lumpsumrefunds.com Open in urlscan Pro
2600:9000:280a:6000:10:1837:2b40:93a1  Public Scan

Submitted URL: http://lumpsumrefunds.com/
Effective URL: https://lumpsumrefunds.com/
Submission: On December 17 via api from NL — Scanned from CA

Summary

This website contacted 31 IPs in 2 countries across 21 domains to perform 129 HTTP transactions. The main IP is 2600:9000:280a:6000:10:1837:2b40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is lumpsumrefunds.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 5th 2024. Valid for: a year.
This is the only time lumpsumrefunds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 2600:9000:280... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
5 74.125.192.104 15169 (GOOGLE)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
2 157.240.229.1 32934 (FACEBOOK)
2 2a04:4e42:400... 54113 (FASTLY)
6 151.101.65.44 54113 (FASTLY)
12 23.205.107.91 20940 (AKAMAI-AS...)
4 184.29.129.105 16625 (AKAMAI-AS)
1 146.75.80.157 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
4 142.250.31.156 15169 (GOOGLE)
5 142.251.179.94 15169 (GOOGLE)
1 151.101.1.140 54113 (FASTLY)
1 151.101.129.140 54113 (FASTLY)
2 151.101.193.44 54113 (FASTLY)
4 64.202.112.95 23352 (SERVERCEN...)
1 172.66.0.227 13335 (CLOUDFLAR...)
1 104.244.42.3 13414 (TWITTER)
1 2607:f8b0:400... 15169 (GOOGLE)
6 157.240.229.35 32934 (FACEBOOK)
6 74.125.192.94 15169 (GOOGLE)
7 4.153.129.168 8075 (MICROSOFT...)
2 18.134.235.212 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-A...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 3.171.100.64 16509 (AMAZON-02)
12 141.226.224.48 200478 (TABOOLA-A...)
129 31
Apex Domain
Subdomains
Transfer
26 lumpsumrefunds.com
lumpsumrefunds.com
926 KB
21 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 934
psb.taboola.com — Cisco Umbrella Rank: 6026
trc.taboola.com — Cisco Umbrella Rank: 763
pips.taboola.com — Cisco Umbrella Rank: 1948
cds.taboola.com — Cisco Umbrella Rank: 1786
trc-events.taboola.com — Cisco Umbrella Rank: 2914
40 KB
12 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 799
242 KB
11 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
b.clarity.ms — Cisco Umbrella Rank: 8098
c.clarity.ms — Cisco Umbrella Rank: 1269
32 KB
10 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
9 KB
8 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3405
wave.outbrain.com — Cisco Umbrella Rank: 4277
tr.outbrain.com — Cisco Umbrella Rank: 3357
13 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 142
256 B
6 gstatic.com
fonts.gstatic.com
46 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
631 B
5 google.ca
www.google.ca — Cisco Umbrella Rank: 11557
319 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
243 KB
2 leadfinery.com
app.leadfinery.com
486 B
2 adtopiaglobal.com
api.adtopiaglobal.com
362 B
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2010
alb.reddit.com — Cisco Umbrella Rank: 1418
761 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1095
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
78 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
775 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 991
723 B
1 t.co
t.co — Cisco Umbrella Rank: 904
627 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1016
16 KB
129 21
Domain Requested by
26 lumpsumrefunds.com lumpsumrefunds.com
12 trc-events.taboola.com lumpsumrefunds.com
12 analytics.tiktok.com lumpsumrefunds.com
analytics.tiktok.com
7 b.clarity.ms lumpsumrefunds.com
www.clarity.ms
6 fonts.gstatic.com fonts.googleapis.com
6 www.facebook.com lumpsumrefunds.com
5 www.google.ca lumpsumrefunds.com
5 td.doubleclick.net www.googletagmanager.com
5 www.google.com www.googletagmanager.com
lumpsumrefunds.com
4 tr.outbrain.com amplify.outbrain.com
lumpsumrefunds.com
4 googleads.g.doubleclick.net www.googletagmanager.com
3 trc.taboola.com cdn.taboola.com
3 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
3 www.googletagmanager.com lumpsumrefunds.com
www.googletagmanager.com
2 app.leadfinery.com lumpsumrefunds.com
2 c.clarity.ms 1 redirects
2 api.adtopiaglobal.com lumpsumrefunds.com
2 wave.outbrain.com amplify.outbrain.com
2 analytics.google.com www.googletagmanager.com
lumpsumrefunds.com
2 amplify.outbrain.com lumpsumrefunds.com
amplify.outbrain.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
1 c.bing.com 1 redirects
1 cds.taboola.com lumpsumrefunds.com
1 pips.taboola.com lumpsumrefunds.com
1 fonts.googleapis.com lumpsumrefunds.com
1 analytics.twitter.com lumpsumrefunds.com
1 t.co lumpsumrefunds.com
1 psb.taboola.com cdn.taboola.com
1 alb.reddit.com lumpsumrefunds.com
1 pixel-config.reddit.com www.redditstatic.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.ads-twitter.com lumpsumrefunds.com
129 34

This site contains links to these domains. Also see Links.

Domain
uk.trustpilot.com
www.fca.org.uk
forms.myclaimgroup.co.uk
myclaimgroup.co.uk
Subject Issuer Validity Valid
*.thepcpguys.co.uk
Amazon RSA 2048 M03
2024-12-05 -
2026-01-03
a year crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-25 -
2024-12-24
3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-06 -
2025-04-03
6 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-12-01 -
2025-12-31
a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1
2024-07-15 -
2025-07-15
a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2024-12-09 -
2025-12-09
a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
*.g.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google.ca
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2024-10-13 -
2025-04-11
6 months crt.sh
t.co
E6
2024-11-26 -
2025-02-24
3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-07 -
2025-10-06
a year crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
*.api.adtopiaglobal.com
Amazon RSA 2048 M03
2024-08-14 -
2025-09-13
a year crt.sh
*.leadfinery.com
Amazon RSA 2048 M03
2024-05-14 -
2025-06-12
a year crt.sh

This page contains 7 frames:

Primary Page: https://lumpsumrefunds.com/
Frame ID: A30CE2C24470B1ED87A0EA4DF65F0018
Requests: 122 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Flumpsumrefunds.com
Frame ID: 419C346E8DD3EEA5D0C09757BB068F5B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-GTHXSQWF03&gacid=1109331462.1734452050&gtm=45je4cc1v884573084z8847680788za200zb847680788&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1258427727
Frame ID: C20CAAFCF87222953D9673E6185E9B99
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/860467598?random=1734452050195&cv=11&fst=1734452050195&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 9D9B7847E04F6D8EB84A10EED4DE9293
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16725088236?random=1734452050212&cv=11&fst=1734452050212&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 9FD8350219C9DBCDA8E0F4975FA29D37
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16753731413?random=1734452050218&cv=11&fst=1734452050218&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 3C29D468763561213CF8FD8950AACE6F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16721496866?random=1734452050224&cv=11&fst=1734452050224&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 4B8677404E73FE37E891C0345676B8D2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

My Claims Group | findcarfinance.online

Page URL History Show full URLs

  1. http://lumpsumrefunds.com/ HTTP 307
    https://lumpsumrefunds.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

129
Requests

98 %
HTTPS

29 %
IPv6

21
Domains

34
Subdomains

31
IPs

2
Countries

1664 kB
Transfer

4722 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lumpsumrefunds.com/ HTTP 307
    https://lumpsumrefunds.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7E7564916BB94FC992A74FC6DE280A35&RedC=c.clarity.ms&MXFR=3888561932B7659701A3434136B76B60 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7E7564916BB94FC992A74FC6DE280A35&MUID=24BC0BD3D72D64D72D691E8BD6FB65F7

129 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lumpsumrefunds.com/
Redirect Chain
  • http://lumpsumrefunds.com/
  • https://lumpsumrefunds.com/
7 KB
3 KB
Document
General
Full URL
https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9525c98509d54b644a4aa7d6c11fc1377fbd971d9d8a97aa1c5bf9a2902e146

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
date
Tue, 17 Dec 2024 16:14:10 GMT
etag
W/"1910dcc3b10bf60a6a70f71f6b80a53b"
last-modified
Mon, 16 Dec 2024 18:57:16 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
x-amz-cf-id
8J9DIRgZLunrciCvdgBezH4hlkkgy4aY4gUPwE_LJUhmMYeD1SynQg==
x-amz-cf-pop
LAX54-P2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:09b75c9d-5e3b-4432-9386-99b7cf287284
x-amz-meta-codebuild-content-md5
d898ae0bbf3c17bbd125f701917ae113
x-amz-meta-codebuild-content-sha256
c2f369a88785585f71fb513c6b9e9bd49309033839d7695da67b48fb4141a21d
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront

Redirect headers

Location
https://lumpsumrefunds.com/
Non-Authoritative-Reason
HttpsUpgrades
19.0b7f02c2.chunk.css
lumpsumrefunds.com/static/css/
227 KB
33 KB
Stylesheet
General
Full URL
https://lumpsumrefunds.com/static/css/19.0b7f02c2.chunk.css
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf6427d0300d30c668907521399e01b393a3e2cb08646c61b658807261d23ddc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

x-amz-server-side-encryption
AES256
x-amz-cf-pop
LAX54-P2
vary
accept-encoding
content-encoding
br
x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
W/"ebcd29d374d4fc30079b303ee6f7a5d9"
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
XakhOICFCNZkHLHetBoc1zOyYlZF4RhyZo6wXW8xhM1ZNC_3_j-y8Q==
date
Tue, 17 Dec 2024 16:14:10 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
content-type
text/css
server
AmazonS3
last-modified
Thu, 12 Dec 2024 20:48:06 GMT
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
main.a60e467d.chunk.css
lumpsumrefunds.com/static/css/
246 KB
38 KB
Stylesheet
General
Full URL
https://lumpsumrefunds.com/static/css/main.a60e467d.chunk.css
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23bda3245683efabea34f31c1bbe6ebde7df6934a0ac8f9735719547229e3a59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

x-amz-server-side-encryption
AES256
x-amz-cf-pop
LAX54-P2
vary
accept-encoding
content-encoding
br
x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
W/"1264767c1859136b739d15ebc4bcc7a3"
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
XNxdb4roQjgzIA09CvzC-3aN4RFSfLIuLMNzUjeZDsRhiE_iFBLZXg==
date
Tue, 17 Dec 2024 16:14:11 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
content-type
text/css
server
AmazonS3
last-modified
Thu, 12 Dec 2024 20:48:06 GMT
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
flickity.pkgd.js
lumpsumrefunds.com/js/
82 KB
18 KB
Script
General
Full URL
https://lumpsumrefunds.com/js/flickity.pkgd.js
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc49afd02cc764f790ab4473b409a1ded3c556ee50225613087ffe40d16745e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

x-amz-server-side-encryption
AES256
x-amz-cf-pop
LAX54-P2
vary
accept-encoding
content-encoding
br
x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
W/"3cea934fc529305a6a312a4d60520b9c"
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
KL7JrFGOBZe1H5yLDrTyQgFduOjbFdzWcz_bhdnCeyUCFYonpRmV7w==
date
Tue, 17 Dec 2024 16:14:11 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
content-type
application/x-javascript
server
AmazonS3
last-modified
Thu, 12 Dec 2024 20:48:10 GMT
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
19.e94e594d.chunk.js
lumpsumrefunds.com/static/js/
342 KB
108 KB
Script
General
Full URL
https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
203a4243eefda480b009db7f713b1d26fe1153740913bd227a42eeeae29ccb68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

x-amz-server-side-encryption
AES256
x-amz-cf-pop
LAX54-P2
vary
accept-encoding
content-encoding
br
x-amz-meta-codebuild-content-md5
d898ae0bbf3c17bbd125f701917ae113
etag
W/"1d29e5ec0b334e78d5a24128709c73a3"
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
eiHYtsoLuJ1IjpEFjiJTzAsaNECZ0aI7B1d65teES_sxrUAbSCS5RA==
date
Tue, 17 Dec 2024 16:14:10 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:09b75c9d-5e3b-4432-9386-99b7cf287284
content-type
application/x-javascript
server
AmazonS3
last-modified
Mon, 16 Dec 2024 18:57:18 GMT
x-amz-meta-codebuild-content-sha256
c2f369a88785585f71fb513c6b9e9bd49309033839d7695da67b48fb4141a21d
main.1f91f0fc.chunk.js
lumpsumrefunds.com/static/js/
26 KB
6 KB
Script
General
Full URL
https://lumpsumrefunds.com/static/js/main.1f91f0fc.chunk.js
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d19369f940c964544d1d9f0e5b3db573fd60327c859cf3191112d294c46c24ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

x-amz-server-side-encryption
AES256
x-amz-cf-pop
LAX54-P2
vary
accept-encoding
content-encoding
br
x-amz-meta-codebuild-content-md5
d898ae0bbf3c17bbd125f701917ae113
etag
W/"c5fe8889e46ac375ae86370889b159dc"
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
xWPPDvfliIk-XV2q3QkvBcsMNypveo6G-2zmNXC-T9KfRaPlpnRNGQ==
date
Tue, 17 Dec 2024 16:14:10 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:09b75c9d-5e3b-4432-9386-99b7cf287284
content-type
application/x-javascript
server
AmazonS3
last-modified
Mon, 16 Dec 2024 18:57:12 GMT
x-amz-meta-codebuild-content-sha256
c2f369a88785585f71fb513c6b9e9bd49309033839d7695da67b48fb4141a21d
gtm.js
www.googletagmanager.com/
330 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NMZ6X7L
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d492781beeafe263fa1fbf654ed9ded43af6cf03333880afe8d85dd4710e27e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 17 Dec 2024 16:14:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 16:14:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 17 Dec 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110101
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Flumpsumrefunds.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1459755258.1734452050&auid=741122906.1734452050&navt=n&npa=0&gtm=45He4cc1v847680788za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734452049986&tfd=1183&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMZ6X7L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

js
www.googletagmanager.com/gtag/
425 KB
134 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMZ6X7L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bcd40ce85506f5e5c538837b52c2d92d29ae7a559b2d896fbb4997486563c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 17 Dec 2024 16:14:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137214
x-xss-protection
0
server
Google Tag Manager
l1894mlovb
www.clarity.ms/tag/
707 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/l1894mlovb?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMZ6X7L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
22c4e7e7911b6eabb9a1fd2b56b4fb8b7ce737c51440226307abc019981fb88a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
707
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/x-javascript
x-azure-ref
20241217T161410Z-176fb8c9d7d8xws6hC1YTO5ha000000019g0000000006z7s
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMZ6X7L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-BAw4B84r' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-BAw4B84r' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4488, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
PpLTeSfyDlcctIMnBjwfKZPqDpRlAgb+c9uvH4LsqftWvgjzRF4Rg7lOCTW/KpcOJkWkWSq6bcCyQGAvqjJsNQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62283
x-xss-protection
0
origin-agent-cluster
?1
pixel.js
www.redditstatic.com/ads/
43 KB
13 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMZ6X7L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"1a001f3a066bff47a766099b87253911"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12220
date
Tue, 17 Dec 2024 16:14:10 GMT
last-modified
Mon, 18 Nov 2024 21:16:35 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
tfa.js
cdn.taboola.com/libtrc/unip/1765137/
71 KB
22 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1765137/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMZ6X7L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6858abf34ee4638e77520c3dd5886e2343f020a9093e47f70bf585da28b805d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
gzip
etag
"2723dd14f73a5e8733e44937ec15bba8"
x-amz-version-id
8rzwS64deGtlolOu8gOZNy94hKVAv.vu
age
27075
x-cache
HIT
date
Tue, 17 Dec 2024 16:14:10 GMT
last-modified
Sun, 15 Dec 2024 11:28:04 GMT
x-served-by
cache-yul1970049-YUL
x-cache-hits
1
content-type
application/javascript; charset=utf-8
x-amz-id-2
c4ckCOWuS2O900kFP1zc39Hf6g92xDsHJR8b/LzkRvp8xsrFMucDy6R/Y2Op2hfzFl5UtBXy/TI=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14401
x-timer
S1734452050.087163,VS0,VE1
via
1.1 varnish
x-amz-request-id
747C17FRJKHZ9HGW
accept-ranges
bytes
access-control-allow-origin
*
abp
67
content-length
22129
server
AmazonS3
x-amz-server-side-encryption
AES256
events.js
analytics.tiktok.com/i18n/pixel/
6 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQ2R2CBC77U1207KJ7V0&lib=ttq
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fb944a5568fbf3e739ec638e9459c5f1a3cdbc8073dfb7dcd6f0ae3df4720ba4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
gzip
expires
Tue, 17 Dec 2024 16:14:10 GMT
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=3, origin; dur=21
x-cache
TCP_MISS from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
8e625c27
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438678e1de32340028fa52619d2f4f7a26f2ff8aeaf844ca47208eade9e90c66901668b627be19a86d39523dc05af5400fa1df6fbef93abb7bc4d3ec35613b853bee34ffe5a22a9993a6f55c42d67a44b622
x-origin-response-time
22,23.218.223.74
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24121716141008FE2EA40B4A6E0138ED-40728960A457DA03-00
content-length
2172
x-tt-logid
2024121716141008FE2EA40B4A6E0138ED
server
nginx
obtp.js
amplify.outbrain.com/cp/
29 KB
9 KB
Script
General
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.129.105 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-105.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf18b995260e90fbc843f87219dec7946706f7b5f64eb074f38e9a8815f6c517

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

Cache-Control
max-age=1200
Content-Encoding
gzip
ETag
"af8289381be9ec1fee804105d14e8890:1734427907.022197"
Connection
keep-alive
Expires
Tue, 17 Dec 2024 16:34:10 GMT
Accept-Ranges
bytes
X-CC
CA
Content-Length
9076
X-RG
NA
Date
Tue, 17 Dec 2024 16:14:10 GMT
Content-Type
application/x-javascript
Last-Modified
Tue, 17 Dec 2024 09:22:45 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
events.js
analytics.tiktok.com/i18n/pixel/
5 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CS3A86JC77U2A26N1L6G&lib=ttq
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d1b5e75ed44ca9ab1aa8e7d6e7a542e943bc95cb43adb8757734322d761478a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
gzip
expires
Tue, 17 Dec 2024 16:14:10 GMT
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=8
x-cache
TCP_MISS from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
8e625c25
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438678e1de32340028fa52619d2f4f7a26f241498efdc0add3c6ad1d9fc0fdff80677348a91b761003f1bbd27aa9f3af75c20495706264bfdacf1bcab10f467c3d0d0ab0e3d32c5bfe363bb089d4bc90e0bb
x-origin-response-time
9,23.218.223.74
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2412171614104C31C50869B9FABC4F93-27CD7EEB85945E1C-00
content-length
1748
x-tt-logid
202412171614104C31C50869B9FABC4F93
server
nginx
uwt.js
static.ads-twitter.com/
57 KB
16 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.80.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Tue, 17 Dec 2024 16:14:10 GMT
x-tw-cdn
FT
last-modified
Mon, 28 Oct 2024 20:49:35 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kcgs7200053-IAD, cache-chi-klot8100151-CHI
x-amz-server-side-encryption
AES256
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 419C
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Flumpsumrefunds.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMZ6X7L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
37
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 16:13:33 GMT
expires
Wed, 17 Dec 2025 16:13:33 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-GTHXSQWF03&gtm=45je4cc1v884573084z8847680788za200zb847680788&_p=1734452049635&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1109331462.1734452050&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1734452050&sct=1&seg=0&dl=https%3A%2F%2Flumpsumrefunds.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1349
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://lumpsumrefunds.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
556 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GTHXSQWF03&cid=1109331462.1734452050&gtm=45je4cc1v884573084z8847680788za200zb847680788&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://lumpsumrefunds.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame C20C
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-GTHXSQWF03&gacid=1109331462.1734452050&gtm=45je4cc1v884573084z8847680788za200zb847680788&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1258427727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lumpsumrefunds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 16:14:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/860467598/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/860467598/?random=1734452050195&cv=11&fst=1734452050195&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
ba9c60b8cad1781bc505d42567ff772a66e68b10b69f6386df1f2cc6e55c871d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2236
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
860467598
td.doubleclick.net/td/rul/ Frame 9D9B
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/860467598?random=1734452050195&cv=11&fst=1734452050195&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lumpsumrefunds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 16:14:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16725088236/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16725088236/?random=1734452050212&cv=11&fst=1734452050212&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
6eba9efd57c661799403811e6bc089c1be50d43bcb803a7d1b286fb35c3055f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2240
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16725088236
td.doubleclick.net/td/rul/ Frame 9FD8
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16725088236?random=1734452050212&cv=11&fst=1734452050212&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lumpsumrefunds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 16:14:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16753731413/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16753731413/?random=1734452050218&cv=11&fst=1734452050218&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
18485591c71de4a635e597388edfbdd8af4bf30aa3a89b859aba93bc56ad4422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2238
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16753731413
td.doubleclick.net/td/rul/ Frame 3C29
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16753731413?random=1734452050218&cv=11&fst=1734452050218&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lumpsumrefunds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 16:14:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16721496866/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16721496866/?random=1734452050224&cv=11&fst=1734452050224&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
3cd49f84a97ab602eb06cd7bbb0a6c0c2ea42c4d82897551c828e01ff43b0a7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2240
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16721496866
td.doubleclick.net/td/rul/ Frame 4B86
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16721496866?random=1734452050224&cv=11&fst=1734452050224&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTHXSQWF03&l=dataLayer&cx=c&gtm=45He4cc1v847680788za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lumpsumrefunds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 16:14:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/
42 B
63 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GTHXSQWF03&cid=1109331462.1734452050&gtm=45je4cc1v884573084z8847680788za200zb847680788&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=787442619
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
config
pixel-config.reddit.com/pixels/a2_g1g1dlfqf7bh/
3 B
124 B
XHR
General
Full URL
https://pixel-config.reddit.com/pixels/a2_g1g1dlfqf7bh/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/json
a2_g1g1dlfqf7bh_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/
86 B
700 B
XHR
General
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_g1g1dlfqf7bh_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/
42 B
637 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1734452050264&id=a2_g1g1dlfqf7bh&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=65772847-b530-4623-9347-1cff453123a2&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_b192616d&dpm=&dpcc=&dprc=
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
image/gif
server
Varnish
topics_api
psb.taboola.com/
65 B
281 B
Fetch
General
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1765137/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
private, max-age=2592000
retry-after
0
x-timer
S1734452051.537708,VS0,VE0
observe-browsing-topics
?1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
65
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-yul1970075-YUL
server
Varnish
x-cache-hits
0
json
trc.taboola.com/1765137/trc/3/
3 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1765137/trc/3/json?tim=1734452050295&data=%7B%22id%22%3A723%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1734452050265%2C%22cv%22%3A%2220241215-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flumpsumrefunds.com%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dlondonbridgeperformancemedia-james-mcg-findcarfinance-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1734452050294%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Flumpsumrefunds.com%2F%22%2C%22tos%22%3A23%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1765137/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1077c64da4883eb541bb2ee040a9d4231eae127a1bee4a61d958d16f936693d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-yul1970049-YUL
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
27935
x-timer
S1734452050.316071,VS0,VE39
x-vcl-time-ms
39
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.188
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
163426526525291
connect.facebook.net/signals/config/
85 KB
17 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/163426526525291?v=2.9.179&r=stable&domain=lumpsumrefunds.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
09963444290ea50c2350c32dd3c004246aa71d541bf3d30fcecb884a1e71cf7c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-9SInomdG' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-9SInomdG' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=77, mss=1232, tbw=70552, tp=66, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
7Ci0YTGlRjKxhXgAYZrJb7S/Mr2fKRNIBpo9ACPlgGSoEw19AdgJda+kdnxv/Zj995CDKuvGP//jM0EBErIYBg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
content-length
17784
x-xss-protection
0
origin-agent-cluster
?1
00e12a5d0ea58200328b3f04fd9494b006
wave.outbrain.com/mtWavesBundler/handler/
2 B
516 B
Script
General
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00e12a5d0ea58200328b3f04fd9494b006
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.129.105 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=60
ob-sent-time
1734420131688
Content-Encoding
gzip
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection
keep-alive
Expires
Tue, 17 Dec 2024 16:15:10 GMT
Access-Control-Allow-Origin
*
X-CC
CA
Content-Length
22
X-RG
NA
Date
Tue, 17 Dec 2024 16:14:10 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
x-traceid
46db5cbde793517881ad000460b96ac6
00644d33a207422eb19f7678ff2def586d
wave.outbrain.com/mtWavesBundler/handler/
3 KB
2 KB
Script
General
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00644d33a207422eb19f7678ff2def586d
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.129.105 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
11e1032a066a63ae1e8d9c1853c791255bc3bb974485483c663d6c6cffd373d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=60
ob-sent-time
1734430413121
Content-Encoding
gzip
ETag
W/"d43-kYDceMlgvd8l5gPq84XOwXN5Xbo"
Connection
keep-alive
Expires
Tue, 17 Dec 2024 16:15:10 GMT
Access-Control-Allow-Origin
*
X-CC
CA
Content-Length
1546
X-RG
NA
Date
Tue, 17 Dec 2024 16:14:10 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
x-traceid
a65930cd0c08cefe9f064bdc243c704e
topics
amplify.outbrain.com/
26 B
301 B
Fetch
General
Full URL
https://amplify.outbrain.com/topics
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.129.105 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

Cache-Control
max-age=1200
Connection
keep-alive
Observe-Browsing-Topics
?1
Expires
Tue, 17 Dec 2024 16:34:10 GMT
Access-Control-Allow-Origin
*
X-CC
CA
Content-Length
26
X-RG
NA
Date
Tue, 17 Dec 2024 16:14:10 GMT
Content-Type
text/html
unifiedPixel
tr.outbrain.com/
53 B
321 B
Fetch
General
Full URL
https://tr.outbrain.com/unifiedPixel?au=false&bust=03842329094848398&referrer=&marketerId=00e12a5d0ea58200328b3f04fd9494b006%2C00644d33a207422eb19f7678ff2def586d&name=PAGE_VIEW&dl=https%3A%2F%2Flumpsumrefunds.com%2F&g=1&zone=all&obApiVersion=1.1&obtpVersion=2.18.155
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
54
content-encoding
br
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
image/gif;
x-traceid
63fc34602f64f318797ebcbb92698a81
cachedClickId
tr.outbrain.com/
35 B
293 B
Script
General
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00e12a5d0ea58200328b3f04fd9494b006,00644d33a207422eb19f7678ff2def586d
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
39
content-encoding
br
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/javascript
x-traceid
702a0c015427bf2ddebc77d74025f81c
main.MWZiM2ZlMGNjMA.js
analytics.tiktok.com/i18n/pixel/static/
345 KB
96 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CS3A86JC77U2A26N1L6G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7d60c0cd0647ecb04df42bcfd2acd351c105c2d89e2b401ba03b0845336170e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id
00-2412101335208079CD14F6221C9DD62A-59A099B5A0798C85-00
content-length
97156
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101335208079CD14F6221C9DD62A
server
nginx
x-akamai-request-id
8e625ea5
x-tt-trace-host
0180bdc7055130c5a3b19e853abcf041892289ff7ff92dda083e420f35c58bd0b6429fac61db24c8517aa0e29a162690372e84c0eb067886ce568d232bd2fd1d4e10efdc1abafd6cb038615bfddab3ec64505857d7955562f817cc2b29af88c8e8
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/
351 KB
97 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQ2R2CBC77U1207KJ7V0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2412101334450A9036E13F668DBA9DB7-6C1F485E56EDF85B-00
content-length
98524
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450A9036E13F668DBA9DB7
server
nginx
x-akamai-request-id
8e625ea7
x-tt-trace-host
0105df65b8d3eb256649d2db999d84f8c162bef9b958a093259e05688cd7b00a198452365a04f32ae9122a6702c39b857a657d47275e8965b04b5364494419ba1755c810141d07d09fac690fdc064b6945a8fc11414c9453b70520a8e234173d9925601bb490ad2fd0334c6af2f9f93dbf475d6f8a4efc0fa1ed05c877858ad613
adsct
t.co/1/i/
43 B
627 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=513b97c8-bb44-43d6-93db-137ed9571cc7&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c64f5156-0ee3-403e-ad16-04eb8120b931&tw_document_href=https%3A%2F%2Flumpsumrefunds.com%2F&tw_iframe_status=0&txn_id=oodgc&type=javascript&version=2.3.31
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
8c3e0849733fb720
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8506f9056cb7f5c9d0fbfac032b3def081de7e8605d6989ee2a721efb4d7d7e4
cf-cache-status
DYNAMIC
cf-ray
8f383463ec57ac69-YYZ
x-response-time
6
content-length
43
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/1/i/
43 B
723 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=513b97c8-bb44-43d6-93db-137ed9571cc7&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c64f5156-0ee3-403e-ad16-04eb8120b931&tw_document_href=https%3A%2F%2Flumpsumrefunds.com%2F&tw_iframe_status=0&txn_id=oodgc&type=javascript&version=2.3.31
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
c79a261447c65e1b
cache-control
no-cache, no-store, max-age=0
x-connection-hash
62bfcb6eb1fd84e284cd2b59cd32cd5335c023183b96627d90a8c41ca953ea7b
x-response-time
76
content-length
43
date
Tue, 17 Dec 2024 16:14:09 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
css2
fonts.googleapis.com/
15 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/css/main.a60e467d.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22c3e32be01d8accada02d536093064df81aa7f0a922dde057e3e5fb8ea240ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 16:14:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 17 Dec 2024 15:59:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
clarity.js
www.clarity.ms/s/0.7.59/
67 KB
28 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/l1894mlovb?ref=gtm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

x-azure-ref
20241217T161410Z-176fb8c9d7d8xws6hC1YTO5ha000000019g0000000006z83
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD1DD41438CC6B"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
12818831-c01e-0066-4540-5061fb000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 13:18:06 GMT
/
www.google.com/pagead/1p-user-list/16753731413/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16753731413/?random=1734452050218&cv=11&fst=1734451200000&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dF8zdklKDTn5WdY1YOLi0Val3i7zF0A&random=1457718521&rmt_tld=0&ipr=y
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/16753731413/
42 B
64 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/16753731413/?random=1734452050218&cv=11&fst=1734451200000&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dF8zdklKDTn5WdY1YOLi0Val3i7zF0A&random=1457718521&rmt_tld=1&ipr=y
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/860467598/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/860467598/?random=1734452050195&cv=11&fst=1734451200000&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dssKiB0-36UtnVzI6Ls6iiecv2F8Ngg&random=612668613&rmt_tld=0&ipr=y
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/860467598/
42 B
64 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/860467598/?random=1734452050195&cv=11&fst=1734451200000&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dssKiB0-36UtnVzI6Ls6iiecv2F8Ngg&random=612668613&rmt_tld=1&ipr=y
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/16721496866/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16721496866/?random=1734452050224&cv=11&fst=1734451200000&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d39DihT6D8lGNDzOCxIFoFyz2Gdlhfg&random=3072080304&rmt_tld=0&ipr=y
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/16721496866/
42 B
64 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/16721496866/?random=1734452050224&cv=11&fst=1734451200000&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d39DihT6D8lGNDzOCxIFoFyz2Gdlhfg&random=3072080304&rmt_tld=1&ipr=y
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/16725088236/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16725088236/?random=1734452050212&cv=11&fst=1734451200000&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dj--5Ga6s11jSmFvAbA12TXvV6RmvGA&random=2476474916&rmt_tld=0&ipr=y
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/16725088236/
42 B
64 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/16725088236/?random=1734452050212&cv=11&fst=1734451200000&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v884573084z8847680788za200zb847680788&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Flumpsumrefunds.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=741122906.1734452050&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dj--5Ga6s11jSmFvAbA12TXvV6RmvGA&random=2476474916&rmt_tld=1&ipr=y
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 16:14:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
json
trc.taboola.com/1780742/trc/3/
3 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1780742/trc/3/json?tim=1734452050490&data=%7B%22id%22%3A219%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1734452050265%2C%22cv%22%3A%2220241215-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flumpsumrefunds.com%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dlondonbridgeperformancemedia-james-mcg-findcarfinance-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1734452050299%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Flumpsumrefunds.com%2F%22%2C%22tos%22%3A29%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1765137/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1d96c1fbc79df957a67507e8aaa3e6ad65d7c8f23da04cb28d50c211fc09cf6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-yul1970049-YUL
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
27915
x-timer
S1734452051.506370,VS0,VE40
x-vcl-time-ms
40
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.20350000000000001
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
json
trc.taboola.com/1778706/trc/3/
3 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1778706/trc/3/json?tim=1734452050495&data=%7B%22id%22%3A197%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1734452050265%2C%22cv%22%3A%2220241215-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flumpsumrefunds.com%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback2%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dlondonbridgeperformancemedia-james-mcg-findcarfinance-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1734452050300%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Flumpsumrefunds.com%2F%22%2C%22tos%22%3A29%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1765137/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
967a62bc54ba73fe5ae9a8fa74e8311c6fc2d2f737ca058e594c4c0b6515034d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-yul1970049-YUL
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
25355
x-timer
S1734452051.506733,VS0,VE42
x-vcl-time-ms
42
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.281
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=163426526525291&ev=PageView&dl=https%3A%2F%2Flumpsumrefunds.com&rl=&if=false&ts=1734452050528&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1734452050526.25594251156696879&pm=1&hrl=76533a&ler=empty&cdl=API_unavailable&it=1734452050323&coo=false&tm=1&cs_cc=1&cas=8832914746824157%2C8621232261323083%2C7926908140744760%2C9491842794168872%2C8578092195610048%2C27422421797406630%2C7914295385337754%2C27232864539691290%2C8537625052941913%2C8477290475722201%2C27260508556896951%2C8236220353153070%2C8913553258679183%2C8585171578210363%2C8515924708495153%2C8256135364508339%2C8763718520324534%2C8713225928691943%2C7936701793087861%2C7861498620585124%2C8597110100307565%2C7890436564406226%2C26618995857691464%2C7917721194937807%2C26438935945697646%2C7807960069297031%2C8076710192386887%2C7558959617534552%2C8274447969231800&rqm=GET
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4568, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
198 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=163426526525291&ev=PageView&dl=https%3A%2F%2Flumpsumrefunds.com&rl=&if=false&ts=1734452050528&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1734452050526.25594251156696879&pm=1&hrl=76533a&ler=empty&cdl=API_unavailable&it=1734452050323&coo=false&tm=1&cs_cc=1&cas=8832914746824157%2C8621232261323083%2C7926908140744760%2C9491842794168872%2C8578092195610048%2C27422421797406630%2C7914295385337754%2C27232864539691290%2C8537625052941913%2C8477290475722201%2C27260508556896951%2C8236220353153070%2C8913553258679183%2C8585171578210363%2C8515924708495153%2C8256135364508339%2C8763718520324534%2C8713225928691943%2C7936701793087861%2C7861498620585124%2C8597110100307565%2C7890436564406226%2C26618995857691464%2C7917721194937807%2C26438935945697646%2C7807960069297031%2C8076710192386887%2C7558959617534552%2C8274447969231800&rqm=FGET
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449414832831951586"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
SoBLLGzcJDYpLSTzXKBXjlenp4LLp0u0LKQxezEKqv0eNjgfWbCuZKwWTX/REFS1xw6d7+aV7BQpZ4WUtuHLig==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449414832831951586", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4936, tp=13, tpl=0, uplat=131, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/
146 KB
39 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241115053930F1440A1907BC2E1F87C0-53204C6A16170431-00
content-length
39469
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115053930F1440A1907BC2E1F87C0
server
nginx
x-akamai-request-id
8e62608b
x-tt-trace-host
0167139c110bda04d3d589f2171d83f3f2788f4695a31306a6f458459465ddd1bd692c9604a3c80f6ade0fa58815c269a013806bee1358742f1f1ed6fb388f7aaef9dcfaefeed183c6e4917a1aeec161e909d8fc2dc3fa5e9dd440708e23202b65
pixel
analytics.tiktok.com/api/v2/
0
717 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 17 Dec 2024 16:14:10 GMT
server-timing
inner; dur=17, cdn-cache; desc=MISS, edge; dur=17, origin; dur=32
x-cache
TCP_MISS from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 16:14:10 GMT
x-akamai-request-id
8e6260b1
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438678e1de32340028fa52619d2f4f7a26f2a23941dccbd9a04120329e43f3f7b967cbb3cca6fd121a3e7abeb5a08618dc75c21c1399641377150aa74451a5624dae8213c31d0a28dc4e75db5ee4354778de
x-origin-response-time
32,23.218.223.74
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241217161410176F67040698B2AE4176-324048CC88475074-00
content-length
0
x-tt-logid
20241217161410176F67040698B2AE4176
server
nginx
pixel
analytics.tiktok.com/api/v2/
0
718 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 17 Dec 2024 16:14:10 GMT
server-timing
inner; dur=33, cdn-cache; desc=MISS, edge; dur=7, origin; dur=38
x-cache
TCP_MISS from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 16:14:10 GMT
x-akamai-request-id
8e6260bb
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438678e1de32340028fa52619d2f4f7a26f2ff8aeaf844ca47208eade9e90c669016ea9b4a7af02ea783b4c0703916015318e836f1d57372a0ffd4c09fb004324c6572031394b334f66055d0b9ca426d8734
x-origin-response-time
38,23.218.223.74
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24121716141008FE2EA40B4A6E013926-7B6BBA556F4BEE60-00
content-length
0
x-tt-logid
2024121716141008FE2EA40B4A6E013926
server
nginx
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lumpsumrefunds.com
Referer
https://fonts.googleapis.com/

Response headers

age
487797
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 00:44:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 00:44:13 GMT
last-modified
Wed, 04 Dec 2024 06:54:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1765137/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
gzip
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age
1307
x-cache
HIT
date
Tue, 17 Dec 2024 16:14:10 GMT
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
x-served-by
cache-yul1970049-YUL
x-cache-hits
1788
content-type
application/javascript
x-amz-id-2
fwEDCtkllCMn6kllIPxUajXk0BZ/ZCgnMAttfm0eFdYVlgsdTqS9BwHPi1QcBnv1uELS9qmw/YA=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private, max-age=3600
x-timer
S1734452051.616129,VS0,VE0
via
1.1 varnish
x-amz-request-id
0RY33TXR1A3MN2HH
accept-ranges
bytes
access-control-allow-origin
*
abp
35
content-length
1347
server
AmazonS3
x-amz-server-side-encryption
AES256
eid.es5.js
cdn.taboola.com/scripts/
17 KB
7 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1765137/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
gzip
etag
"2fdf3e79d5e851201a0d52a886453d8b"
x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
age
11775
x-cache
HIT
date
Tue, 17 Dec 2024 16:14:10 GMT
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
x-served-by
cache-yul1970049-YUL
x-cache-hits
12264
content-type
application/javascript
x-amz-id-2
n5z+dbVXiAp5J1Z+Hvw5EZQEoGUP2U6VmIiZk6XJxEGpKIoIZNJVADOGnphO1PYeChro7+fMqZ8=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14400
x-timer
S1734452051.616155,VS0,VE0
via
1.1 varnish
x-amz-request-id
KT26JC3B5JJ1SKNG
accept-ranges
bytes
access-control-allow-origin
*
abp
77
content-length
6467
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
b.clarity.ms/
0
282 B
XHR
General
Full URL
https://b.clarity.ms/collect
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://lumpsumrefunds.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://lumpsumrefunds.com
Date
Tue, 17 Dec 2024 16:14:10 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
pips.taboola.com/
4 B
90 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
no-store
retry-after
0
access-control-allow-methods
GET
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://lumpsumrefunds.com
x-cache
HIT
content-length
4
date
Tue, 17 Dec 2024 16:14:10 GMT
x-served-by
cache-yul1970075-YUL
server
Varnish
x-cache-hits
0
loader4
api.adtopiaglobal.com/
194 B
362 B
XHR
General
Full URL
https://api.adtopiaglobal.com/loader4
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.235.212 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-235-212.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f659da832c050732074ab891e82a702a60056e1317c51f9b645a773029b24c7d

Request headers

Authorization
Bearer ukcyzIvdns13ax7MFAKRlJU6h2eWpH0f
Referer
https://lumpsumrefunds.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

access-control-allow-origin
https://lumpsumrefunds.com
content-length
194
date
Tue, 17 Dec 2024 16:14:11 GMT
content-type
application/json
vary
Origin
server
nginx/1.18.0
access-control-allow-credentials
true
loader4
api.adtopiaglobal.com/ Frame
0
0
Preflight
General
Full URL
https://api.adtopiaglobal.com/loader4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.235.212 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-235-212.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://lumpsumrefunds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://lumpsumrefunds.com
access-control-max-age
600
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 17 Dec 2024 16:14:11 GMT
server
nginx/1.18.0
vary
Origin
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=e2ef6686-3115-4f0c-a6bd-801799f8908e-tucte5b28d2&mbl=ZmFsc2U=
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-origin
*
cache-control
no-store
date
Tue, 17 Dec 2024 16:14:10 GMT
server
nginx
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7E7564916BB94FC992A74FC6DE280A35&RedC=c.clarity.ms&MXFR=3888561932B7659701A3434136B76B60
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7E7564916BB94FC992A74FC6DE280A35&MUID=24BC0BD3D72D64D72D691E8BD6FB65F7
42 B
441 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7E7564916BB94FC992A74FC6DE280A35&MUID=24BC0BD3D72D64D72D691E8BD6FB65F7
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"9270eb7934bdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Tue, 17 Dec 2024 16:14:10 GMT
content-type
image/gif
last-modified
Tue, 10 Dec 2024 13:00:24 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7E7564916BB94FC992A74FC6DE280A35&MUID=24BC0BD3D72D64D72D691E8BD6FB65F7
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 77C9B3DB21A9432D93EC8987D373DA6B Ref B: YMQ01EDGE0306 Ref C: 2024-12-17T16:14:11Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Tue, 17 Dec 2024 16:14:10 GMT
x-powered-by
ASP.NET
favicon.a35fb3f3.ico
lumpsumrefunds.com/static/media/
9 KB
10 KB
Other
General
Full URL
https://lumpsumrefunds.com/static/media/favicon.a35fb3f3.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
081b45f8959e2c9c2abc82d6ac87a5157972c050065ac0ad4c83108ce39a1770

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"bcb93e1bd23e7f97b86b51e60f68b801"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
5OqUu8pbfezuXB0JkUwmsc5lHFIJQ9NQgPtcPd5f6ArXveAaiiM75Q==
date
Tue, 17 Dec 2024 16:14:12 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
image/x-icon
last-modified
Thu, 12 Dec 2024 20:48:08 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9328
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
act
analytics.tiktok.com/api/v2/pixel/
0
721 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 17 Dec 2024 16:14:11 GMT
server-timing
inner; dur=23, cdn-cache; desc=MISS, edge; dur=25, origin; dur=81
x-cache
TCP_MISS from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 16:14:11 GMT
x-akamai-request-id
8e6263ac
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438678e1de32340028fa52619d2f4f7a26f241498efdc0add3c6ad1d9fc0fdff80671fa0f2708633365dd4a75153a271300c346e01367aa2691895a31a6fbee97884363dcb573caf443640dca445d5500193
x-origin-response-time
82,23.218.223.74
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412171614104C31C50869B9FABC4FF8-25CA8ABFB49DF2EE-00
content-length
0
x-tt-logid
202412171614104C31C50869B9FABC4FF8
server
nginx
unifiedPixel
tr.outbrain.com/
53 B
321 B
Fetch
General
Full URL
https://tr.outbrain.com/unifiedPixel?au=false&bust=0693310369998035&referrer=&marketerId=00e12a5d0ea58200328b3f04fd9494b006%2C00644d33a207422eb19f7678ff2def586d&name=PAGE_VIEW&dl=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340&g=1&zone=all&obApiVersion=1.1&obtpVersion=2.18.155
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
54
content-encoding
br
date
Tue, 17 Dec 2024 16:14:11 GMT
content-type
image/gif;
x-traceid
82e8c562850f93319fb4c180d8af1452
collect
b.clarity.ms/
0
282 B
Ping
General
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lumpsumrefunds.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://lumpsumrefunds.com
Date
Tue, 17 Dec 2024 16:14:11 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=163426526525291&ev=PageView&dl=https%3A%2F%2Flumpsumrefunds.com&rl=&if=false&ts=1734452051195&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1734452050526.25594251156696879&pm=1&hrl=783546&ler=empty&cdl=API_unavailable&it=1734452050323&coo=false&cs_cc=1&cas=8832914746824157%2C8621232261323083%2C7926908140744760%2C9491842794168872%2C8578092195610048%2C27422421797406630%2C7914295385337754%2C27232864539691290%2C8537625052941913%2C8477290475722201%2C27260508556896951%2C8236220353153070%2C8913553258679183%2C8585171578210363%2C8515924708495153%2C8256135364508339%2C8763718520324534%2C8713225928691943%2C7936701793087861%2C7861498620585124%2C8597110100307565%2C7890436564406226%2C26618995857691464%2C7917721194937807%2C26438935945697646%2C7807960069297031%2C8076710192386887%2C7558959617534552%2C8274447969231800&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=27, mss=1232, tbw=9023, tp=21, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 17 Dec 2024 16:14:11 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=163426526525291&ev=PageView&dl=https%3A%2F%2Flumpsumrefunds.com&rl=&if=false&ts=1734452051195&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1734452050526.25594251156696879&pm=1&hrl=783546&ler=empty&cdl=API_unavailable&it=1734452050323&coo=false&cs_cc=1&cas=8832914746824157%2C8621232261323083%2C7926908140744760%2C9491842794168872%2C8578092195610048%2C27422421797406630%2C7914295385337754%2C27232864539691290%2C8537625052941913%2C8477290475722201%2C27260508556896951%2C8236220353153070%2C8913553258679183%2C8585171578210363%2C8515924708495153%2C8256135364508339%2C8763718520324534%2C8713225928691943%2C7936701793087861%2C7861498620585124%2C8597110100307565%2C7890436564406226%2C26618995857691464%2C7917721194937807%2C26438935945697646%2C7807960069297031%2C8076710192386887%2C7558959617534552%2C8274447969231800&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449414836544908633"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:14:11 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
h+mFbyghNotLxInEfzI/cjC2lKJwHzKASyDb6RV2AFd1fsoEkbSEF4SIwVGYdfg/gO6k7nAWDavcZysxhBfPlA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449414836544908633", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=27, mss=1232, tbw=9263, tp=24, tpl=0, uplat=296, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
8.87a9d384.chunk.js
lumpsumrefunds.com/static/js/
46 KB
14 KB
Script
General
Full URL
https://lumpsumrefunds.com/static/js/8.87a9d384.chunk.js
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ddf43a4dbf2df2b3912233a4c8085c6a1850678f3ce7d39839d518d251c6d63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-server-side-encryption
AES256
x-amz-cf-pop
LAX54-P2
vary
accept-encoding
content-encoding
br
x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
W/"709a713ac3dc7876b93d97092df18c03"
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
jUSESKOzvNnNgvD4NZzy3PeXzgDRddjeso_4z26rcuQGmlUBxKy1sw==
date
Tue, 17 Dec 2024 16:14:12 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
content-type
application/x-javascript
server
AmazonS3
last-modified
Thu, 12 Dec 2024 20:48:07 GMT
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
18.05f61405.chunk.js
lumpsumrefunds.com/static/js/
60 KB
19 KB
Script
General
Full URL
https://lumpsumrefunds.com/static/js/18.05f61405.chunk.js
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6632c3dccbb84cae7d36ccbd1867a58712df99e1e3eeba1df70355a2ccdce428

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-server-side-encryption
AES256
x-amz-cf-pop
LAX54-P2
vary
accept-encoding
content-encoding
gzip
x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
W/"1e1d7df347ca9753e8f09db580664133"
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
_2Afc3hehzFQKLPqhLNea_tvproHEqXrOh6hS0UL4ZoG4wBiEhmZ4w==
date
Tue, 17 Dec 2024 16:14:12 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
content-type
application/x-javascript
server
AmazonS3
last-modified
Thu, 12 Dec 2024 20:48:10 GMT
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
7.e9ce39a6.chunk.css
lumpsumrefunds.com/static/css/
19 KB
5 KB
Stylesheet
General
Full URL
https://lumpsumrefunds.com/static/css/7.e9ce39a6.chunk.css
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b28e4e4e5175472ae73389877da4e6ba73ae9575abd2a850a8cc7206748bd5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-server-side-encryption
AES256
x-amz-cf-pop
LAX54-P2
vary
accept-encoding
content-encoding
gzip
x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
W/"f79eb256d19f825bda3357672d891d68"
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
481h7PKxgSazHhxm0PHi-oofH1ecqFO9PfU4Jri1UaWyCX6Q1XeA0w==
date
Tue, 17 Dec 2024 16:14:12 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
content-type
text/css
server
AmazonS3
last-modified
Thu, 12 Dec 2024 20:48:08 GMT
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
7.b13cd529.chunk.js
lumpsumrefunds.com/static/js/
54 KB
29 KB
Script
General
Full URL
https://lumpsumrefunds.com/static/js/7.b13cd529.chunk.js
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c89a01823a30be01a06afbdfa908570320e9cf4d14955b0f6ccb4fda1037cca8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-server-side-encryption
AES256
x-amz-cf-pop
LAX54-P2
vary
accept-encoding
content-encoding
br
x-amz-meta-codebuild-content-md5
d898ae0bbf3c17bbd125f701917ae113
etag
W/"a779f9b8794594121f39356470852ac0"
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
XyWx-C2lDzQu08KcuwNNUf3QLvGIfqGBmYpYet3r75N2LXW9fUQiTA==
date
Tue, 17 Dec 2024 16:14:12 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:09b75c9d-5e3b-4432-9386-99b7cf287284
content-type
application/x-javascript
server
AmazonS3
last-modified
Mon, 16 Dec 2024 18:57:22 GMT
x-amz-meta-codebuild-content-sha256
c2f369a88785585f71fb513c6b9e9bd49309033839d7695da67b48fb4141a21d
50.38bf2c1e.chunk.js
lumpsumrefunds.com/static/js/
39 KB
15 KB
Script
General
Full URL
https://lumpsumrefunds.com/static/js/50.38bf2c1e.chunk.js
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fa3beaf63b01f52e464cc2bc72e65e5441b4475d46cd755635d2ade8ef37004

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-server-side-encryption
AES256
x-amz-cf-pop
LAX54-P2
vary
accept-encoding
content-encoding
gzip
x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
W/"bdd68f5d00d1fad233d481089d68b7d6"
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
NOZxLNd7eG8vOauYgMfHq5GP_KWAGxQQhOCXm1LBvJzVohY8jq0Wdw==
date
Tue, 17 Dec 2024 16:14:12 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
content-type
application/x-javascript
server
AmazonS3
last-modified
Thu, 12 Dec 2024 20:48:08 GMT
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
pixel
analytics.tiktok.com/api/v2/
0
720 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 17 Dec 2024 16:14:11 GMT
server-timing
inner; dur=18, cdn-cache; desc=MISS, edge; dur=7, origin; dur=22
x-cache
TCP_MISS from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 16:14:11 GMT
x-akamai-request-id
8e6266fa
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438678e1de32340028fa52619d2f4f7a26f2dac644dbf3959c8e9ee6907ed2548812932578fe57f4f440113fc6c41ba6e75da1e635ddfc0e29b040da47a680aef390b2a9018e2693dddf49c12b3c60474ac3
x-origin-response-time
22,23.218.223.74
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412171614117C551C97DCD45AFFFE96-42E8726F76F9FEFF-00
content-length
0
x-tt-logid
202412171614117C551C97DCD45AFFFE96
server
nginx
pixel
analytics.tiktok.com/api/v2/
0
718 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 17 Dec 2024 16:14:11 GMT
server-timing
inner; dur=20, cdn-cache; desc=MISS, edge; dur=7, origin; dur=24
x-cache
TCP_MISS from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 16:14:11 GMT
x-akamai-request-id
8e6266fb
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438678e1de32340028fa52619d2f4f7a26f2fbe53bcc3b903bd6afde900822589076731f0a3556a91c8c1b4d9fab7ec85050c31577d897eced236d6c79d2e13b594936826b1f7a6fb3ecfaae0e22a1695b31
x-origin-response-time
24,23.218.223.74
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412171614119BFC9A3E19162EFF96E7-025FC24C8222C3AF-00
content-length
0
x-tt-logid
202412171614119BFC9A3E19162EFF96E7
server
nginx
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lumpsumrefunds.com
Referer
https://fonts.googleapis.com/

Response headers

age
399411
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 01:17:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 01:17:20 GMT
last-modified
Wed, 04 Dec 2024 06:53:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
favicon.a35fb3f3.ico
lumpsumrefunds.com/static/media/
9 KB
0
Other
General
Full URL
https://lumpsumrefunds.com/static/media/favicon.a35fb3f3.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
081b45f8959e2c9c2abc82d6ac87a5157972c050065ac0ad4c83108ce39a1770

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"bcb93e1bd23e7f97b86b51e60f68b801"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
5OqUu8pbfezuXB0JkUwmsc5lHFIJQ9NQgPtcPd5f6ArXveAaiiM75Q==
date
Tue, 17 Dec 2024 16:14:12 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
image/x-icon
last-modified
Thu, 12 Dec 2024 20:48:08 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9328
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
favicon.ico
lumpsumrefunds.com/
9 KB
10 KB
Other
General
Full URL
https://lumpsumrefunds.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
081b45f8959e2c9c2abc82d6ac87a5157972c050065ac0ad4c83108ce39a1770

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"bcb93e1bd23e7f97b86b51e60f68b801"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
UfTBgJ-4hGvcFd1IrGbjk98u16lXOnv1KogXnJCBTjdB4-LKewpOOw==
date
Tue, 17 Dec 2024 16:14:12 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
image/x-icon
last-modified
Thu, 12 Dec 2024 20:48:01 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9328
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
collect
b.clarity.ms/
0
282 B
XHR
General
Full URL
https://b.clarity.ms/collect
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://lumpsumrefunds.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://lumpsumrefunds.com
Date
Tue, 17 Dec 2024 16:14:11 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
dollaer-symbole.gif
lumpsumrefunds.com/
476 KB
477 KB
Image
General
Full URL
https://lumpsumrefunds.com/dollaer-symbole.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04cd4a862929df7798d4620f81cce8a6a881ffdde997061f30b1bd97030c5b0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"f01133435a67a732721cae4c49feb6a3"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
3HpacJOH3lOk6ZKicMdPbLkY-rMgLrSo4YqhlZkoeWR6DAX7F0D_9Q==
date
Tue, 17 Dec 2024 16:14:13 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
image/gif
last-modified
Thu, 12 Dec 2024 20:48:00 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
487808
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
bbc.199e481b.png
lumpsumrefunds.com/static/media/
16 KB
17 KB
Image
General
Full URL
https://lumpsumrefunds.com/static/media/bbc.199e481b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5d022e3800a991839a37f3803420d7c0cb8bbf3feaf0d8dcf6c01176275db30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"9dae2cf9a3111b54c5a743ac8e64386c"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
aVtsJL23PdoeGnQxrjpfJxRKSAXnPuUpHejKCz9J_9mn0CrhGIN18Q==
date
Tue, 17 Dec 2024 16:14:13 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
image/png
last-modified
Thu, 12 Dec 2024 20:48:03 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
16723
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5101bca43c9d312fa4bb8b0ffd788c56ff920bb67dddce7b915f00f3a6c6b5b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
cloudflare.7187d537.png
lumpsumrefunds.com/static/media/
11 KB
12 KB
Image
General
Full URL
https://lumpsumrefunds.com/static/media/cloudflare.7187d537.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3835f32dd20b485d4a676d84bb053d52ffc58f3521b4bb9f42daf66aa481d1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"94fd2937299ddae2bef042d5ddecab46"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
1WcYXuVWvOQCIIUzWYR0muiRAygkN9dupwREXBIIRW7VXIT3OzowZQ==
date
Tue, 17 Dec 2024 16:14:13 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
image/png
last-modified
Thu, 12 Dec 2024 20:48:06 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
11353
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
fca.16e725ea.png
lumpsumrefunds.com/static/media/
13 KB
14 KB
Image
General
Full URL
https://lumpsumrefunds.com/static/media/fca.16e725ea.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23c697ca13a6a4479b8957fcf176f959d0ef74a22a1ac9c1c191176439dd66a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"e6c1bf424a0d27dd8c157210103d5bc5"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
FRmHZjvsaMiiORVOLT30R2C950zG7Dt9vPYyMjLlsFYa2eRK6WucYQ==
date
Tue, 17 Dec 2024 16:14:13 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
image/png
last-modified
Thu, 12 Dec 2024 20:48:08 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
13808
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4882c6763726b1ae3e930dd7a74caedade738b0a690d72c44589155d1683c64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ba6a16affe831e2ae463ff5cea96f78069d2322ce1a71bce37f6caa9054800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda79e474461428dd7a88c0a16f390f78d394bd97122b80e7dceef5aa7601d9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
094bab3b5cae02ee4bec58f43776a1e10cd6088d583f7793a7ad92e240412aae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ec92f72a5c5c6e6bdae7c6026faf56943e91ca3434f9e98ea0baa2a5daf732d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e7112001b3815c31bfba533d01c5fc434c92ce8338e95bacfabba709bb62309

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
insurance-cars-min.d7bc9de8.webp
lumpsumrefunds.com/static/media/
37 KB
38 KB
Image
General
Full URL
https://lumpsumrefunds.com/static/media/insurance-cars-min.d7bc9de8.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1516103e0ea08b970da9e8d50cc3abc78c81feda00ff2d3b55f81ebe7e24f93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"95d8e53479b4ffcc6f665c7503ce836d"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
eM9TU8WYLSP_KcHmiZGUZYwj7zHDtXtF1qioUllkiGNA7-j1DNGlTw==
date
Tue, 17 Dec 2024 16:14:13 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
application/octet-stream
last-modified
Thu, 12 Dec 2024 20:48:05 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
37768
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
CarsNew.4c1b9654.mp4
lumpsumrefunds.com/static/media/
36 KB
0
Media
General
Full URL
https://lumpsumrefunds.com/static/media/CarsNew.4c1b9654.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"712427332ff78e89165dee47c98e1635"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
l7OKJmD8karlZzvW3wo1LxyjCHfsLsudhpJ3tsDXL9ValUtCXfXLEg==
date
Tue, 17 Dec 2024 16:14:13 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
content-type
video/mp4
last-modified
Thu, 12 Dec 2024 20:48:06 GMT
Content-Range
bytes 0-634973/634974
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
Content-Length
634974
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
logo-new-white.9b40f679.png
lumpsumrefunds.com/static/media/
15 KB
16 KB
Image
General
Full URL
https://lumpsumrefunds.com/static/media/logo-new-white.9b40f679.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dcca918aa668472909d20321569468f27e78d889c07c05a339e5c657db89f39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f319f860-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"d434cfe00fb6e16592a876a712134b64"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
nqDbOlhFCay_c284k7Qd0Du1MUpdleUJuZevAt9jWIY-CUX2uWcqSA==
date
Tue, 17 Dec 2024 16:14:13 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
image/png
last-modified
Thu, 12 Dec 2024 20:48:09 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
15627
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
chevron-down.16fe14e1.svg
lumpsumrefunds.com/static/media/
282 B
877 B
Image
General
Full URL
https://lumpsumrefunds.com/static/media/chevron-down.16fe14e1.svg
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/css/main.a60e467d.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcc76f5854aeed5fb9dc59cdeba5992c610beb4efe53bbfc5efc435e5f72bf96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/static/css/main.a60e467d.chunk.css

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"cd14b1611da1d5e8b55940634222ff01"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
DVcrsnMXnCEVyTxR7Voh3cSAMblwtebN95dNcqlkn_BWHZeVkdlzYg==
date
Tue, 17 Dec 2024 16:14:13 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
image/svg+xml
last-modified
Thu, 12 Dec 2024 20:48:12 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
282
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lumpsumrefunds.com
Referer
https://fonts.googleapis.com/

Response headers

age
540355
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 10:08:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 10:08:16 GMT
last-modified
Wed, 04 Dec 2024 06:53:49 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7840
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lumpsumrefunds.com
Referer
https://fonts.googleapis.com/

Response headers

age
446610
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 12:10:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 12:10:41 GMT
last-modified
Wed, 04 Dec 2024 06:53:31 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lumpsumrefunds.com
Referer
https://fonts.googleapis.com/

Response headers

age
258217
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 16:30:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 16:30:34 GMT
last-modified
Wed, 04 Dec 2024 06:53:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lumpsumrefunds.com
Referer
https://fonts.googleapis.com/

Response headers

age
258949
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 16:18:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 16:18:22 GMT
last-modified
Wed, 04 Dec 2024 06:53:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7632
x-xss-protection
0
server
sffe
data-ingestion-pipeline
app.leadfinery.com/api/mycg104/live/v1/
20 B
486 B
XHR
General
Full URL
https://app.leadfinery.com/api/mycg104/live/v1/data-ingestion-pipeline
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-64.iad12.r.cloudfront.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Authorization
Bearer ukcyzIvdns13ax7MFAKRlJU6h2eWpH0f
Referer
https://lumpsumrefunds.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

access-control-max-age
86400
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
via
1.1 b227700af62579dd9e3f1b8495ccbf04.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
PQfNvhX-OVPMt906isThd1neqQHAxKr1HdSIysxmNgd8pNkqr6TySQ==
date
Tue, 17 Dec 2024 16:14:12 GMT
content-type
application/json
vary
Authorization
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
IAD12-P5
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
unifiedPixel
tr.outbrain.com/
53 B
321 B
Fetch
General
Full URL
https://tr.outbrain.com/unifiedPixel?au=false&bust=07427784283943559&referrer=&marketerId=00e12a5d0ea58200328b3f04fd9494b006%2C00644d33a207422eb19f7678ff2def586d&name=PAGE_VIEW&dl=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&g=1&zone=all&obApiVersion=1.1&obtpVersion=2.18.155
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
54
content-encoding
br
date
Tue, 17 Dec 2024 16:14:11 GMT
content-type
image/gif;
x-traceid
99b1a5243e81cc57566f2285db738d75
collect
b.clarity.ms/
0
0

collect
b.clarity.ms/
0
282 B
XHR
General
Full URL
https://b.clarity.ms/collect
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lumpsumrefunds.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://lumpsumrefunds.com
Date
Tue, 17 Dec 2024 16:14:11 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=163426526525291&ev=PageView&dl=https%3A%2F%2Flumpsumrefunds.com&rl=&if=false&ts=1734452051856&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=4124&fbp=fb.1.1734452050526.25594251156696879&pm=1&hrl=33ec1a&ler=empty&cdl=API_unavailable&it=1734452050323&coo=false&cs_cc=1&cas=8832914746824157%2C8621232261323083%2C7926908140744760%2C9491842794168872%2C8578092195610048%2C27422421797406630%2C7914295385337754%2C27232864539691290%2C8537625052941913%2C8477290475722201%2C27260508556896951%2C8236220353153070%2C8913553258679183%2C8585171578210363%2C8515924708495153%2C8256135364508339%2C8763718520324534%2C8713225928691943%2C7936701793087861%2C7861498620585124%2C8597110100307565%2C7890436564406226%2C26618995857691464%2C7917721194937807%2C26438935945697646%2C7807960069297031%2C8076710192386887%2C7558959617534552%2C8274447969231800&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=28, mss=1232, tbw=10287, tp=28, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 17 Dec 2024 16:14:11 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=163426526525291&ev=PageView&dl=https%3A%2F%2Flumpsumrefunds.com&rl=&if=false&ts=1734452051856&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=4124&fbp=fb.1.1734452050526.25594251156696879&pm=1&hrl=33ec1a&ler=empty&cdl=API_unavailable&it=1734452050323&coo=false&cs_cc=1&cas=8832914746824157%2C8621232261323083%2C7926908140744760%2C9491842794168872%2C8578092195610048%2C27422421797406630%2C7914295385337754%2C27232864539691290%2C8537625052941913%2C8477290475722201%2C27260508556896951%2C8236220353153070%2C8913553258679183%2C8585171578210363%2C8515924708495153%2C8256135364508339%2C8763718520324534%2C8713225928691943%2C7936701793087861%2C7861498620585124%2C8597110100307565%2C7890436564406226%2C26618995857691464%2C7917721194937807%2C26438935945697646%2C7807960069297031%2C8076710192386887%2C7558959617534552%2C8274447969231800&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449414836507173965"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:14:11 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
A0A+kvldFjpjuFz2FefdLLNuFAZKClXYlE1jI9gxRlVLezXWpGpOqA9PiDy+bg7O5KERod2s27G9M3ys55vu1Q==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449414836507173965", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=28, mss=1232, tbw=10479, tp=30, tpl=0, uplat=39, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
pixel
analytics.tiktok.com/api/v2/
0
719 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 17 Dec 2024 16:14:11 GMT
server-timing
inner; dur=21, cdn-cache; desc=MISS, edge; dur=10, origin; dur=31
x-cache
TCP_MISS from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 16:14:11 GMT
x-akamai-request-id
8e626d56
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438678e1de32340028fa52619d2f4f7a26f241498efdc0add3c6ad1d9fc0fdff806761c458e8b37b4dbf708538ce94324ad097c2c80ab5dcd5ca1fce6762fe5d8d009ed52ff6a5144d9ba8b12a012b042c59
x-origin-response-time
31,23.218.223.74
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412171614114C31C50869B9FABC506C-4DC60EF365D8A6D6-00
content-length
0
x-tt-logid
202412171614114C31C50869B9FABC506C
server
nginx
pixel
analytics.tiktok.com/api/v2/
0
721 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 17 Dec 2024 16:14:11 GMT
server-timing
inner; dur=21, cdn-cache; desc=MISS, edge; dur=9, origin; dur=24
x-cache
TCP_MISS from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 16:14:11 GMT
x-akamai-request-id
8e626d5d
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438678e1de32340028fa52619d2f4f7a26f24837fa2994ebb96e067c2c41e2578da774322504c1a0af85a9660f3baf7fb68d53e326c11d6e1db32bd7097fe6f6bde2c9b5397c0f17bda4518a6f8a1a720f5f
x-origin-response-time
24,23.218.223.74
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241217161411F04FFC3D7FBFF3FEFB8E-27EBE4AC6860C032-00
content-length
0
x-tt-logid
20241217161411F04FFC3D7FBFF3FEFB8E
server
nginx
unip
trc-events.taboola.com/1765137/log/3/
0
248 B
XHR
General
Full URL
https://trc-events.taboola.com/1765137/log/3/unip?en=pre_d_eng_tb&tos=1604&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1734452051874&vi=1734452050265&ri=a34e3071daa0c19594e2682a7ca4b385&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-origin
https://lumpsumrefunds.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 17 Dec 2024 16:14:12 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1778706/log/3/
0
632 B
XHR
General
Full URL
https://trc-events.taboola.com/1778706/log/3/unip?en=pre_d_eng_tb&tos=1606&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1734452051877&vi=1734452050265&ri=9e525b7811edcb616df427a347d9735b&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-origin
https://lumpsumrefunds.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 17 Dec 2024 16:14:12 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1780742/log/3/
0
631 B
XHR
General
Full URL
https://trc-events.taboola.com/1780742/log/3/unip?en=pre_d_eng_tb&tos=1607&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1734452051877&vi=1734452050265&ri=c63008904d2e909f436a4c5b46e3acf4&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-origin
https://lumpsumrefunds.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 17 Dec 2024 16:14:12 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
data-ingestion-pipeline
app.leadfinery.com/api/mycg104/live/v1/ Frame
0
0
Preflight
General
Full URL
https://app.leadfinery.com/api/mycg104/live/v1/data-ingestion-pipeline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-64.iad12.r.cloudfront.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://lumpsumrefunds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, private
content-type
application/json
date
Tue, 17 Dec 2024 16:14:12 GMT
server
Apache/2.4.41 (Ubuntu)
via
1.1 b227700af62579dd9e3f1b8495ccbf04.cloudfront.net (CloudFront)
x-amz-cf-id
rfkY5aXsczFkzddY01yrf4g-Yl0UdrTC0os3pkI6HFcxPv0AXX5A3g==
x-amz-cf-pop
IAD12-P5
x-cache
Miss from cloudfront
unip
trc-events.taboola.com/1765137/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1765137/log/3/unip?en=pre_d_eng_tb&tos=1604&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1734452051874&vi=1734452050265&ri=a34e3071daa0c19594e2682a7ca4b385&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://lumpsumrefunds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://lumpsumrefunds.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 17 Dec 2024 16:14:12 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1778706/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1778706/log/3/unip?en=pre_d_eng_tb&tos=1606&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1734452051877&vi=1734452050265&ri=9e525b7811edcb616df427a347d9735b&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://lumpsumrefunds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://lumpsumrefunds.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 17 Dec 2024 16:14:12 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1780742/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1780742/log/3/unip?en=pre_d_eng_tb&tos=1607&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1734452051877&vi=1734452050265&ri=c63008904d2e909f436a4c5b46e3acf4&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://lumpsumrefunds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://lumpsumrefunds.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 17 Dec 2024 16:14:12 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
favicon.a35fb3f3.ico
lumpsumrefunds.com/static/media/
9 KB
0
Other
General
Full URL
https://lumpsumrefunds.com/static/media/favicon.a35fb3f3.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
081b45f8959e2c9c2abc82d6ac87a5157972c050065ac0ad4c83108ce39a1770

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"bcb93e1bd23e7f97b86b51e60f68b801"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
5OqUu8pbfezuXB0JkUwmsc5lHFIJQ9NQgPtcPd5f6ArXveAaiiM75Q==
date
Tue, 17 Dec 2024 16:14:12 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
image/x-icon
last-modified
Thu, 12 Dec 2024 20:48:08 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9328
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
favicon.ico
lumpsumrefunds.com/
9 KB
0
Other
General
Full URL
https://lumpsumrefunds.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
081b45f8959e2c9c2abc82d6ac87a5157972c050065ac0ad4c83108ce39a1770

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"bcb93e1bd23e7f97b86b51e60f68b801"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
UfTBgJ-4hGvcFd1IrGbjk98u16lXOnv1KogXnJCBTjdB4-LKewpOOw==
date
Tue, 17 Dec 2024 16:14:12 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
vary
accept-encoding
content-type
image/x-icon
last-modified
Thu, 12 Dec 2024 20:48:01 GMT
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9328
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
collect
b.clarity.ms/
0
282 B
XHR
General
Full URL
https://b.clarity.ms/collect
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://lumpsumrefunds.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://lumpsumrefunds.com
Date
Tue, 17 Dec 2024 16:14:12 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
CarsNew.4c1b9654.mp4
lumpsumrefunds.com/static/media/
44 KB
45 KB
Media
General
Full URL
https://lumpsumrefunds.com/static/media/CarsNew.4c1b9654.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68e29856b60909ba1815d483249b1cfc2d9afea73afbb71de9995e530596a44f

Request headers

Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=589824-

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"712427332ff78e89165dee47c98e1635"
x-cache
Hit from cloudfront
x-amz-cf-id
m5lC-lbmVdFcpCiqcT--uaKXOMAPJlQqm6YF2KTD1qEIglL_of7qkw==
date
Tue, 17 Dec 2024 16:14:13 GMT
content-type
video/mp4
last-modified
Thu, 12 Dec 2024 20:48:06 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
Content-Range
bytes 589824-634973/634974
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
Content-Length
45150
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
CarsNew.4c1b9654.mp4
lumpsumrefunds.com/static/media/
544 KB
0
Media
General
Full URL
https://lumpsumrefunds.com/static/media/CarsNew.4c1b9654.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:280a:6000:10:1837:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://lumpsumrefunds.com/MYCG_V1?uuid=MYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=32768-

Response headers

x-amz-meta-codebuild-content-md5
61bce2c942aa7ce6aeba965dc66df89a
etag
"712427332ff78e89165dee47c98e1635"
x-cache
Hit from cloudfront
x-amz-cf-id
m5lC-lbmVdFcpCiqcT--uaKXOMAPJlQqm6YF2KTD1qEIglL_of7qkw==
date
Tue, 17 Dec 2024 16:14:13 GMT
content-type
video/mp4
last-modified
Thu, 12 Dec 2024 20:48:06 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-2:135432904977:build/mycg104-fe-prod-builder:4eac24b9-34ce-4eaa-8752-9a28a309307b
Content-Range
bytes 32768-634973/634974
via
1.1 e34f89c4803f73d60eda8162041ff24c.cloudfront.net (CloudFront)
accept-ranges
bytes
Content-Length
602206
x-amz-cf-pop
LAX54-P2
server
AmazonS3
x-amz-meta-codebuild-content-sha256
a60d39d5d23425d66dbe4d5d88db014302bd96bbcdbc367343df01dccc2c9b3c
x-amz-server-side-encryption
AES256
collect
b.clarity.ms/
0
282 B
XHR
General
Full URL
https://b.clarity.ms/collect
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://lumpsumrefunds.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://lumpsumrefunds.com
Date
Tue, 17 Dec 2024 16:14:13 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
unip
trc-events.taboola.com/1765137/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1765137/log/3/unip?en=pre_d_eng_tb&tos=4608&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1734452054879&vi=1734452050265&ri=a34e3071daa0c19594e2682a7ca4b385&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://lumpsumrefunds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://lumpsumrefunds.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 17 Dec 2024 16:14:14 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1778706/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1778706/log/3/unip?en=pre_d_eng_tb&tos=4609&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1734452054880&vi=1734452050265&ri=9e525b7811edcb616df427a347d9735b&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://lumpsumrefunds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://lumpsumrefunds.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 17 Dec 2024 16:14:14 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1780742/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1780742/log/3/unip?en=pre_d_eng_tb&tos=4610&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1734452054881&vi=1734452050265&ri=c63008904d2e909f436a4c5b46e3acf4&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://lumpsumrefunds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://lumpsumrefunds.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 17 Dec 2024 16:14:14 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1765137/log/3/
0
248 B
XHR
General
Full URL
https://trc-events.taboola.com/1765137/log/3/unip?en=pre_d_eng_tb&tos=4608&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1734452054879&vi=1734452050265&ri=a34e3071daa0c19594e2682a7ca4b385&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-origin
https://lumpsumrefunds.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 17 Dec 2024 16:14:14 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1778706/log/3/
0
632 B
XHR
General
Full URL
https://trc-events.taboola.com/1778706/log/3/unip?en=pre_d_eng_tb&tos=4609&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1734452054880&vi=1734452050265&ri=9e525b7811edcb616df427a347d9735b&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-origin
https://lumpsumrefunds.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 17 Dec 2024 16:14:14 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1780742/log/3/
0
632 B
XHR
General
Full URL
https://trc-events.taboola.com/1780742/log/3/unip?en=pre_d_eng_tb&tos=4610&scd=0&ssd=2&est=1734452050270&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1734452054881&vi=1734452050265&ri=c63008904d2e909f436a4c5b46e3acf4&ref=null&cv=20241215-2-RELEASE&item-url=https%3A%2F%2Flumpsumrefunds.com%2FMYCG_V1%3Fuuid%3DMYCG104-f3c8aef0-bc91-11ef-822f-a58b2a6fc340&it=JS_PIXEL
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://lumpsumrefunds.com/

Response headers

access-control-allow-origin
https://lumpsumrefunds.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 17 Dec 2024 16:14:14 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-GTHXSQWF03&gtm=45je4cc1v884573084za200zb847680788&_p=1734452049635&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1109331462.1734452050&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&sid=1734452050&sct=1&seg=0&dl=https%3A%2F%2Flumpsumrefunds.com%2F&dt=&_s=2&tfd=6436
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lumpsumrefunds.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://lumpsumrefunds.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 16:14:15 GMT
content-type
text/plain
server
Golfe2
collect
b.clarity.ms/
0
282 B
XHR
General
Full URL
https://b.clarity.ms/collect
Requested by
Host: lumpsumrefunds.com
URL: https://lumpsumrefunds.com/static/js/19.e94e594d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://lumpsumrefunds.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://lumpsumrefunds.com
Date
Tue, 17 Dec 2024 16:14:15 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b.clarity.ms
URL
https://b.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| dataLayer object| google_tag_manager object| google_tag_data function| clarity function| fbq function| _fbq object| _fbq_gtm_ids function| rdt object| __tfa_pixel_init object| _tfa string| TiktokAnalyticsObject object| ttq function| obApi function| twq function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO function| redditNormalizeEmail function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM object| regeneratorRuntime object| twttr object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| webpackJsonpboiler-plate object| obBundle function| setImmediate function| clearImmediate object| __SENTRY__ function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded number| 2f1acc6c3a606b082e5eef5e54414ffb

31 Cookies

Domain/Path Name / Value
.taboola.com/londonbridgeperformancemedia-james-mcg-lumpsumrefunds-sc/ Name: taboola_session_id
Value: v2_2c3d582024ad0a5ccf05f4a99329bc16_690b3fca-4bd6-4810-99ad-925688f5b33f-tucte5b28d2_1734452050_1734452050_CNawjgYQhthsGNnyl6u9MiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABo3YTkhJGMpYzqAXABgAEA
.taboola.com/londonbridgeperformancemedia-james-thepcpguys-sc/ Name: taboola_session_id
Value: v2_33c61b0b6d450c0127f973b11516bdca_e2ef6686-3115-4f0c-a6bd-801799f8908e-tucte5b28d2_1734452050_1734452050_CNawjgYQkshsGNnyl6u9MiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABo3YTkhJGMpYzqAXABgAEA
.lumpsumrefunds.com/ Name: _gcl_au
Value: 1.1.741122906.1734452050
.lumpsumrefunds.com/ Name: _ga
Value: GA1.1.1109331462.1734452050
.tiktok.com/ Name: _ttp
Value: 2qLq9LNVMoVj2XlPcQhlYG53wwY
.lumpsumrefunds.com/ Name: _rdt_uuid
Value: 1734452050262.65772847-b530-4623-9347-1cff453123a2
www.clarity.ms/ Name: CLID
Value: 66991d3332cb442e9ec702c786e918c9.20241217.20251217
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.lumpsumrefunds.com/ Name: _clck
Value: 1dymztc%7C2%7Cfrs%7C0%7C1812
.lumpsumrefunds.com/ Name: _fbp
Value: fb.1.1734452050526.25594251156696879
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
.taboola.com/ Name: t_gid
Value: e2ef6686-3115-4f0c-a6bd-801799f8908e-tucte5b28d2
.taboola.com/ Name: t_pt_gid
Value: e2ef6686-3115-4f0c-a6bd-801799f8908e-tucte5b28d2
.lumpsumrefunds.com/ Name: _tt_enable_cookie
Value: 1
.lumpsumrefunds.com/ Name: _ttp
Value: BMGMMXef0PMlWi_5-qwqbGSKmVZ.tt.1
.t.co/ Name: muc_ads
Value: 3ebf81a9-e284-4f0f-a738-05c223e722d1
.t.co/ Name: __cf_bm
Value: IcDmsjTnnkHbDb8zuV4wkajtitSNKq1mcTNFwJJb0pk-1734452050-1.0.1.1-SooGngWr7rqMJoSMki_mIcjL6YBGmje3uwxyBrBJ31Fcnejw.ND6Khd.UIJTjzzxuipBBHok0I1bz6edXX6jBg
lumpsumrefunds.com/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1734452050606%7D
.twitter.com/ Name: guest_id_marketing
Value: v1%3A173445205057550507
.twitter.com/ Name: guest_id_ads
Value: v1%3A173445205057550507
.twitter.com/ Name: personalization_id
Value: "v1_7BcHlC0RgGO/cdZmbydaYA=="
.twitter.com/ Name: guest_id
Value: v1%3A173445205057550507
.bing.com/ Name: MUID
Value: 24BC0BD3D72D64D72D691E8BD6FB65F7
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 24BC0BD3D72D64D72D691E8BD6FB65F7
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 24BC0BD3D72D64D72D691E8BD6FB65F7
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.lumpsumrefunds.com/ Name: _clsk
Value: 1prxm90%7C1734452052311%7C3%7C1%7Cb.clarity.ms%2Fcollect
.lumpsumrefunds.com/ Name: _ga_GTHXSQWF03
Value: GS1.1.1734452050.1.1.1734452052.58.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
amplify.outbrain.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
api.adtopiaglobal.com
app.leadfinery.com
b.clarity.ms
c.bing.com
c.clarity.ms
cdn.taboola.com
cds.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lumpsumrefunds.com
pips.taboola.com
pixel-config.reddit.com
psb.taboola.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
www.clarity.ms
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.redditstatic.com
b.clarity.ms
104.244.42.3
141.226.224.32
141.226.224.48
142.250.31.156
142.251.179.94
146.75.80.157
151.101.1.140
151.101.129.140
151.101.193.44
151.101.65.44
157.240.229.1
157.240.229.35
172.66.0.227
18.134.235.212
184.29.129.105
20.110.205.119
23.205.107.91
2600:9000:280a:6000:10:1837:2b40:93a1
2607:f8b0:4004:c09::9a
2607:f8b0:400d:c04::61
2607:f8b0:400d:c09::71
2607:f8b0:400d:c0f::5f
2607:f8b0:400d:c1d::9c
2620:1ec:29:1::40
2620:1ec:c11::237
2a04:4e42:400::396
3.171.100.64
4.153.129.168
64.202.112.95
74.125.192.104
74.125.192.94
04cd4a862929df7798d4620f81cce8a6a881ffdde997061f30b1bd97030c5b0a
081b45f8959e2c9c2abc82d6ac87a5157972c050065ac0ad4c83108ce39a1770
094bab3b5cae02ee4bec58f43776a1e10cd6088d583f7793a7ad92e240412aae
09963444290ea50c2350c32dd3c004246aa71d541bf3d30fcecb884a1e71cf7c
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35
1077c64da4883eb541bb2ee040a9d4231eae127a1bee4a61d958d16f936693d5
11e1032a066a63ae1e8d9c1853c791255bc3bb974485483c663d6c6cffd373d9
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
18485591c71de4a635e597388edfbdd8af4bf30aa3a89b859aba93bc56ad4422
1b28e4e4e5175472ae73389877da4e6ba73ae9575abd2a850a8cc7206748bd5b
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1dcca918aa668472909d20321569468f27e78d889c07c05a339e5c657db89f39
203a4243eefda480b009db7f713b1d26fe1153740913bd227a42eeeae29ccb68
22c3e32be01d8accada02d536093064df81aa7f0a922dde057e3e5fb8ea240ff
22c4e7e7911b6eabb9a1fd2b56b4fb8b7ce737c51440226307abc019981fb88a
23bda3245683efabea34f31c1bbe6ebde7df6934a0ac8f9735719547229e3a59
23c697ca13a6a4479b8957fcf176f959d0ef74a22a1ac9c1c191176439dd66a9
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2e7112001b3815c31bfba533d01c5fc434c92ce8338e95bacfabba709bb62309
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665
3bcd40ce85506f5e5c538837b52c2d92d29ae7a559b2d896fbb4997486563c6d
3cd49f84a97ab602eb06cd7bbb0a6c0c2ea42c4d82897551c828e01ff43b0a7c
3fa3beaf63b01f52e464cc2bc72e65e5441b4475d46cd755635d2ade8ef37004
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5101bca43c9d312fa4bb8b0ffd788c56ff920bb67dddce7b915f00f3a6c6b5b2
5ec92f72a5c5c6e6bdae7c6026faf56943e91ca3434f9e98ea0baa2a5daf732d
6632c3dccbb84cae7d36ccbd1867a58712df99e1e3eeba1df70355a2ccdce428
68e29856b60909ba1815d483249b1cfc2d9afea73afbb71de9995e530596a44f
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
6ddf43a4dbf2df2b3912233a4c8085c6a1850678f3ce7d39839d518d251c6d63
6eba9efd57c661799403811e6bc089c1be50d43bcb803a7d1b286fb35c3055f1
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d60c0cd0647ecb04df42bcfd2acd351c105c2d89e2b401ba03b0845336170e7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
89ba6a16affe831e2ae463ff5cea96f78069d2322ce1a71bce37f6caa9054800
8d492781beeafe263fa1fbf654ed9ded43af6cf03333880afe8d85dd4710e27e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
967a62bc54ba73fe5ae9a8fa74e8311c6fc2d2f737ca058e594c4c0b6515034d
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a5d022e3800a991839a37f3803420d7c0cb8bbf3feaf0d8dcf6c01176275db30
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b6858abf34ee4638e77520c3dd5886e2343f020a9093e47f70bf585da28b805d
b9525c98509d54b644a4aa7d6c11fc1377fbd971d9d8a97aa1c5bf9a2902e146
ba9c60b8cad1781bc505d42567ff772a66e68b10b69f6386df1f2cc6e55c871d
bc49afd02cc764f790ab4473b409a1ded3c556ee50225613087ffe40d16745e2
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bf6427d0300d30c668907521399e01b393a3e2cb08646c61b658807261d23ddc
c1516103e0ea08b970da9e8d50cc3abc78c81feda00ff2d3b55f81ebe7e24f93
c4882c6763726b1ae3e930dd7a74caedade738b0a690d72c44589155d1683c64
c89a01823a30be01a06afbdfa908570320e9cf4d14955b0f6ccb4fda1037cca8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cda79e474461428dd7a88c0a16f390f78d394bd97122b80e7dceef5aa7601d9d
cf18b995260e90fbc843f87219dec7946706f7b5f64eb074f38e9a8815f6c517
d19369f940c964544d1d9f0e5b3db573fd60327c859cf3191112d294c46c24ef
d1b5e75ed44ca9ab1aa8e7d6e7a542e943bc95cb43adb8757734322d761478a2
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215
dcc76f5854aeed5fb9dc59cdeba5992c610beb4efe53bbfc5efc435e5f72bf96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d96c1fbc79df957a67507e8aaa3e6ad65d7c8f23da04cb28d50c211fc09cf6
f3835f32dd20b485d4a676d84bb053d52ffc58f3521b4bb9f42daf66aa481d1b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f659da832c050732074ab891e82a702a60056e1317c51f9b645a773029b24c7d
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb944a5568fbf3e739ec638e9459c5f1a3cdbc8073dfb7dcd6f0ae3df4720ba4