urlscan.io logo urlscan.io
SecurityTrails logo

chat.turbotips.org Open in urlscan Pro
76.76.21.241  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go.turbotips.org/
Effective URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Submission: On May 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 42 HTTP transactions. The main IP is 76.76.21.241, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is chat.turbotips.org.
TLS certificate: Issued by R3 on May 22nd 2024. Valid for: 3 months.
This is the only time chat.turbotips.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.161.62.108 213230 (HETZNER-C...)
1 2 34.120.11.64 396982 (GOOGLE-CL...)
18 76.76.21.241 16509 (AMAZON-02)
3 18.172.112.86 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 54.219.103.223 16509 (AMAZON-02)
42 6
1    5.161.62.108 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.108.62.161.5.clients.your-server.de
go.turbotips.org
2    34.120.11.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.11.120.34.bc.googleusercontent.com
www.loadingaccount.com
www.nb7trk.com
18    76.76.21.241 (Walnut, United States)

ASN16509 (AMAZON-02, US)
chat.turbotips.org
3    18.172.112.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-86.fra60.r.cloudfront.net
static.yourembeddedform.com
6    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    54.219.103.223 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-103-223.us-west-1.compute.amazonaws.com
yourembeddedform.com
Apex Domain
Subdomains		 Transfer
19 turbotips.org
go.turbotips.org
chat.turbotips.org
149 KB
15 yourembeddedform.com
static.yourembeddedform.com
yourembeddedform.com — Cisco Umbrella Rank: 834984
361 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
6 KB
2 gstatic.com
fonts.gstatic.com
27 KB
1 nb7trk.com
www.nb7trk.com
19 KB
1 loadingaccount.com
www.loadingaccount.com — Cisco Umbrella Rank: 807645
491 B
42 6
Domain Requested by
18 chat.turbotips.org chat.turbotips.org
12 yourembeddedform.com static.yourembeddedform.com
6 fonts.googleapis.com chat.turbotips.org
static.yourembeddedform.com
3 static.yourembeddedform.com chat.turbotips.org
static.yourembeddedform.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.nb7trk.com chat.turbotips.org
1 www.loadingaccount.com 1 redirects
1 go.turbotips.org 1 redirects
42 8

This site contains no links.

Subject Issuer Validity Valid
chat.turbotips.org
R3		 2024-05-22 -
2024-08-20		 3 months crt.sh
nb7trk.com
Starfield Secure Certificate Authority - G2		 2024-04-11 -
2025-04-18		 a year crt.sh
yourembeddedform.com
Amazon RSA 2048 M03		 2024-02-04 -
2025-03-04		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
money411.com
Amazon RSA 2048 M02		 2024-05-11 -
2025-06-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Frame ID: 2AE700BDC009477D14BEFBF14ABBC4EE
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TURBOTIPS

Page URL History Show full URLs

  1. https://go.turbotips.org/ HTTP 302
    https://www.loadingaccount.com/3LKKRHG/2J55K97/?sub3={{revenue-token}}&sub5={{phone}}&sub1=Expired-Filter HTTP 302
    https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Page Statistics

42
Requests

100 %
HTTPS

29 %
IPv6

6
Domains

8
Subdomains

6
IPs

2
Countries

560 kB
Transfer

2301 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.turbotips.org/ HTTP 302
    https://www.loadingaccount.com/3LKKRHG/2J55K97/?sub3={{revenue-token}}&sub5={{phone}}&sub1=Expired-Filter HTTP 302
    https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lt-nonjv
chat.turbotips.org/
Redirect Chain
  • https://go.turbotips.org/
  • https://www.loadingaccount.com/3LKKRHG/2J55K97/?sub3={{revenue-token}}&sub5={{phone}}&sub1=Expired-Filter
  • https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Next.js
Resource Hash
a34a4be0878cd3e8fe2606695c6b3511e1415620a543b59bf6b3ffe5819e92df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 22 May 2024 20:42:52 GMT
etag
W/"1198-VfMijfyb8o3TOVwBJ5bfOgp1jts"
server
Vercel
strict-transport-security
max-age=63072000
x-matched-path
/lt-nonjv
x-powered-by
Next.js
x-vercel-cache
MISS
x-vercel-id
fra1::iad1::fkqzj-1716410572281-0aaeeb016536

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
content-type
text/html; charset=utf-8
date
Wed, 22 May 2024 20:42:52 GMT
location
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
8fe5d8fa-6d97-4ee2-bead-b91f5d0716da
everflow.js
www.nb7trk.com/scripts/sdk/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nb7trk.com/scripts/sdk/everflow.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.11.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.11.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ed5a5aa535ebf59cae3c685299e22349b20cd3f8ec6a87761fd302c1113cf1cc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server
nginx
vary
Origin
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
47046bcf-5b4b-492f-bc22-dabcb41e6c6c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
8d068d5a076ed946.css
chat.turbotips.org/_next/static/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/css/8d068d5a076ed946.css
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
593700a278ac57b6c9bd51b5946cc481f9582e2656e0cb09cb46fa0374c1d844
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::tclbm-1716410572535-b083ef3ce19e
age
442200
x-matched-path
/_next/static/css/8d068d5a076ed946.css
etag
W/"036f4f5deb216d1e658f6e45a0827f81"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="8d068d5a076ed946.css"
index.js
static.yourembeddedform.com/latest/js/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yourembeddedform.com/latest/js/index.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-86.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7382df9df29f92acbcba400e5b716aab4a32ca870593c7761a70ca2bc317a3d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 20:54:25 GMT
content-encoding
br
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2024 20:36:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
85708
etag
W/"37abc3d754d2fbac7c553bc5f3e145d0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Se7ALKDYU-o4UHTvGD5jAd1H2cwPhI7G1B6fxYSx4QLrl-N_Zd0frw==
webpack-fd8a83e6bcbbb68a.js
chat.turbotips.org/_next/static/chunks/ 		1 KB
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/webpack-fd8a83e6bcbbb68a.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
49139654f81b5a639e7a6f9885e9d7434682d412d6a9d46124d09b274a5f33d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::mjk8z-1716410572766-41e5ebc4de4d
age
442199
x-matched-path
/_next/static/chunks/webpack-fd8a83e6bcbbb68a.js
etag
W/"098efc9cffddcbc8b74bb9c0e7cb6ec4"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="webpack-fd8a83e6bcbbb68a.js"
framework-a070cbfff3c750c5.js
chat.turbotips.org/_next/static/chunks/ 		127 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/framework-a070cbfff3c750c5.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
33dc89018fe5aed90ddd9f9615cba7412569abfad7d4995d81001e532aac79c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::mjk8z-1716410572849-050442d198ef
age
442199
x-matched-path
/_next/static/chunks/framework-a070cbfff3c750c5.js
etag
W/"973d9105a2c7da532673d98895682405"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="framework-a070cbfff3c750c5.js"
main-a7dd78faee55f8dd.js
chat.turbotips.org/_next/static/chunks/ 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/main-a7dd78faee55f8dd.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
75f290682e3c28494c1dd484ed305f4c8647ad4e496826a397587faa41fa6596
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::mjk8z-1716410572859-eab79131fdba
age
442199
x-matched-path
/_next/static/chunks/main-a7dd78faee55f8dd.js
etag
W/"5b9f7b20252b1ad1483197a73426a9e8"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="main-a7dd78faee55f8dd.js"
_app-26048a841d285cc5.js
chat.turbotips.org/_next/static/chunks/pages/ 		1 KB
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/pages/_app-26048a841d285cc5.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
95bbe0205c7ef9e029ec63f965b1ed8cadf9026f51913dfbbe634b03f4dda4e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::wrcsl-1716410572859-9bb6560d4524
age
442199
x-matched-path
/_next/static/chunks/pages/_app-26048a841d285cc5.js
etag
W/"72570b28d3e93d58f3187b2e3afd3347"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_app-26048a841d285cc5.js"
3996-e8f8015ef7444285.js
chat.turbotips.org/_next/static/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/3996-e8f8015ef7444285.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f67832c19b0733f2d5592f70027b7051e434bf4307391ee7b0aefc4cd7718f5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::hw75t-1716410572859-4fd4c721b883
age
442199
x-matched-path
/_next/static/chunks/3996-e8f8015ef7444285.js
etag
W/"8295105f044491edbad8d2f72a020c4f"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="3996-e8f8015ef7444285.js"
9669-52871dfc880105f3.js
chat.turbotips.org/_next/static/chunks/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/9669-52871dfc880105f3.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2cc8946980319a106e839aeb3463c563fec761cd1322f838bac63a7e8368cc24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::972gn-1716410572859-bbed37592590
age
442199
x-matched-path
/_next/static/chunks/9669-52871dfc880105f3.js
etag
W/"e1b121d8bd3a450e32520f9b0499a238"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="9669-52871dfc880105f3.js"
lt-nonjv-681d563b430d6440.js
chat.turbotips.org/_next/static/chunks/pages/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/pages/lt-nonjv-681d563b430d6440.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
716746f83a1cccec3f21eb88b80d38a161f3894a767e68d1e2a9a16bc7403209
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::l4pjl-1716410572859-7f5c505a7ef6
age
441767
x-matched-path
/_next/static/chunks/pages/lt-nonjv-681d563b430d6440.js
etag
W/"c6b11dbaaecad50d5902abb5ca2bf1c7"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="lt-nonjv-681d563b430d6440.js"
_buildManifest.js
chat.turbotips.org/_next/static/SWFGQg60LYkNiG1xNwK1D/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/SWFGQg60LYkNiG1xNwK1D/_buildManifest.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
228f9c3b62215a720bbadc95c1ebf00ef6a574640bd75c3cf1880aac5155cd90
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::274wt-1716410572859-b5a8e7173a06
age
442198
x-matched-path
/_next/static/SWFGQg60LYkNiG1xNwK1D/_buildManifest.js
etag
W/"d428be36073860f4203857d26f6ff312"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_buildManifest.js"
_ssgManifest.js
chat.turbotips.org/_next/static/SWFGQg60LYkNiG1xNwK1D/ 		77 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/SWFGQg60LYkNiG1xNwK1D/_ssgManifest.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:52 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::np9xb-1716410572859-68310523d75c
age
442198
x-matched-path
/_next/static/SWFGQg60LYkNiG1xNwK1D/_ssgManifest.js
etag
"b6652df95db52feb4daf4eca35380933"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_ssgManifest.js"
accept-ranges
bytes
content-length
77
css2
fonts.googleapis.com/ 		28 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/_next/static/css/8d068d5a076ed946.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 May 2024 20:26:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 May 2024 20:42:52 GMT
css2
fonts.googleapis.com/ 		3 KB
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bungee&family=Racing+Sans+One&family=Squada+One&family=Staatliches&display=swap
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/_next/static/css/8d068d5a076ed946.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96aec35aff35b345a3dd9d2572631ca6e434303547602acf496213a7617406f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 May 2024 20:42:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 May 2024 20:42:52 GMT
css2
fonts.googleapis.com/ 		417 B
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fugaz+One&display=swap
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/_next/static/css/8d068d5a076ed946.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
480b71f657ad483c3e3c63d31202b0990ac415f9879fdef06f97480ec87b2261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 May 2024 20:24:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 May 2024 20:42:52 GMT
css2
fonts.googleapis.com/ 		32 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/_next/static/css/8d068d5a076ed946.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 May 2024 20:20:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 May 2024 20:42:52 GMT
css2
fonts.googleapis.com/ 		14 KB
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/_next/static/css/8d068d5a076ed946.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 May 2024 20:42:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 May 2024 20:35:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 May 2024 20:42:52 GMT
chatBotSmsDob.css
static.yourembeddedform.com/1.3.1/css/ 		232 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.yourembeddedform.com/1.3.1/css/chatBotSmsDob.css
Requested by
Host: static.yourembeddedform.com
URL: https://static.yourembeddedform.com/latest/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-86.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76f906845274baa938b418fecb2c72fd31f3674c93e149cb3269ebeba4a3fd4d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 20:54:26 GMT
content-encoding
br
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2024 20:36:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
85708
etag
W/"9a2234166aeddddd6a431bc04625deda"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
zmdIQSHRdqeRWTG9bzHcd__U5ffQNqNJdRGhX8NINHJDlaG1AEp7EQ==
chatBotSmsDob.js
static.yourembeddedform.com/1.3.1/js/ 		1 MB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yourembeddedform.com/1.3.1/js/chatBotSmsDob.js
Requested by
Host: static.yourembeddedform.com
URL: https://static.yourembeddedform.com/latest/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-86.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31d0388595487f8f88973778446eada88eb72d4ed4c3ac2c8178903b6a453a77

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:39:58 GMT
content-encoding
br
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2024 20:36:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
176
x-amz-server-side-encryption
AES256
etag
W/"b6ec6bb0f4d55110f622b9ab0f7c9ae4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
YmGNmTeojncNZ1Hk5NaRNSPDUi_Fy-qNWjQ5B-fmh7N0olOQlQgeWA==
rax_HiWKp9EAITukFsl8Axhf.woff2
fonts.gstatic.com/s/fugazone/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fugazone/v19/rax_HiWKp9EAITukFsl8Axhf.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fugaz+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79e8fb1228cec14f8ec640bfe4a41d30f1ef0f5ed919ae81b8018e54e0296a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://chat.turbotips.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:22:20 GMT
x-content-type-options
nosniff
age
109236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11032
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:29:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 14:22:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://chat.turbotips.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:19:23 GMT
x-content-type-options
nosniff
age
109413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 14:19:23 GMT
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i&display=swap
Requested by
Host: static.yourembeddedform.com
URL: https://static.yourembeddedform.com/1.3.1/css/chatBotSmsDob.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59e336f38655a792692fef039a6c0b97091c87ae720d223929e2fdde2f1df18c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://static.yourembeddedform.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 May 2024 20:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 May 2024 20:42:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 May 2024 20:42:55 GMT
privacy-policy-5aa36a4f519cd528.js
chat.turbotips.org/_next/static/chunks/pages/core/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/pages/core/privacy-policy-5aa36a4f519cd528.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/_next/static/chunks/main-a7dd78faee55f8dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:55 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::wxqck-1716410575929-0b2dac618afe
age
440958
x-matched-path
/_next/static/chunks/pages/core/privacy-policy-5aa36a4f519cd528.js
etag
W/"01f70e7274ebf9f948ff4b71641d3d38"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="privacy-policy-5aa36a4f519cd528.js"
terms-of-service-2fc011b4090e69a3.js
chat.turbotips.org/_next/static/chunks/pages/core/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/pages/core/terms-of-service-2fc011b4090e69a3.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/_next/static/chunks/main-a7dd78faee55f8dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:55 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::4zfr4-1716410575933-06d76e1af0ec
age
440958
x-matched-path
/_next/static/chunks/pages/core/terms-of-service-2fc011b4090e69a3.js
etag
W/"ffc868c8489473eb1d2022686af924b1"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="terms-of-service-2fc011b4090e69a3.js"
sms-terms-f56b3ccbb4c1fb0a.js
chat.turbotips.org/_next/static/chunks/pages/core/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/pages/core/sms-terms-f56b3ccbb4c1fb0a.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/_next/static/chunks/main-a7dd78faee55f8dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:55 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::mjk8z-1716410575931-d4bb504af985
age
440958
x-matched-path
/_next/static/chunks/pages/core/sms-terms-f56b3ccbb4c1fb0a.js
etag
W/"247595213efe9951f05b95d5c4fbaff7"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="sms-terms-f56b3ccbb4c1fb0a.js"
privacy-policy-5aa36a4f519cd528.js
chat.turbotips.org/_next/static/chunks/pages/core/ 		49 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/pages/core/privacy-policy-5aa36a4f519cd528.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/_next/static/chunks/main-a7dd78faee55f8dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
46051585017b5a1e2882adeb50d93cc91cc3049007c4876f08111937874ed33d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:55 GMT
content-encoding
br
server
Vercel
x-vercel-id
fra1::wxqck-1716410575929-0b2dac618afe
age
440958
x-matched-path
/_next/static/chunks/pages/core/privacy-policy-5aa36a4f519cd528.js
etag
W/"01f70e7274ebf9f948ff4b71641d3d38"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="privacy-policy-5aa36a4f519cd528.js"
sms-terms-f56b3ccbb4c1fb0a.js
chat.turbotips.org/_next/static/chunks/pages/core/ 		57 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/pages/core/sms-terms-f56b3ccbb4c1fb0a.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/_next/static/chunks/main-a7dd78faee55f8dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
08671b813dccbe0c6d39bd0dc3aff9370de4beeb4e18b9e376cc61c848c13514

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:55 GMT
content-encoding
br
server
Vercel
x-vercel-id
fra1::mjk8z-1716410575931-d4bb504af985
age
440958
x-matched-path
/_next/static/chunks/pages/core/sms-terms-f56b3ccbb4c1fb0a.js
etag
W/"247595213efe9951f05b95d5c4fbaff7"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="sms-terms-f56b3ccbb4c1fb0a.js"
terms-of-service-2fc011b4090e69a3.js
chat.turbotips.org/_next/static/chunks/pages/core/ 		52 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/_next/static/chunks/pages/core/terms-of-service-2fc011b4090e69a3.js
Requested by
Host: chat.turbotips.org
URL: https://chat.turbotips.org/_next/static/chunks/main-a7dd78faee55f8dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
cd33de422eae76a42b7641879e9c9dde45219b4a724999f1d67d28942a8f4441

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:55 GMT
content-encoding
br
server
Vercel
x-vercel-id
fra1::4zfr4-1716410575933-06d76e1af0ec
age
440958
x-matched-path
/_next/static/chunks/pages/core/terms-of-service-2fc011b4090e69a3.js
etag
W/"ffc868c8489473eb1d2022686af924b1"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="terms-of-service-2fc011b4090e69a3.js"
register
yourembeddedform.com/api/embedded/ 		429 B
1014 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/embedded/register
Requested by
Host: static.yourembeddedform.com
URL: https://static.yourembeddedform.com/1.3.1/js/chatBotSmsDob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
0dc4d0444d65694001be67c2e30a7b00e0fd5374265ff1db4e58777ae7ff559c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://chat.turbotips.org/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:57 GMT
referrer-policy
strict-origin
x-content-type-options
nosniff
server
nginx
x-powered-by
Express
etag
W/"1ad-RhzxSmy5DebrFRAxWNh5cv6Ore8"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chat.turbotips.org
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
content-length
429
x-xss-protection
1; mode=block
x-served-by
My Servlet Handler
register
yourembeddedform.com/api/embedded/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/embedded/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://chat.turbotips.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://chat.turbotips.org
content-length
0
date
Wed, 22 May 2024 20:42:56 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin
server
nginx
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-served-by
My Servlet Handler
x-xss-protection
1; mode=block
favicon.ico
chat.turbotips.org/favicons/shield/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://chat.turbotips.org/favicons/shield/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f308b0e438487b67eb204476488e6c2a8696bb5c237ca07fa1b59ff44163a2c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chat.turbotips.org/lt-nonjv?phone=%7B%7Bphone%7D%7D&subacc=1621&s1=2bb942db70094e69906b6bd9aea5f5bc&s2=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:56 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::hdrj8-1716410576393-29427bc2a5fe
age
442200
x-matched-path
/favicons/shield/favicon.ico
etag
W/"f18e8d30b1151994cca1c8f954f1cb56"
x-vercel-cache
HIT
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="favicon.ico"
/
yourembeddedform.com/api/click/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,csrf-token
Access-Control-Request-Method
POST
Origin
https://chat.turbotips.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,csrf-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://chat.turbotips.org
content-length
0
date
Wed, 22 May 2024 20:42:57 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin
server
nginx
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-served-by
My Servlet Handler
x-xss-protection
1; mode=block
/
yourembeddedform.com/api/action/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/action/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,csrf-token
Access-Control-Request-Method
POST
Origin
https://chat.turbotips.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,csrf-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://chat.turbotips.org
content-length
0
date
Wed, 22 May 2024 20:42:57 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin
server
nginx
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-served-by
My Servlet Handler
x-xss-protection
1; mode=block
/
yourembeddedform.com/api/click/ 		122 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/click/
Requested by
Host: static.yourembeddedform.com
URL: https://static.yourembeddedform.com/1.3.1/js/chatBotSmsDob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
534c7612e68743061fd7c69d00e5e079a4654c20b60e800fe782874babefddcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
csrf-token
1a8f32f348f63774af2642f144e8565d:44b1828c256608861cb3b736a2ae44742192d2c250b1e5055d3d8c987fb5deb74ba04e5f568a20297f29e0293a956a2aaa5411e9c1a0350e05b2cbd52334bf6e1c4f5ebc10902eebe8beeb67d60fe6f5865bed28d39609b1ca0e4bb751db958283174c56a8fbe737c7b2f8f8811814fb21f9460bd55006afa82693f8732dc587e1c603162ca6742564db66a790a2b9abe8f1fe6ba25a86da53f5705d015a256a
Referer
https://chat.turbotips.org/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:58 GMT
referrer-policy
strict-origin
x-content-type-options
nosniff
server
nginx
x-powered-by
Express
etag
W/"7a-4JSYfkoyRDMWG45hDQvdkGbWumo"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chat.turbotips.org
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
content-length
122
x-xss-protection
1; mode=block
x-served-by
My Servlet Handler
/
yourembeddedform.com/api/action/ 		4 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/action/
Requested by
Host: static.yourembeddedform.com
URL: https://static.yourembeddedform.com/1.3.1/js/chatBotSmsDob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
csrf-token
1a8f32f348f63774af2642f144e8565d:44b1828c256608861cb3b736a2ae44742192d2c250b1e5055d3d8c987fb5deb74ba04e5f568a20297f29e0293a956a2aaa5411e9c1a0350e05b2cbd52334bf6e1c4f5ebc10902eebe8beeb67d60fe6f5865bed28d39609b1ca0e4bb751db958283174c56a8fbe737c7b2f8f8811814fb21f9460bd55006afa82693f8732dc587e1c603162ca6742564db66a790a2b9abe8f1fe6ba25a86da53f5705d015a256a
Referer
https://chat.turbotips.org/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:57 GMT
referrer-policy
strict-origin
x-content-type-options
nosniff
server
nginx
x-powered-by
Express
etag
W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chat.turbotips.org
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
content-length
4
x-xss-protection
1; mode=block
x-served-by
My Servlet Handler
check-site
yourembeddedform.com/api/ 		17 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/check-site
Requested by
Host: static.yourembeddedform.com
URL: https://static.yourembeddedform.com/1.3.1/js/chatBotSmsDob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
d86df284a64828cfa71fea050c3f3aaa00ccdaf13e071e1263c024268ec43872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
csrf-token
1a8f32f348f63774af2642f144e8565d:44b1828c256608861cb3b736a2ae44742192d2c250b1e5055d3d8c987fb5deb74ba04e5f568a20297f29e0293a956a2aaa5411e9c1a0350e05b2cbd52334bf6e1c4f5ebc10902eebe8beeb67d60fe6f5865bed28d39609b1ca0e4bb751db958283174c56a8fbe737c7b2f8f8811814fb21f9460bd55006afa82693f8732dc587e1c603162ca6742564db66a790a2b9abe8f1fe6ba25a86da53f5705d015a256a
Referer
https://chat.turbotips.org/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:58 GMT
referrer-policy
strict-origin
x-content-type-options
nosniff
server
nginx
x-powered-by
Express
etag
W/"11-PCh8S7PN2iF9/4VRmOcMW4yWzy0"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chat.turbotips.org
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
content-length
17
x-xss-protection
1; mode=block
x-served-by
My Servlet Handler
check-site
yourembeddedform.com/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/check-site
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,csrf-token
Access-Control-Request-Method
POST
Origin
https://chat.turbotips.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,csrf-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://chat.turbotips.org
content-length
0
date
Wed, 22 May 2024 20:42:57 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin
server
nginx
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-served-by
My Servlet Handler
x-xss-protection
1; mode=block
lookup-agent
yourembeddedform.com/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/lookup-agent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,csrf-token
Access-Control-Request-Method
POST
Origin
https://chat.turbotips.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,csrf-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://chat.turbotips.org
content-length
0
date
Wed, 22 May 2024 20:42:57 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin
server
nginx
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-served-by
My Servlet Handler
x-xss-protection
1; mode=block
lookup-agent
yourembeddedform.com/api/ 		17 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/lookup-agent
Requested by
Host: static.yourembeddedform.com
URL: https://static.yourembeddedform.com/1.3.1/js/chatBotSmsDob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
csrf-token
1a8f32f348f63774af2642f144e8565d:44b1828c256608861cb3b736a2ae44742192d2c250b1e5055d3d8c987fb5deb74ba04e5f568a20297f29e0293a956a2aaa5411e9c1a0350e05b2cbd52334bf6e1c4f5ebc10902eebe8beeb67d60fe6f5865bed28d39609b1ca0e4bb751db958283174c56a8fbe737c7b2f8f8811814fb21f9460bd55006afa82693f8732dc587e1c603162ca6742564db66a790a2b9abe8f1fe6ba25a86da53f5705d015a256a
Referer
https://chat.turbotips.org/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:58 GMT
referrer-policy
strict-origin
x-content-type-options
nosniff
server
nginx
x-powered-by
Express
etag
W/"11-UIVUdQWNarX1D9mk06okyEMbpS8"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chat.turbotips.org
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
content-length
17
x-xss-protection
1; mode=block
x-served-by
My Servlet Handler
lookup-agent
yourembeddedform.com/api/ 		17 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/lookup-agent
Requested by
Host: static.yourembeddedform.com
URL: https://static.yourembeddedform.com/1.3.1/js/chatBotSmsDob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
csrf-token
1a8f32f348f63774af2642f144e8565d:44b1828c256608861cb3b736a2ae44742192d2c250b1e5055d3d8c987fb5deb74ba04e5f568a20297f29e0293a956a2aaa5411e9c1a0350e05b2cbd52334bf6e1c4f5ebc10902eebe8beeb67d60fe6f5865bed28d39609b1ca0e4bb751db958283174c56a8fbe737c7b2f8f8811814fb21f9460bd55006afa82693f8732dc587e1c603162ca6742564db66a790a2b9abe8f1fe6ba25a86da53f5705d015a256a
Referer
https://chat.turbotips.org/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:42:58 GMT
referrer-policy
strict-origin
x-content-type-options
nosniff
server
nginx
x-powered-by
Express
etag
W/"11-UIVUdQWNarX1D9mk06okyEMbpS8"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chat.turbotips.org
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
content-length
17
x-xss-protection
1; mode=block
x-served-by
My Servlet Handler
lookup-agent
yourembeddedform.com/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yourembeddedform.com/api/lookup-agent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.219.103.223 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-103-223.us-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,csrf-token
Access-Control-Request-Method
POST
Origin
https://chat.turbotips.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,csrf-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://chat.turbotips.org
content-length
0
date
Wed, 22 May 2024 20:42:57 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin
server
nginx
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-served-by
My Servlet Handler
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getParam object| EF object| EmbeddedForm object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __MIDDLEWARE_MANIFEST object| __BUILD_MANIFEST object| __SSG_MANIFEST function| _ function| Cleave object| dataLayer

4 Cookies

Domain/Path Name / Value
go.turbotips.org/ Name: XSRF-TOKEN
Value: eyJpdiI6Im02anYzeFAzK1Z3a0FtaXE2aW1rb2c9PSIsInZhbHVlIjoiMS9KNS9UN3FDRGRpeFZEeE42eHBITzJlZlZaWERYR1ROOWZraWFxNjdIMFpucmh2SXRHclMwQmJFZElkYWJGelQwVCtLN25SUkdTOFNjZERFS3ROaEE2MzhON0ZsakZEVjFJWmlnODBsZ3VsM2hvMzFQNFpDYWQvMnJLYXY2a24iLCJtYWMiOiJhZWM3NTA1NjM3NWIyOGRlMDk0ZTIxNTAxZjQxZmY3NGRkNzhkZjg4ZjRhZWE1MzlmYzQ3ZDYxYjE2MTZhMWMwIiwidGFnIjoiIn0%3D
go.turbotips.org/ Name: flow_session
Value: eyJpdiI6IjFMYzdQMVVCYTMrNHY2ZDQ2RzRqSEE9PSIsInZhbHVlIjoiNVUvSk9ybi8vVXZ6bW9CL2RxNFZVblhZa0FxRHpyYXBJOUptcmt5dHJlUUdYYmFQdnR4THdCaXg2dzJEZ3dyRmFXZHUxNVVsaHlKd1Ewc1lPa05QSUtkZThwbDZud3VYMW16T1NJUUpldkNndndYQ09DMHBqMW9WNEZXblpFN0QiLCJtYWMiOiJiZjNjMWI4ZGVmYjZiMTExZGU3M2QxMWZmNDVjNzU2NjA1YmJiMWE0MmRlOGIzZDQ2ZDI5ODAyZjJjYjExOTUxIiwidGFnIjoiIn0%3D
www.loadingaccount.com/ Name: uniqueClick_2J55K97
Value: 4e7d2b60-b7d6-4cb5-8b28-7b00f88d3300:1716410572
www.loadingaccount.com/ Name: transaction_id
Value: 2bb942db70094e69906b6bd9aea5f5bc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chat.turbotips.org
fonts.googleapis.com
fonts.gstatic.com
go.turbotips.org
static.yourembeddedform.com
www.loadingaccount.com
www.nb7trk.com
yourembeddedform.com
18.172.112.86
2a00:1450:4001:800::200a
2a00:1450:4001:82a::2003
34.120.11.64
5.161.62.108
54.219.103.223
76.76.21.241
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
08671b813dccbe0c6d39bd0dc3aff9370de4beeb4e18b9e376cc61c848c13514
0dc4d0444d65694001be67c2e30a7b00e0fd5374265ff1db4e58777ae7ff559c
228f9c3b62215a720bbadc95c1ebf00ef6a574640bd75c3cf1880aac5155cd90
2cc8946980319a106e839aeb3463c563fec761cd1322f838bac63a7e8368cc24
31d0388595487f8f88973778446eada88eb72d4ed4c3ac2c8178903b6a453a77
33dc89018fe5aed90ddd9f9615cba7412569abfad7d4995d81001e532aac79c9
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
46051585017b5a1e2882adeb50d93cc91cc3049007c4876f08111937874ed33d
480b71f657ad483c3e3c63d31202b0990ac415f9879fdef06f97480ec87b2261
49139654f81b5a639e7a6f9885e9d7434682d412d6a9d46124d09b274a5f33d9
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
534c7612e68743061fd7c69d00e5e079a4654c20b60e800fe782874babefddcb
593700a278ac57b6c9bd51b5946cc481f9582e2656e0cb09cb46fa0374c1d844
59e336f38655a792692fef039a6c0b97091c87ae720d223929e2fdde2f1df18c
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
716746f83a1cccec3f21eb88b80d38a161f3894a767e68d1e2a9a16bc7403209
75f290682e3c28494c1dd484ed305f4c8647ad4e496826a397587faa41fa6596
76f906845274baa938b418fecb2c72fd31f3674c93e149cb3269ebeba4a3fd4d
79e8fb1228cec14f8ec640bfe4a41d30f1ef0f5ed919ae81b8018e54e0296a63
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
95bbe0205c7ef9e029ec63f965b1ed8cadf9026f51913dfbbe634b03f4dda4e1
96aec35aff35b345a3dd9d2572631ca6e434303547602acf496213a7617406f5
a34a4be0878cd3e8fe2606695c6b3511e1415620a543b59bf6b3ffe5819e92df
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
cd33de422eae76a42b7641879e9c9dde45219b4a724999f1d67d28942a8f4441
d86df284a64828cfa71fea050c3f3aaa00ccdaf13e071e1263c024268ec43872
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7382df9df29f92acbcba400e5b716aab4a32ca870593c7761a70ca2bc317a3d
ed5a5aa535ebf59cae3c685299e22349b20cd3f8ec6a87761fd302c1113cf1cc
f308b0e438487b67eb204476488e6c2a8696bb5c237ca07fa1b59ff44163a2c8
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67832c19b0733f2d5592f70027b7051e434bf4307391ee7b0aefc4cd7718f5b