPv6

11 Domains

13 Subdomains

14 IPs

2 Countries

453 kBTransfer

1306 kBSize

2 Cookies

3 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

www.federaldebtrelief.nationaldisabilitybenefits.org Open in urlscan Pro
72.52.161.55 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

96 %
HTTPS

54 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

453 kB
Transfer

1306 kB
Size

2
Cookies

27 HTTP transactions
1 data transactions