logindev.freedomcashlenders.com Open in urlscan Pro
69.43.168.147  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response logindev.freedomcashlenders.com/	1005 B 1 KB	485ms 157ms	Document text/html	69.43.168.147 DATABANK-CASTLEAC...
General Check archive.org Show headers Download Go to Full URL https://logindev.freedomcashlenders.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.43.168.147 Redlands, United States, ASN22489 (DATABANK-CASTLEACCESS, US), Reverse DNS Software Caddy Caddy / Resource Hash fd1a40aadd4c4cce8aea4f740511482c21b1e612fb8dc1d2b3e175c31add16a8 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 1005 content-type text/html; charset=utf-8 date Sat, 06 Jul 2024 15:43:55 GMT etag "sbp26lrx" last-modified Tue, 09 Apr 2024 21:25:33 GMT server Caddy Caddy
GET H2	200	css2 fonts.googleapis.com/	5 KB 1001 B	44ms 16ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@400;500;600&display=swap Requested by Host: logindev.freedomcashlenders.com URL: https://logindev.freedomcashlenders.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ca5f93d3ec7b476d15c35f7d46ddcee8d5d24b51956dba302f389b5a13d48b50 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://logindev.freedomcashlenders.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sat, 06 Jul 2024 15:43:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 06 Jul 2024 15:43:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 06 Jul 2024 15:43:55 GMT
GET H2	200	main.5a868366.js Show response logindev.freedomcashlenders.com/static/js/	2 MB 2 MB	158ms 157ms	Script text/javascript	69.43.168.147 DATABANK-CASTLEAC...
General Check archive.org Show headers Download Go to Full URL https://logindev.freedomcashlenders.com/static/js/main.5a868366.js Requested by Host: logindev.freedomcashlenders.com URL: https://logindev.freedomcashlenders.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.43.168.147 Redlands, United States, ASN22489 (DATABANK-CASTLEACCESS, US), Reverse DNS Software Caddy, Caddy / Resource Hash 0d5d94d2c5c7df4f34e584dee8d462dc07fd998ec3097cc263c19aad92d0ef9a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://logindev.freedomcashlenders.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 15:43:55 GMT last-modified Tue, 09 Apr 2024 21:25:33 GMT server Caddy, Caddy etag "sbp26l14ewb" content-type text/javascript; charset=utf-8 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 1885547
GET H2	200	rocketchat-livechat.min.js Show response livechat.leadvent.com/livechat/	6 KB 3 KB	550ms 499ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://livechat.leadvent.com/livechat/rocketchat-livechat.min.js?_=201903270000 Requested by Host: logindev.freedomcashlenders.com URL: https://logindev.freedomcashlenders.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5ab651ae2255f9c722617c063af09e74a254ce3efd85eaf7a83d521c5beda20 Security Headers Name Value Content-Security-Policy default-src 'self' ; connect-src *; font-src 'self' data:; frame-src *; img-src * data: blob:; media-src * data:; script-src 'self' 'unsafe-eval' 'sha256-jqxtvDkBbRAl9Hpqv68WdNOieepg8tJSYu1xIy7zT34=' ; style-src 'self' 'unsafe-inline' X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://logindev.freedomcashlenders.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 15:43:56 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src 'self' ; connect-src *; font-src 'self' data:; frame-src *; img-src * data: blob:; media-src * data:; script-src 'self' 'unsafe-eval' 'sha256-jqxtvDkBbRAl9Hpqv68WdNOieepg8tJSYu1xIy7zT34=' ; style-src 'self' 'unsafe-inline' cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1 server cloudflare etag "d1e355e02fe63243d83ab6956596e7e705513d91" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uuNXsvxz%2BQZMniSFuUsvkGUwTQrnn3Xkk2F%2BjHG5qdolagbOkSVQ1CCX0cNdaYOoCzSd8CFCMe%2F5DO7muFzeUv7CDYPi9ZlQiJfDE18%2FzgZYpgYHXkkI0a7xER9Pwx9CQ8RJykSjETx1ge4IThHgPqSfmys%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 89f0b6946df530c9-FRA x-instance-id fab6a81e-da88-4f29-8e31-843cb476063d
GET H3	200	livechat livechat.leadvent.com/ Frame 5B88	0 0	509ms 480ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://livechat.leadvent.com/livechat Requested by Host: livechat.leadvent.com URL: https://livechat.leadvent.com/livechat/rocketchat-livechat.min.js?_=201903270000 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://logindev.freedomcashlenders.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 89f0b697cc499bca-FRA content-encoding br content-type text/html; charset=utf-8 date Sat, 06 Jul 2024 15:43:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aoyzImCSqCs8XeJ%2BgqEVDT6IKcq04xgFQ9u3Kzp7gHeuhoR%2FOOx3FLm%2FRE5cRzDXXiytwBRFkOfqkyfrkDD10EKTmj%2FbYNDF2x7yY5ErPdaQridqHD%2Fok%2Fmcw8RmJ03Ac6jBaAbA7nk%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff x-instance-id fab6a81e-da88-4f29-8e31-843cb476063d x-xss-protection 1
GET BLOB	200 OK	b8b7892a-ab2a-4320-853d-5b04e9050cc4 https://logindev.freedomcashlenders.com/	9 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://logindev.freedomcashlenders.com/b8b7892a-ab2a-4320-853d-5b04e9050cc4 Requested by Host: logindev.freedomcashlenders.com URL: https://logindev.freedomcashlenders.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 048ed95edac6bcade793f5b5136827136747ee0c96cb58b86be5b22a18fbe4fb Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 9407 Content-Type text/javascript
GET H2	200	logo-freedom.b81a554407aae58bc1d9.png logindev.freedomcashlenders.com/static/media/	26 KB 26 KB	159ms 158ms	Image image/png	69.43.168.147 DATABANK-CASTLEAC...
General Check archive.org Show headers Download Go to Show image Full URL https://logindev.freedomcashlenders.com/static/media/logo-freedom.b81a554407aae58bc1d9.png Requested by Host: logindev.freedomcashlenders.com URL: https://logindev.freedomcashlenders.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.43.168.147 Redlands, United States, ASN22489 (DATABANK-CASTLEACCESS, US), Reverse DNS Software Caddy, Caddy / Resource Hash dbcc4307afc5c2bf43e76f52fe2bd36182099b0489376c5c013c318baafe28e4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://logindev.freedomcashlenders.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 15:43:57 GMT last-modified Tue, 09 Apr 2024 21:25:33 GMT server Caddy, Caddy etag "sbp26lk90" content-type image/png accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 26244
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 983 B	43ms 20ms	Script text/javascript	142.250.185.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Requested by Host: logindev.freedomcashlenders.com URL: https://logindev.freedomcashlenders.com/static/js/main.5a868366.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f4.1e100.net Software GSE / Resource Hash 2657935e468a24a6a7c5e62921feb0d59d6453f8d142be8a86a9521b6c7b654e Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://logindev.freedomcashlenders.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 15:43:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sat, 06 Jul 2024 15:43:57 GMT
GET H2	200	LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2 fonts.gstatic.com/s/plusjakartasans/v8/	27 KB 27 KB	38ms 9ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/plusjakartasans/v8/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@400;500;600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://logindev.freedomcashlenders.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 23:52:10 GMT x-content-type-options nosniff age 143507 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27444 x-xss-protection 0 last-modified Thu, 22 Jun 2023 14:14:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jul 2025 23:52:10 GMT
OPTIONS H3	200	start analytics.leadvent.com/ingest/v1/web/ Frame	0 0	525ms 493ms	Preflight	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://analytics.leadvent.com/ingest/v1/web/start Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://logindev.freedomcashlenders.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,Authorization,Content-Encoding access-control-allow-methods POST access-control-allow-origin * access-control-expose-headers Content-Length alt-svc h3=":443"; ma=86400 cache-control max-age=86400 cf-cache-status DYNAMIC cf-ray 89f0b69e6b929951-FRA content-length 0 date Sat, 06 Jul 2024 15:43:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRzns5rQwo5fKRuoCvh3mPDl1n8RltsMtrTHT8vMGqrEznStcPzsFm%2F0lO8J3upn46qMVTkR2yvtz2kj%2FsnbT%2Bt1ZG3N9Ql%2BMRLv0%2Bs79AlvNmzTtsuUI5Pv7MEsH5ghaPLEBCYqVvTa"}],"group":"cf-nel","max_age":604800} server cloudflare
POST H3	200	start Show response analytics.leadvent.com/ingest/v1/web/	482 B 782 B	196ms 196ms	Fetch application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://analytics.leadvent.com/ingest/v1/web/start Requested by Host: logindev.freedomcashlenders.com URL: https://logindev.freedomcashlenders.com/static/js/main.5a868366.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e92f4fa815f76d6d4e3d09795c7ba792ba7ef2a8dc4fecf67d63b90cb19406f6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://logindev.freedomcashlenders.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Sat, 06 Jul 2024 15:43:57 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods POST content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrsuScZ83ZbPa5rXOiIfVn1yQyaLhQ4f%2F5PzK4Ia5Dc5S4p%2B0zs2grlR%2BD82Fkl5C7MFD6s7MfheXiCGnTiwWmLZNnQVDuTMqUkpRLMIMgZfy4Gj7v5wqj8od2RTy9hRDFIE2fE%2Bod1S"}],"group":"cf-nel","max_age":604800} access-control-expose-headers Content-Length cf-ray 89f0b6a17e6f9951-FRA access-control-allow-headers Content-Type,Authorization,Content-Encoding alt-svc h3=":443"; ma=86400
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/	536 KB 213 KB	49ms 18ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://logindev.freedomcashlenders.com/ Origin https://logindev.freedomcashlenders.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 00:27:02 GMT content-encoding gzip x-content-type-options nosniff age 55015 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 217833 x-xss-protection 0 last-modified Sun, 23 Jun 2024 08:01:07 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 06 Jul 2025 00:27:02 GMT
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame DFEC	0 0	38ms 23ms	Document text/html	142.250.185.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcythgoAAAAAFObMHt3m_qnkk6MWvLYwh4wm_Yb&co=aHR0cHM6Ly9sb2dpbmRldi5mcmVlZG9tY2FzaGxlbmRlcnMuY29tOjQ0Mw..&hl=de&type=image&v=rKbTvxTxwcw5VqzrtN-ICwWt&theme=light&size=invisible&badge=bottomright&cb=n39pvpeur61a Requested by Host: logindev.freedomcashlenders.com URL: https://logindev.freedomcashlenders.com/static/js/main.5a868366.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-QRX-tBRz7VE6srwcGg04wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://logindev.freedomcashlenders.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-QRX-tBRz7VE6srwcGg04wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 06 Jul 2024 15:43:57 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
OPTIONS H3	200	feature-flags analytics.leadvent.com/ingest/v1/web/ Frame	0 0	176ms 176ms	Preflight	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://analytics.leadvent.com/ingest/v1/web/feature-flags Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://logindev.freedomcashlenders.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,Authorization,Content-Encoding access-control-allow-methods POST access-control-allow-origin * access-control-expose-headers Content-Length alt-svc h3=":443"; ma=86400 cache-control max-age=86400 cf-cache-status DYNAMIC cf-ray 89f0b6a2cf779951-FRA content-length 0 date Sat, 06 Jul 2024 15:43:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p9Lo%2FCA5ZI15aJNIYq5ZuSybOCpIe%2F0S%2B1oUGV7mf5rTbQI7Bj3YUPeIctkVhkooT58mcBEr%2BlDx%2B9NLVjcmFJIVs32Z9YdpbvQiIZcS8th5e7aMBb94bhTDKcoy05DNLT1d2mn7n4Jf"}],"group":"cf-nel","max_age":604800} server cloudflare
POST H3	200	feature-flags Show response analytics.leadvent.com/ingest/v1/web/	96 B 529 B	176ms 175ms	Fetch application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://analytics.leadvent.com/ingest/v1/web/feature-flags Requested by Host: logindev.freedomcashlenders.com URL: https://logindev.freedomcashlenders.com/static/js/main.5a868366.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6d19e45283d8374dbfe9eda9bd1dfae17059d8107a9ccb4143c50df103ee624 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization Bearer lpdji3hepsff.h0.lyaeymv6.6gsaM5KVp1he1xt9GgfYGRvM58kiUGHgCosf9KBkFe93 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Referer https://logindev.freedomcashlenders.com/ sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 15:43:58 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods POST content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bY1iX1iSOQ1uezdd5BRtWxn%2FYc9iKpOnzZwuc5DAjHWTGooLuFFZXSOIFBkS9zwT0%2FGQ01crZ7FfMnWGAPrnkW5zkY8r0h24%2Fsz02FLUxRifCQefip3rGbEem0kUvkxjtfUpxhYQ%2BCPd"}],"group":"cf-nel","max_age":604800} access-control-expose-headers Content-Length cf-ray 89f0b6a3d8619951-FRA access-control-allow-headers Content-Type,Authorization,Content-Encoding alt-svc h3=":443"; ma=86400
GET H2	200	favicon.ico logindev.freedomcashlenders.com/	4 KB 4 KB	156ms 155ms	Other image/vnd.microsoft.icon	69.43.168.147 DATABANK-CASTLEAC...
General Check archive.org Show headers Download Go to Full URL https://logindev.freedomcashlenders.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.43.168.147 Redlands, United States, ASN22489 (DATABANK-CASTLEACCESS, US), Reverse DNS Software Caddy, Caddy / Resource Hash 3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://logindev.freedomcashlenders.com/auth/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 15:43:59 GMT last-modified Tue, 09 Apr 2024 21:25:33 GMT server Caddy, Caddy etag "sbp26l2zi" content-type image/vnd.microsoft.icon accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 3870

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage function| RocketChat boolean| __openreplay_adpss_patched__ object| __OPENREPLAY__ function| _ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_285933

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			livechat.leadvent.com/	1969-12-31 23:59:59	Name: rc_is_widget Value: t
			livechat.leadvent.com/	1969-12-31 23:59:59	Name: rc_room_type Value: l

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://logindev.freedomcashlenders.com/auth/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.leadvent.com
fonts.googleapis.com
fonts.gstatic.com
livechat.leadvent.com
logindev.freedomcashlenders.com
www.google.com
www.gstatic.com
142.250.185.132
188.114.97.3
2a00:1450:4001:809::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:830::200a
2a06:98c1:3120::3
69.43.168.147
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
048ed95edac6bcade793f5b5136827136747ee0c96cb58b86be5b22a18fbe4fb
0d5d94d2c5c7df4f34e584dee8d462dc07fd998ec3097cc263c19aad92d0ef9a
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
2657935e468a24a6a7c5e62921feb0d59d6453f8d142be8a86a9521b6c7b654e
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
c6d19e45283d8374dbfe9eda9bd1dfae17059d8107a9ccb4143c50df103ee624
ca5f93d3ec7b476d15c35f7d46ddcee8d5d24b51956dba302f389b5a13d48b50
d5ab651ae2255f9c722617c063af09e74a254ce3efd85eaf7a83d521c5beda20
dbcc4307afc5c2bf43e76f52fe2bd36182099b0489376c5c013c318baafe28e4
e92f4fa815f76d6d4e3d09795c7ba792ba7ef2a8dc4fecf67d63b90cb19406f6
fd1a40aadd4c4cce8aea4f740511482c21b1e612fb8dc1d2b3e175c31add16a8